NSX-T Data Center REST API
ALBAuthToken (type)
{
"description": "ALB Auth Token",
"id": "ALBAuthToken",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"hours": {
"description": "Hours to validate the token",
"required": true,
"title": "hours",
"type": "string"
},
"token": {
"description": "Token for Avi Controller.",
"title": "Token for Avi Controller",
"type": "string"
},
"username": {
"description": "controller username.",
"required": true,
"title": "username",
"type": "string"
}
},
"title": "Auth Token",
"type": "object"
}
ALBControllerAdminCredential (type)
{
"description": "Advanced Load Balancer Controller admin user credential for validation.",
"id": "ALBControllerAdminCredential",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"password": {
"description": "Password for the NSX Advanced Load Balancer Controller Cluster admin user.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
}
},
"title": "ALBControllerAdminCredential",
"type": "object"
}
ALBControllerBackupConfiguration (type)
{
"description": "Advanced Load Balancer Controller Backup Configuration",
"id": "ALBControllerBackupConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"backup_location": {
"description": "Directory in backup server.",
"required": true,
"title": "Directory in backup server",
"type": "string"
},
"backup_passphrase": {
"description": "Passphrase for in the backup.",
"required": true,
"sensitive": true,
"title": "Passphrase for in the backup",
"type": "secure_string"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"password": {
"description": "Backup server password.",
"required": true,
"sensitive": true,
"title": "Backup server password",
"type": "secure_string"
},
"server_address": {
"$ref": "HostnameOrIPv4Address,
"description": "Backup server address.",
"required": true,
"title": "Backup server address"
},
"username": {
"description": "Backup server username.",
"required": true,
"title": "Backup server username",
"type": "string"
}
},
"title": "ALBControllerBackupConfiguration",
"type": "object"
}
ALBControllerCertificate (type)
{
"description": "Advanced Load Balancer Controller portal certificate",
"id": "ALBControllerCertificate",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"cert": {
"description": "Advanced Load Balancer Controller portal certificate or CSR.",
"required": false,
"title": "Advanced Load Balancer Controller portal certificate or CSR",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"csr": {
"description": "Advanced Load Balancer Controller portal certificate or CSR.",
"required": false,
"title": "Advanced Load Balancer Controller portal certificate or CSR",
"type": "string"
},
"name": {
"description": "Name of Advanced Load Balancer Controller portal certificate or CSR.",
"required": true,
"title": "Name of Advanced Load Balancer Controller portal certificate or CSR",
"type": "string"
}
},
"title": "ALBControllerCertificate",
"type": "object"
}
ALBControllerCertificateCsr (type)
{
"description": "CSR for Advanced Load Balancer Controller portal certificate",
"id": "ALBControllerCertificateCsr",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"algorithm": {
"description": "Algorithm for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Algorithm for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"common_name": {
"description": "Common name for Advanced Load Balancer Controller portal certificate.",
"required": true,
"title": "Common name for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"country": {
"description": "Country name for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Country name for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"email": {
"description": "Email for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Email for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"key_size": {
"description": "Key size for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Key size for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"locality": {
"description": "Location or region for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Location or region for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"organization": {
"description": "Organization for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Organization for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"organization_unit": {
"description": "Organization unit for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "Organization unit for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"state_name": {
"description": "State name for Advanced Load Balancer Controller portal certificate.",
"required": false,
"title": "State name for Advanced Load Balancer Controller portal certificate",
"type": "string"
},
"subject_alt_names": {
"description": "List of SAN for Advanced Load Balancer Controller portal certificate.",
"items": {
"type": "string"
},
"required": false,
"title": "List of SAN for Advanced Load Balancer Controller portal certificate",
"type": "array"
}
},
"title": "ALBControllerCertificateCsr",
"type": "object"
}
ALBControllerCertificateParameters (type)
{
"additionalProperties": false,
"id": "ALBControllerCertificateParameters",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"ca_only": {
"description": "If set to True, given CA certificate will be added to NSX truststore, no certificate install will be performed on Advanced Load Balancer Controller.",
"required": false,
"title": "Add given CA certificate to NSX Truststore",
"type": "boolean"
}
},
"type": "object"
}
ALBControllerClusterInfo (type)
{
"additionalProperties": false,
"description": "Advanced Load Balancer controller cluster information about nodes in the cluster and cluster information.",
"id": "ALBControllerClusterInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"cluster_name": {
"description": "Advanced Load Balancer controller cluster name.",
"readonly": true,
"title": "Advanced Load Balancer controller cluster name",
"type": "string"
},
"cluster_state": {
"description": "Advanced Load Balancer controller cluster state.",
"readonly": true,
"title": "Advanced Load Balancer controller cluster state",
"type": "string"
},
"cluster_uuid": {
"description": "ID of the Cluster maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of the cluster used to recognize it",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"error": {
"$ref": "AlbControllerClusterRuntimeError,
"description": "Advanced Load Balancer controller cluster error information, if any.",
"readonly": true,
"title": "Advanced Load Balancer controller cluster error"
},
"nodes": {
"items": {
"$ref": "ALBControllerNodeInfo
},
"title": "Advanced Load Balancer controller node information",
"type": "array"
},
"reason": {
"description": "Advanced Load Balancer cluster state not STABLE reason.",
"readonly": true,
"title": "Advanced Load Balancer cluster state not STABLE reason.",
"type": "string"
},
"version": {
"description": "Advanced Load Balancer controller cluster version.",
"readonly": true,
"title": "Advanced Load Balancer controller cluster version",
"type": "string"
},
"virtual_ip": {
"$ref": "IPAddress,
"description": "Advanced Load Balancer controller cluster virtual_ip.",
"readonly": true,
"title": "Advanced Load Balancer controller cluster VIP"
}
},
"title": "Advanced Load Balancer controller cluster info",
"type": "object"
}
ALBControllerClusterNodeVMFormFactor (type)
{
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE"
],
"id": "ALBControllerClusterNodeVMFormFactor",
"module_id": "PolicyALBControllerDeployment",
"title": "Supported VM form factor for Advanced Load Balancer controller",
"type": "string"
}
ALBControllerClusterTrigger (type)
{
"description": "Advanced Load Balancer controller node clustering trigger response.",
"id": "ALBControllerClusterTrigger",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"status": {
"description": "Advanced Load Balancer controller node clustering trigger status.",
"readonly": true,
"title": "Advanced Load Balancer controller node clustering trigger status",
"type": "string"
}
},
"title": "Advanced Load Balancer controller node clustering trigger response",
"type": "object"
}
ALBControllerClusteringParameters (type)
{
"additionalProperties": false,
"description": "Parameters for filtering the Advanced Load Balancer controller clusters.",
"id": "ALBControllerClusteringParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"clustering_id": {
"description": "Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned.",
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
}
},
"title": "Filtering parameters for Advanced Load Balancer controller clusters.",
"type": "object"
}
ALBControllerConfiguration (type)
{
"additionalProperties": false,
"description": "Alb Controller config details",
"id": "ALBControllerConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"cluster_ip": {
"$ref": "IPAddress,
"description": "The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well.",
"readonly": false,
"required": true,
"title": "Cluster IP of Advanced Load Balancer controller cluster"
},
"default_cert": {
"description": "Advanced Load Balancer controller using default portal certificate.",
"enum": [
true,
false
],
"required": false,
"title": "Advanced Load Balancer controller using default portal certificate.",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"infra_admin_password": {
"description": "Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length.",
"required": true,
"sensitive": true,
"title": "Advanced Load Balancer controller admin password",
"type": "secure_string"
},
"infra_admin_username": {
"description": "Username for server authentication.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": false,
"title": "NTP servers.",
"type": "array"
},
"owned_by": {
"description": "OnBoarding workflow initiates by VCF/Others.",
"enum": [
"LCM",
"VCF"
],
"required": true,
"title": "owned_by",
"type": "string"
}
},
"title": "ALBControllerConfiguration",
"type": "object"
}
ALBControllerNodeFormFactor (type)
{
"additionalProperties": false,
"description": "Advanced Load Balancer node form factor.",
"id": "ALBControllerNodeFormFactor",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"disk": {
"description": "Disk size of the Advanced Load Balancer controller node in Bytes.",
"readonly": true,
"title": "Disk size of the Advanced Load Balancer controller node in Bytes",
"type": "integer"
},
"memory": {
"description": "Memory size of the Advanced Load Balancer controller node in Bytes.",
"readonly": true,
"title": "Memory size of the Advanced Load Balancer controller node in Bytes",
"type": "integer"
},
"type": {
"$ref": "ALBControllerClusterNodeVMFormFactor,
"description": "Advanced Load Balancer controller node form factor type.",
"readonly": true,
"title": "Advanced Load Balancer controller node form factor type"
},
"vcpu": {
"description": "Number of virtual cpus on the Advanced Load Balancer controller node.",
"readonly": true,
"title": "Number of virtual cpus on the Advanced Load Balancer controller node",
"type": "integer"
}
},
"title": "Advanced Load Balancer controller node form factor",
"type": "object"
}
ALBControllerNodeFormFactors (type)
{
"id": "ALBControllerNodeFormFactors",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"form_factors": {
"items": {
"$ref": "ALBControllerNodeFormFactor
},
"title": "Advanced Load Balancer controller form factor list",
"type": "array"
}
},
"title": "Advanced Load Balancer controller form factors list result",
"type": "object"
}
ALBControllerNodeInfo (type)
{
"description": "Advanced Load Balancer controller node information like node IP and node name.",
"id": "ALBControllerNodeInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"is_dhcp": {
"description": "Advanced Load Balancer controller node IP configuration is static or DHCP.",
"readonly": true,
"title": "Is DHCP based IP assignment",
"type": "boolean"
},
"node_ip": {
"$ref": "IPAddress,
"description": "Advanced Load Balancer controller node IP.",
"readonly": true,
"title": "Advanced Load Balancer controller node IP"
},
"node_name": {
"description": "Advanced Load Balancer controller node name.",
"readonly": true,
"title": "Advanced Load Balancer controller node name",
"type": "string"
},
"node_role": {
"description": "Advanced Load Balancer controller node role in cluster.",
"readonly": true,
"title": "Advanced Load Balancer controller node role",
"type": "string"
},
"node_start_time": {
"$ref": "EpochMsTimestamp,
"description": "Advanced Load Balancer controller node start time in its local timezone.",
"readonly": true,
"title": "Advanced Load Balancer controller node start time"
},
"node_state": {
"description": "Advanced Load Balancer controller node current state in the cluster.",
"readonly": true,
"title": "Advanced Load Balancer controller node state",
"type": "string"
},
"vm_id": {
"description": "ID of the VM maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of VM used to recognize it",
"type": "string"
}
},
"title": "Information for Advanced Load Balancer controller nodes",
"type": "object"
}
ALBControllerNodeParameters (type)
{
"additionalProperties": false,
"description": "Parameters for listing the Advanced Load Balancer controller nodes.",
"id": "ALBControllerNodeParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"clustering_id": {
"description": "Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned.",
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"state": {
"description": "If state is pending then pending requests for Advanced Load Balancer controller VMs are shown. If state is deployed then deployed requests for Advanced Load Balancer controller VMs are shown. else show all the Advanced Load Balancer controller deployment requests.",
"enum": [
"DEPLOYED",
"PENDING"
],
"title": "the current state of the Advanced Load Balancer controller VM",
"type": "string"
}
},
"title": "List parameters for Advanced Load Balancer controller nodes",
"type": "object"
}
ALBControllerNodeUserSettings (type)
{
"additionalProperties": false,
"id": "ALBControllerNodeUserSettings",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"admin_password": {
"description": "Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length.",
"required": true,
"sensitive": true,
"title": "Advanced Load Balancer controller admin password",
"type": "secure_string"
},
"admin_ssh_key": {
"description": "To configure ssh into the Advanced Load Balancer controller, this property is required.",
"required": false,
"title": "Admin User SSH key",
"type": "string"
}
},
"type": "object"
}
ALBControllerNodeVMClusterConfig (type)
{
"description": "Contains the cluster configuration for a Advanced Load Balancer controller node VM cluster.",
"extends": {
"$ref": "ManagedResource
},
"id": "ALBControllerNodeVMClusterConfig",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_ip": {
"$ref": "IPAddress,
"description": "The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well.",
"readonly": false,
"required": true,
"title": "Cluster IP of Advanced Load Balancer controller cluster"
},
"cluster_name": {
"description": "The cluster name of the Advanced Load Balancer controller node cluster.",
"readonly": false,
"required": false,
"title": "Cluster name of Advanced Load Balancer controller cluster",
"type": "string"
},
"cluster_uuid": {
"description": "ID of the Cluster maintained internally. This is different from cluster_uuid internal to Advanced Load Balancer controller. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"title": "ID of the Advanced Load Balancer controller cluster used to recognize it",
"type": "string"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Info for Advanced Load Balancer controller node cluster configuration",
"type": "object"
}
ALBControllerNodeVMDeletionParameters (type)
{
"description": "Parameters for deletion of a Advanced Load Balancer controller node VM.",
"id": "ALBControllerNodeVMDeletionParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"force_delete": {
"description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.",
"title": "Delete by force",
"type": "boolean"
},
"inaccessible": {
"description": "If inaccessible is provided along with force_delete and if this is the last node then deployment request will be deleted from NSX even if Policy objects are present.",
"title": "Delete when controller is inaccessible",
"type": "string"
}
},
"title": "Parameters for deleting a deployed Advanced Load Balancer Controller",
"type": "object"
}
ALBControllerNodeVMDeploymentConfig (type)
{
"abstract": true,
"description": "Contains info used to configure the VM on deployment.",
"id": "ALBControllerNodeVMDeploymentConfig",
"module_id": "PolicyALBControllerDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM.",
"enum": [
"AlbControllerVsphereClusterNodeVmDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
}
},
"title": "Configuration for deploying Advanced Load Balancer controller node VM",
"type": "object"
}
ALBControllerNodeVMDeploymentProgressState (type)
{
"description": "Deployment progress state of Advanced Load Balancer controller VM. This Object contains name of current deployment step and overall progress percentage.",
"id": "ALBControllerNodeVMDeploymentProgressState",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"current_step_title": {
"description": "Name of the current running step of deployment",
"readonly": true,
"required": false,
"title": "Name of the current step",
"type": "string"
},
"progress": {
"description": "Overall progress percentage of deployment completed",
"readonly": true,
"required": false,
"title": "Progress percentage",
"type": "integer"
}
},
"title": "Deployment progress of Advanced Load Balancer controller VM",
"type": "object"
}
ALBControllerNodeVMDeploymentRequest (type)
{
"additionalProperties": false,
"description": "Contains the deployment information for a Advanced Load Balancer controller node VM.",
"extends": {
"$ref": "ManagedResource
},
"id": "ALBControllerNodeVMDeploymentRequest",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"deployment_config": {
"$ref": "ALBControllerNodeVMDeploymentConfig,
"description": "Deployment information and basic configuration for the Advanced Load Balancer controller.",
"required": true,
"title": "Deployment config for Advanced Load Balancer controller node VM"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"form_factor": {
"$ref": "ALBControllerClusterNodeVMFormFactor,
"default": "MEDIUM",
"description": "Specifies the desired \"size\" of the VM",
"required": false,
"title": "Form factor for Advanced Load Balancer controller VMs."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sddc_manager": {
"$ref": "HostnameOrIPv4Address,
"description": "FQDN or IP of SDDC Manager for VCF workflow",
"required": false,
"title": "FQDN or IP of SDDC Manager for VCF workflow."
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"user_settings": {
"$ref": "ALBControllerNodeUserSettings,
"description": "SSH key and password for the Advanced Load Balancer controller node VM. Note: SSH key settings will be honored only during VM deployment.",
"required": true,
"sensitive": true,
"title": "User settings for the VM"
},
"vm_id": {
"description": "ID of the VM maintained internally. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"required": false,
"title": "ID of Advanced Load Balancer controller VM used to recognize it",
"type": "string"
}
},
"title": "Info for Advanced Load Balancer controller node deployment request",
"type": "object"
}
ALBControllerNodeVMDeploymentRequestList (type)
{
"additionalProperties": false,
"description": "List of Advanced Load Balancer Controller Deployment Requests.",
"extends": {
"$ref": "ListResult
},
"id": "ALBControllerNodeVMDeploymentRequestList",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"clustering_id": {
"description": "Id to filter NSX Advanced Load Balancer Controllers, if not provided NSX ALB Controllers without clustering Id will be returned.",
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing Advanced Load Balancer Controller Deployment Requests.",
"items": {
"$ref": "ALBControllerNodeVMDeploymentRequest
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ALBControllerNodeVMDeploymentRequest list",
"type": "object"
}
ALBControllerNodeVMDeploymentStatusReport (type)
{
"description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.",
"id": "ALBControllerNodeVMDeploymentStatusReport",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"deployment_progress_state": {
"$ref": "ALBControllerNodeVMDeploymentProgressState,
"description": "Detailed progress state of node VM deployment realization.",
"readonly": true,
"required": false,
"title": "Deployment progress state of node VM"
},
"failure_code": {
"description": "In case of auto-deployment-related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case of auto-deployment-related failure, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the addition or deletion of an auto-deployed Advanced Load Balancer controller node VM.",
"enum": [
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"VM_POWER_ON_SUCCESSFUL",
"VM_REGISTRATION_IN_PROGRESS",
"VM_REGISTRATION_SUCCESSFUL",
"VM_REGISTRATION_FAILED",
"VM_WAITING_TO_COME_ONLINE",
"VM_ONLINE_FAILED",
"VM_CONFIGURATION_IN_PROGRESS",
"VM_CONFIGURATION_SUCCESSFUL",
"VM_CONFIGURATION_FAILED",
"VM_CLUSTERING_QUEUED",
"VM_CLUSTERING_IN_PROGRESS",
"VM_CLUSTERING_SUCCESSFUL",
"VM_CLUSTERING_FAILED",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"WAITING_TO_UNDEPLOY_VM",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"UNKNOWN_STATE"
],
"required": true,
"title": "Auto-deployed VM's deployment status",
"type": "string"
}
},
"title": "Report of a VM's deployment status",
"type": "object"
}
ALBControllerNodeVMUpdateParameters (type)
{
"description": "Parameters for updating Advanced Load Balancer Controller node VM password, DNS and NTP related configuration",
"id": "ALBControllerNodeVMUpdateParameters",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"running_config": {
"description": "If true, then the configuration will be updated in the running Advanced Load Balancer Controllers as well.",
"title": "Update Advanced Load Balancer Controller runtime config as well",
"type": "boolean"
}
},
"title": "Parameters for updating Advanced Load Balancer Controller request",
"type": "object"
}
ALBControllerSystemConfiguration (type)
{
"description": "Advanced Load Balancer Controller System Configuration",
"id": "ALBControllerSystemConfiguration",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"backup_server_config": {
"$ref": "ALBControllerBackupConfiguration,
"description": "Backup server configuration for Advanced Load Balancer Controller.",
"required": false,
"title": "Backup server configuration for Advanced Load Balancer Controller"
},
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": false,
"title": "NTP servers.",
"type": "array"
}
},
"title": "ALBControllerSystemConfiguration",
"type": "object"
}
ALBControllerSystemConfigurationResponse (type)
{
"description": "Advanced Load Balancer controller node system configuration update response.",
"id": "ALBControllerSystemConfigurationResponse",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"status": {
"description": "Advanced Load Balancer controller node system configuration update status.",
"readonly": true,
"title": "Advanced Load Balancer controller node system configuration update status",
"type": "string"
}
},
"title": "Advanced Load Balancer controller node system configuration update response",
"type": "object"
}
ALBControllerUserCredential (type)
{
"description": "Advanced Load Balancer Controller service user credential.",
"id": "ALBControllerUserCredential",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"clustering_id": {
"description": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"readonly": true,
"required": false,
"title": "Unique Id for NSX Advanced Load Balancer Controller Cluster used in VCF managed NSX.",
"type": "string"
},
"password": {
"description": "Password for the user credential object.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"user_credential_type": {
"description": "Type of user credential.",
"enum": [
"CONTROLLER_ADMIN_USER_CREDENTIAL",
"VCENTER_SERVICE_USER_CREDENTIAL",
"NSX_SERVICE_USER_CREDENTIAL"
],
"required": true,
"title": "Type of user credential",
"type": "string"
},
"username": {
"description": "Username for the credential object.",
"required": true,
"title": "Username",
"type": "string"
}
},
"title": "ALBControllerServiceUserCredential",
"type": "object"
}
ALBControllerUserCredentialResponse (type)
{
"description": "Advanced Load Balancer Controller service user credential response",
"id": "ALBControllerUserCredentialResponse",
"module_id": "PolicyALBControllerOnBoarding",
"properties": {
"user_credential_type": {
"description": "Type of user credential.",
"enum": [
"CONTROLLER_ADMIN_USER_CREDENTIAL",
"VCENTER_SERVICE_USER_CREDENTIAL",
"NSX_SERVICE_USER_CREDENTIAL"
],
"required": true,
"title": "Type of user credential",
"type": "string"
},
"username": {
"description": "Username for the user credential object.",
"required": true,
"title": "Username",
"type": "string"
}
},
"title": "ALBControllerUserCredentialResponse",
"type": "object"
}
ALBEnforcementPointState (type)
{
"description": "Valid ENUM values for ALBEnforcementPointState",
"enum": [
"ACTIVATE",
"DEACTIVATE_PROVIDER",
"DEACTIVATE_API"
],
"id": "ALBEnforcementPointState",
"module_id": "PolicyEnforcementPointManagement",
"title": "Enforcement point state for ALB",
"type": "string"
}
ALGTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement
},
"id": "ALGTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "ALGTypeNSService"
},
"properties": {
"alg": {
"description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead.",
"enum": [
"ORACLE_TNS",
"FTP",
"SUN_RPC_TCP",
"SUN_RPC_UDP",
"MS_RPC_TCP",
"MS_RPC_UDP",
"NBNS_BROADCAST",
"NBDG_BROADCAST",
"TFTP"
],
"required": true,
"title": "The Application Layer Gateway (ALG) protocol",
"type": "string"
},
"destination_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"minItems": 1,
"required": true,
"title": "The destination_port cannot be empty and must be a single value.",
"type": "array"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
},
"source_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"title": "Source ports",
"type": "array"
}
},
"title": "An NSService element that represents an ALG protocol",
"type": "object"
}
ALGTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "ALGTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ALGTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alg": {
"description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead.",
"enum": [
"ORACLE_TNS",
"FTP",
"SUN_RPC_TCP",
"SUN_RPC_UDP",
"MS_RPC_TCP",
"MS_RPC_UDP",
"NBNS_BROADCAST",
"NBDG_BROADCAST",
"TFTP"
],
"required": true,
"title": "The Application Layer Gateway (ALG) protocol",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "The destination_port cannot be empty and must be a single value.",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"source_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An ServiceEntry that represents an ALG protocol",
"type": "object"
}
AbstractSpace (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents the space in which the policy is being defined.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AbstractSpace",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "The space in which policy is being defined",
"type": "object"
}
AcceptableComponentVersion (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VersionList
},
"id": "AcceptableComponentVersion",
"module_id": "VersionWhitelist",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptable_versions": {
"items": {
"type": "string"
},
"required": true,
"title": "List of component versions",
"type": "array"
},
"component_type": {
"enum": [
"HOST",
"EDGE",
"CCP",
"MP"
],
"required": true,
"title": "Node type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AcceptableComponentVersionList (type)
{
"additionalProperties": false,
"id": "AcceptableComponentVersionList",
"module_id": "VersionWhitelist",
"properties": {
"results": {
"items": {
"$ref": "AcceptableComponentVersion
},
"required": true,
"title": "Acceptable version whitelist for different components",
"type": "array"
}
},
"type": "object"
}
Action (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Reaction Action is the action to take when the stipulated criteria specified in the event exist over the source. Some example actions include: - Notify Admin (or VMC's SRE) via email. - Populate a specific label with the IPSec VPN Session. - Remove the IPSec VPN Session from a specific label.",
"id": "Action",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Reaction Action",
"type": "object"
}
ActionRequest (type)
{
"additionalProperties": false,
"id": "ActionRequest",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"description": "Action required to be performed on intent",
"title": "Action to be performed",
"type": "string"
}
},
"title": "Action request object",
"type": "object"
}
ActionableResource (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "ActionableResource",
"module_id": "ClusterRestore",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"format": "hostname-or-ip",
"required": false,
"title": "A resource reference on which actions can be performed",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address of the current node",
"format": "hostname-or-ip",
"required": false,
"title": "ipv6 address",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Resources managed during restore process",
"type": "object"
}
ActionableResourceListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ActionableResourceListRequestParameters",
"module_id": "ClusterRestore",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"instruction_id": {
"required": true,
"title": "Id of the instruction set whose instructions are to be returned",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActionableResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ActionableResourceListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ActionableResource
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActiveDirectoryIdentitySource (type)
{
"description": "An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T.",
"extends": {
"$ref": "LdapIdentitySource
},
"id": "ActiveDirectoryIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"type-identifier": "ActiveDirectoryIdentitySource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"group_cache_ttl": {
"default": 60,
"description": "NSX keeps a cache of Active Directory group membership for groups that have a configured NSX role, in order to speed up authentication. The cache will be refreshed after the time-to-live has expired. Until the cache is refreshed, any new groups added to Active Directory will not be visible to NSX. By default, the cached is refreshed once per minute.",
"title": "Group cache time-to-live, in seconds",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resolve_nested_groups": {
"default": true,
"description": "If true, NSX will recursively find all groups that the user belongs to, even if the groups are nested. This can perform slowly for users who are in many deeply nested groups. You can disable this option to improve performance, but only the groups that directly contain the user will be considered for access control decisions.",
"title": "Resolve nested groups",
"type": "boolean"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An Active Directory identity source service",
"type": "object"
}
ActiveStandbySyncStatus (type)
{
"id": "ActiveStandbySyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Description of the status.",
"type": "string"
},
"full_sync_status": {
"$ref": "FullSyncStatus,
"required": true,
"title": "Status of full sync."
},
"is_data_consistent": {
"required": true,
"title": "Indicates whether the data is consistent. Always returned as true when queried on an active Global Manager node.",
"type": "boolean"
},
"percentage_completed": {
"required": false,
"title": "Percentage estimate of synchronization progress. Ranges from 0 to 100. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"remaining_entries_to_send": {
"required": false,
"title": "Number of entries pending synchronization. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"standby_site": {
"required": true,
"title": "Name of standby site.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"NOT_STARTED"
],
"required": true,
"title": "Status of synchronization between active and standby Global Manager nodes.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"DELTA_SYNC",
"FULL_SYNC"
],
"required": true,
"title": "Type of synchronization currently in effect between active and standby Global Manager nodes.",
"type": "string"
}
},
"type": "object"
}
AddALBControllerNodeVMInfo (type)
{
"description": "Contains a list of Advanced Load Balancer controller node VM deployment requests.",
"id": "AddALBControllerNodeVMInfo",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"deployment_requests": {
"description": "Advanced Load Balancer Controller deployment requests to be deployed by NSX.",
"items": {
"$ref": "ALBControllerNodeVMDeploymentRequest
},
"minItems": 1,
"required": true,
"title": "List of deployment requests",
"type": "array"
}
},
"title": "Info for AddALBControllerNodeVM",
"type": "object"
}
AddClusterNodeAction (type)
{
"id": "AddClusterNodeAction",
"module_id": "ClusterManagement",
"properties": {
"action": {
"enum": [
"add_cluster_node"
],
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
AddClusterNodeSpec (type)
{
"id": "AddClusterNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"controller_role_config": {
"$ref": "AddControllerNodeSpec
},
"display_name": {
"title": "Display name for the node",
"type": "string"
},
"external_id": {
"readonly": false,
"title": "External identifier of the node",
"type": "string"
},
"mgr_role_config": {
"$ref": "AddManagementNodeSpec
}
},
"type": "object"
}
AddClusterNodeVMInfo (type)
{
"description": "Contains a list of cluster node VM deployment requests and optionally a clustering configuration.",
"id": "AddClusterNodeVMInfo",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"clustering_config": {
"$ref": "ClusteringConfig,
"deprecated": true,
"description": "This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided.",
"required": false,
"title": "Configuration for auto-clustering of VMs post-deployment"
},
"deployment_requests": {
"description": "Cluster node VM deployment requests to be deployed by the Manager.",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest
},
"minItems": 1,
"required": true,
"title": "List of deployment requests",
"type": "array"
}
},
"title": "Info for AddClusterNodeVM",
"type": "object"
}
AddControllerNodeSpec (type)
{
"additionalProperties": false,
"id": "AddControllerNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"clustering_params": {
"$ref": "ClusteringInfo,
"description": "The details of the controller node required for cluster initialization or joining to an existing cluster. If this property is set, the node will be added to an existing cluster or used to create a new cluster. Otherwise no clustering operation/s will be performed.",
"required": false,
"title": "Clustering parameters for the node"
},
"control_plane_server_certificate": {
"deprecated": true,
"description": "Deprecated. Do not supply a value for this property.",
"type": "string"
},
"host_msg_client_info": {
"$ref": "MsgClientInfo,
"required": true
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo,
"required": true
},
"node_id": {
"description": "Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id.",
"required": false,
"title": "Internal identifier of the node",
"type": "string"
},
"type": {
"enum": [
"AddControllerNodeSpec"
],
"readonly": false,
"required": true,
"title": "must be set to AddControllerNodeSpec",
"type": "string"
}
},
"type": "object"
}
AddIdsCustomSignatureActionParameter (type)
{
"additionalProperties": false,
"id": "AddIdsCustomSignatureActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"action": {
"description": "Action to add custom signatures.",
"enum": [
"ADD_CUSTOM_SIGNATURES"
],
"required": true,
"title": "Action to add custom signatures",
"type": "string"
}
},
"title": "Action parameter to add custom signatures",
"type": "object"
}
AddManagementNodeSpec (type)
{
"additionalProperties": false,
"id": "AddManagementNodeSpec",
"module_id": "ClusterManagement",
"properties": {
"cert_thumbprint": {
"readonly": false,
"title": "The certificate thumbprint of the remote node.",
"type": "string"
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo
},
"password": {
"readonly": false,
"required": true,
"sensitive": true,
"title": "The password to be used to authenticate with the remote node.",
"type": "secure_string"
},
"remote_address": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "The host address of the remote node to which to send this join request."
},
"type": {
"enum": [
"AddManagementNodeSpec"
],
"readonly": false,
"required": true,
"title": "must be set to AddManagementNodeSpec",
"type": "string"
},
"user_name": {
"readonly": false,
"required": true,
"title": "The username to be used to authenticate with the remote node.",
"type": "string"
}
},
"type": "object"
}
AdditionalMetadata (type)
{
"additionalProperties": false,
"id": "AdditionalMetadata",
"module_id": "SecurityLicenseUsage",
"properties": {
"edge_number_of_edge_node_cpu_cores": {
"description": "Telemetry info about the 'edge_number_of_edge_node_cpu_cores'",
"readonly": true,
"title": "Number of Edge node cores",
"type": "string"
},
"host_number_of_host_node_cpu_cores": {
"description": "Telemetry info about the 'host_number_of_host_node_cpu_cores'",
"readonly": true,
"title": "Number of Host node cores",
"type": "string"
},
"intelligence_deployed": {
"description": "Telemetry info about the 'k8s_deployed'",
"readonly": true,
"title": "intelligence deployed",
"type": "string"
},
"license_edition_type": {
"description": "Telemetry info about the 'license_edition_type'",
"items": {
"type": "string"
},
"readonly": true,
"title": "license edition types",
"type": "array"
},
"license_key": {
"description": "Telemetry info about the 'license_key'",
"items": {
"type": "string"
},
"readonly": true,
"title": "license keys",
"type": "array"
},
"max_raw_core_count_per_host": {
"readonly": true,
"title": "Max raw cores count found on host.",
"type": "string"
},
"max_raw_core_count_per_socket": {
"readonly": true,
"title": "Max raw cores per socket count found on host.",
"type": "string"
},
"max_socket_count_per_host": {
"readonly": true,
"title": "Max socket count found on host.",
"type": "string"
},
"mps_number_of_dfw_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_dfw_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of dfw ids rules with custom mps profiles",
"type": "string"
},
"mps_number_of_gateway_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_gateway_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of gateway ids rules with custom mps profiles",
"type": "string"
},
"mps_total_number_of_profiles": {
"description": "Telemetry info about the 'mps_total_number_of_profiles'",
"readonly": true,
"title": "Total number of mps custom and default profiles.",
"type": "string"
},
"napp_appliance_version": {
"description": "Telemetry info about the 'napp_appliance_version'",
"readonly": true,
"title": "napp version",
"type": "string"
},
"nsx_deployment_id": {
"description": "Telemetry info about the 'deployment_id'",
"readonly": true,
"title": "deployment id",
"type": "string"
},
"nsx_manager_version": {
"description": "Telemetry info about the 'version'",
"readonly": true,
"title": "nsx manager version",
"type": "string"
},
"nsx_site_id": {
"description": "NSX default site id.",
"readonly": true,
"title": "nsx site id",
"type": "string"
},
"nta_enabled": {
"description": "true if value of any one of \"nta_detectorstate_*\" events in SSP telemetry is enabled. Does not show if unable to get events.",
"readonly": true,
"required": false,
"title": "nta enabled",
"type": "string"
},
"num_edge_baremetal_at_minimum_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 8-24 cores.",
"type": "string"
},
"num_edge_baremetal_at_recommended_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 25-80 cores.",
"type": "string"
},
"num_edge_large_factor": {
"readonly": true,
"title": "Number of edges with 8 cores.",
"type": "string"
},
"num_edge_medium_factor": {
"readonly": true,
"title": "Number of edges with 4 cores.",
"type": "string"
},
"num_edge_small_factor": {
"readonly": true,
"title": "Number of edges with 2 cores.",
"type": "string"
},
"num_edge_xlarge_factor": {
"readonly": true,
"title": "Number of edges with 16 cores.",
"type": "string"
},
"number_of_dfw_rules": {
"description": "Telemetry info about the 'number_of_dfw_rules'",
"readonly": true,
"title": "number of dfw rules",
"type": "string"
},
"number_of_firewall_rules": {
"description": "Telemetry info about the 'number_of_firewall_rules'",
"readonly": true,
"title": "number of firewall rules",
"type": "string"
},
"number_of_ids_gateway_rules": {
"description": "Telemetry info about the 'number_of_ids_gateway_rules'",
"readonly": true,
"title": "number of ids gateway rules",
"type": "string"
},
"number_of_ids_security_policies": {
"description": "Telemetry info about the 'number_of_ids_security_policies'",
"readonly": true,
"title": "number of ids security policies",
"type": "string"
},
"number_of_nsgroups": {
"description": "Telemetry info about the 'number_of_nsgroup'",
"readonly": true,
"title": "number of NSGroup",
"type": "string"
},
"number_of_prepared_hosts": {
"description": "Telemetry info about the 'number_of_prepared_hosts'",
"readonly": true,
"title": "number of prepared hosts",
"type": "string"
},
"number_of_tier_0_gateways": {
"description": "Telemetry info about the 'tier0_gateways'",
"readonly": true,
"title": "number of tier 0 gateways",
"type": "string"
},
"number_of_tier_1_gateways": {
"description": "Telemetry info about the 'tier1_gateways'",
"readonly": true,
"title": "count of number of vms used by this feature",
"type": "string"
},
"number_of_virtual_machines": {
"description": "Telemetry info about the 'number_of_virtual_machines'",
"readonly": true,
"title": "number of virtual machines",
"type": "string"
},
"recommendation_sessions_total": {
"description": "Telemetry info about the 'recommendation_sessions_total'",
"readonly": true,
"title": "recommendation sessions total",
"type": "string"
},
"total_firewall_ipfix_profiles": {
"description": "Telemetry info about the 'total_firewall_ipfix_profiles'",
"readonly": true,
"title": "total firewall ipfix profiles",
"type": "string"
}
},
"type": "object"
}
AdditionalSearchParameters (type)
{
"additionalProperties": false,
"description": "This object presents additional search capabilities over any API through free text query string. e.g. query=\"Web-VM-1\".",
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "AdditionalSearchParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dsl": {
"description": "It's human readable and context-based query language for retreiving information from search indices. For example: Find router where ip is 10.10.1.10",
"required": false,
"title": "Search DSL (domain specific language) query",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"query": {
"required": false,
"title": "Search query",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Represents search object that provides additional search capabilities",
"type": "object"
}
AddressBindingEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "An address binding entry is a combination of the IP-MAC-VLAN binding for a logical port. The address bindings can be obtained via various methods like ARP snooping, DHCP snooping etc. or by user configuration.",
"id": "AddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier,
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"source": {
"$ref": "AddressBindingSource,
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Combination of IP-MAC-VLAN binding",
"type": "object"
}
AddressBindingSource (type) (Deprecated)
{
"deprecated": true,
"enum": [
"INVALID",
"UNKNOWN",
"USER_DEFINED",
"ARP_SNOOPING",
"DHCP_SNOOPING",
"VM_TOOLS",
"ND_SNOOPING",
"DHCPV6_SNOOPING",
"VM_TOOLS_V6"
],
"id": "AddressBindingSource",
"module_id": "LogicalPort",
"title": "Source from which the address binding is obtained",
"type": "string"
}
AddressFamilyType (type)
{
"additionalProperties": false,
"enum": [
"IPV4_UNICAST",
"VPNV4_UNICAST",
"IPV6_UNICAST",
"L2VPN_EVPN"
],
"id": "AddressFamilyType",
"module_id": "Routing",
"title": "Type of Address Family",
"type": "string"
}
AdvanceClusterRestoreInput (type)
{
"id": "AdvanceClusterRestoreInput",
"module_id": "ClusterRestore",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Unique id of an instruction (as returned by the GET /restore/status\ncall) for which input is to be provided\n",
"type": "string"
},
"resources": {
"items": {
"$ref": "SelectableResourceReference
},
"required": true,
"title": "List of resources for which the instruction is applicable.",
"type": "array"
}
},
"type": "object"
}
AdvanceClusterRestoreRequest (type)
{
"id": "AdvanceClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"data": {
"items": {
"$ref": "AdvanceClusterRestoreInput
},
"required": true,
"title": "List of instructions and their associated data",
"type": "array"
}
},
"type": "object"
}
AdvanceServiceConfig (type)
{
"additionalProperties": false,
"description": "Contain optional configuration for deployment.",
"id": "AdvanceServiceConfig",
"module_id": "PolicyCloudNative",
"properties": {
"kubectl_tool": {
"desciption": "Filename of uploaded Kubernetes tools. Advanced\nconfiguraion option on UI has option to deploy\nKubernetes tools. User need to get this file from\nVMware website. File will contain kubectl binary,\nhelm binary and signature to verify them.\n",
"readonly": true,
"title": "Filename of uploaded Kubernetes tools",
"type": "string"
},
"messaging_service_name": {
"description": "FQDN to access kafka messaging service pod.",
"title": "Messaging service FQDN",
"type": "string"
},
"service_name": {
"description": "FQDN to access deployment pod.",
"title": "Service FQDN",
"type": "string"
}
},
"title": "Advanced deployment configuration",
"type": "object"
}
AdvancedConfig (type)
{
"extends": {
"$ref": "HighPerformanceConfig
},
"id": "AdvancedConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ADV_CONFIG"
},
"properties": {
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "These are advanced configuration options.",
"type": "object"
}
AdvertiseRule (type)
{
"additionalProperties": false,
"id": "AdvertiseRule",
"module_id": "Routing",
"properties": {
"action": {
"default": "ALLOW",
"description": "ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router.",
"enum": [
"DENY",
"ALLOW"
],
"required": false,
"title": "Action to ALLOW or DENY advertisement of routes",
"type": "string"
},
"description": {
"maxLength": 1024,
"required": false,
"title": "Description",
"type": "string"
},
"display_name": {
"maxLength": 255,
"required": false,
"title": "Display name",
"type": "string"
},
"networks": {
"items": {
"$ref": "IPCIDRBlock
},
"required": true,
"title": "network(CIDR) to be routed",
"type": "array"
},
"rule_filter": {
"$ref": "AdvertisementRuleFilter,
"required": false,
"title": "Rule filter for the advertise rule"
}
},
"type": "object"
}
AdvertiseRuleList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "AdvertiseRuleList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"default": [],
"items": {
"$ref": "AdvertiseRule
},
"minItems": 0,
"required": false,
"title": "List of advertisement rules",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AdvertisedNetworkCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "AdvertisedNetworkCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"network": {
"description": "Advertised network address.",
"readonly": true,
"required": true,
"title": "Advertised Network",
"type": "string"
},
"rule_filter_type": {
"description": "Advertised rule filter type",
"readonly": true,
"required": false,
"title": "Advertised rule filter type",
"type": "string"
},
"status": {
"description": "advertisement status of network to connected gateway SUCCESS - network route successfully plumbed on target gateway DENIED_BY_TARGET_GATEWAY - network denied by target gateway because of in filter rules or missing inter vrf config",
"readonly": true,
"required": false,
"title": "Advertisement status of network",
"type": "string"
}
},
"type": "object"
}
AdvertisedNetworksListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "AdvertisedNetworksListRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Advertised networks list parameters",
"type": "object"
}
AdvertisementConfig (type)
{
"additionalProperties": false,
"description": "Advertisement config for different types of routes which need to be advertised from TIER1 logical router to the linked TIER0 logical router",
"extends": {
"$ref": "ManagedResource
},
"id": "AdvertisementConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advertise_dns_forwarder": {
"default": false,
"description": "Flag to advertise all routes of dns forwarder listener ips and source ips",
"required": false,
"title": "Advertise dns forwarder ips",
"type": "boolean"
},
"advertise_ipsec_local_ip": {
"default": false,
"description": "Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router",
"required": false,
"title": "Advertise IPSec VPN local endpoint ips",
"type": "boolean"
},
"advertise_lb_snat_ip": {
"default": false,
"description": "Flag to advertise all lb SNAT ips",
"required": false,
"title": "Advertise lb SNAT ips",
"type": "boolean"
},
"advertise_lb_vip": {
"default": false,
"description": "Flag to advertise lb vip ips",
"required": false,
"title": "Advertise lb vip ips",
"type": "boolean"
},
"advertise_nat_routes": {
"default": false,
"description": "Flag to advertise all routes of nat",
"required": false,
"title": "Advertise NAT routes",
"type": "boolean"
},
"advertise_nsx_connected_routes": {
"default": false,
"description": "Flag to advertise all connected routes",
"required": false,
"title": "Advertise connected routes",
"type": "boolean"
},
"advertise_static_routes": {
"default": false,
"description": "Flag to advertise all static routes",
"required": false,
"title": "Advertise static routes",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Flag to enable this configuration",
"required": false,
"title": "Enable advertisement",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"description": "TIER1 logical router id on which to enable this configuration",
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Advertisement config",
"type": "object"
}
AdvertisementRuleFilter (type)
{
"additionalProperties": false,
"description": "To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.",
"id": "AdvertisementRuleFilter",
"module_id": "Routing",
"properties": {
"match_route_types": {
"items": {
"$ref": "AdvertisementRuleFilterRouteType
},
"minItems": 1,
"required": true,
"title": "Array of route types to filter routes",
"type": "array"
},
"prefix_operator": {
"default": "GE",
"description": "GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule.",
"enum": [
"GE",
"EQ"
],
"required": true,
"title": "Prefix operator to apply on networks",
"type": "string"
}
},
"type": "object"
}
AdvertisementRuleFilterRouteType (type)
{
"additionalProperties": false,
"description": "Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.",
"enum": [
"ANY",
"STATIC",
"T1_STATIC",
"NSX_CONNECTED",
"T1_CONNECTED",
"T1_NAT",
"T1_LB_VIP",
"T1_LB_SNAT",
"T1_DNSFORWARDER",
"T1_IPSEC_LOCAL_IP"
],
"id": "AdvertisementRuleFilterRouteType",
"module_id": "Routing",
"title": "Route types to filter TIER1 LR advertised routes",
"type": "string"
}
AgentResource (type)
{
"id": "AgentResource",
"module_id": "Heatmap",
"properties": {
"memory_total": {
"description": "Total available memory in kilobytes.",
"title": "Total available memory",
"type": "integer"
},
"memory_used": {
"description": "Used memory in kilobytes.",
"title": "Used memory",
"type": "integer"
}
},
"type": "object"
}
AgentStatus (type)
{
"id": "AgentStatus",
"module_id": "Heatmap",
"properties": {
"components": {
"description": "List of agent subcomponent statuses",
"items": {
"$ref": "AgentSubStatus
},
"title": "agent subcomponent statuses",
"type": "array"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"name": {
"enum": [
"NSX_AGENT",
"NSX_OPSAGENT",
"NSX_CFGAGENT",
"NSX_NESTDB",
"NSX_EXPORTER",
"NSX_VDPI"
],
"title": "Agent name",
"type": "string"
},
"resource_usage": {
"$ref": "AgentResource,
"description": "Periodically collected critical resource usage including memory usage.",
"title": "Resource usage of this agent"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN",
"DEGRADED"
],
"title": "Agent status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
}
},
"type": "object"
}
AgentStatusCount (type)
{
"additionalProperties": false,
"id": "AgentStatusCount",
"module_id": "Heatmap",
"properties": {
"agents": {
"description": "List of agent statuses belonging to the transport node",
"items": {
"$ref": "AgentStatus
},
"title": "NSX agents status",
"type": "array"
},
"degraded_count": {
"title": "Degraded count",
"type": "int"
},
"down_count": {
"title": "Down count",
"type": "int"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"smartnic_agents": {
"description": "List of Smartnic agent statuses",
"items": {
"$ref": "SmartnicAgentStatus
},
"title": "NSX smartnic agents status",
"type": "array"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN",
"DEGRADED"
],
"title": "Roll-up agent status",
"type": "string"
},
"up_count": {
"title": "Up count",
"type": "int"
}
},
"type": "object"
}
AgentSubStatus (type)
{
"id": "AgentSubStatus",
"module_id": "Heatmap",
"properties": {
"name": {
"title": "Agent subcomponent name",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"title": "Agent subcomponent status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
}
},
"type": "object"
}
AggregateDNSForwarderStatistics (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder statistics across enforcement points.",
"id": "AggregateDNSForwarderStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"statistics_per_enforcement_point": {
"description": "List of DNS forwarder statistics per enforcement point.",
"items": {
"$ref": "DNSForwarderStatisticsPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder statistics per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder statistics",
"type": "object"
}
AggregateDNSForwarderStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder status across enforcement points.",
"id": "AggregateDNSForwarderStatus",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"status_per_enforcement_point": {
"description": "List of DNS forwarder status per enforcement point.",
"items": {
"$ref": "DNSForwarderStatusPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder status per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder status",
"type": "object"
}
AggregateIPSecVpnSessionStatistics (type)
{
"additionalProperties": false,
"description": "Aggregate of IPSec VPN Session Statistics across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateIPSecVpnSessionStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of IPSec VPN Session Statistics per Enforcement Point.",
"items": {
"$ref": "IPSecVpnSessionStatisticsPerEP,
"title": "IPSec VPN Session Statistics per Enforcement Point"
},
"readonly": true,
"title": "List of IPSec VPN Session Statistics per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of IPSec VPN Session Statistics",
"type": "object"
}
AggregateIPSecVpnSessionStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of IPSec VPN Session Status across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateIPSecVpnSessionStatus",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of IPSec VPN Session Status per Enforcement Point.",
"items": {
"$ref": "IPSecVpnSessionStatusPerEP,
"title": "IPSec VPN Session Status per Enforcement Point"
},
"readonly": true,
"title": "List of IPSec VPN Session Status per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of IPSec VPN Session Status",
"type": "object"
}
AggregateL2VPNSessionPeerConfig (type)
{
"additionalProperties": false,
"description": "Aggregate of L2VPN Session peer config across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateL2VPNSessionPeerConfig",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of L2VPN Session peer config per Enforcement Point.",
"items": {
"$ref": "L2VPNSessionPeerConfigPerEP
},
"readonly": true,
"title": "List of L2VPN Session Peer config per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of L2VPN Session Peer Config",
"type": "object"
}
AggregateL2VPNSessionStatistics (type)
{
"additionalProperties": false,
"description": "Aggregate of L2VPN Session Statistics across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateL2VPNSessionStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of L2VPN Session Statistics per Enforcement Point.",
"items": {
"$ref": "L2VPNSessionStatisticsPerEP,
"title": "L2VPN Session Statistics per Enforcement Point"
},
"readonly": true,
"title": "List of L2VPN Session Statistics per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of L2VPN Session Statistics",
"type": "object"
}
AggregateL2VPNSessionStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of L2VPN Session Status across Enforcement Points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateL2VPNSessionStatus",
"module_id": "PolicyVpnStats",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "List of L2VPN Session Status per Enforcement Point.",
"items": {
"$ref": "L2VPNSessionStatusPerEP,
"title": "L2VPN Session Status per Enforcement Point"
},
"readonly": true,
"title": "List of L2VPN Session Status per Enforcement Point",
"type": "array"
}
},
"title": "Aggregate of L2VPN Session Status",
"type": "object"
}
AggregateL2VpnSessionRemoteMac (type)
{
"additionalProperties": false,
"description": "Aggregate of L2Vpn session remote mac across enforcement points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateL2VpnSessionRemoteMac",
"module_id": "PolicyVPNStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"l2vpn_session_remote_macs": {
"descripton": "List of L2Vpn session remote mac per Enforcement Point.\n",
"items": {
"$ref": "L2VpnSessionRemoteMacPerEP
},
"readonly": true,
"title": "List of L2Vpn Session remote mac",
"type": "array"
}
},
"title": "Aggregate of L2Vpn Session Remote Mac",
"type": "object"
}
AggregateLBNodeUsageSummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBNodeUsageSummary",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBNodeUsageSummary list results.",
"items": {
"$ref": "LBNodeUsageSummary,
"title": "LBNodeUsageSummary"
},
"readonly": true,
"title": "LBNodeUsageSummary list results",
"type": "array"
}
},
"title": "Aggregate of LBNodeUsageSummary across Enforcement Points.",
"type": "object"
}
AggregateLBPoolStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBPoolStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBPoolStatisticsPerEP list results.",
"items": {
"$ref": "LBPoolStatisticsPerEP,
"title": "LBPoolStatisticsPerEP"
},
"readonly": true,
"title": "LBPoolStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBPoolStatisticsPerEP",
"type": "object"
}
AggregateLBPoolStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBPoolStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBPoolStatusPerEP list results.",
"items": {
"$ref": "LBPoolStatusPerEP,
"title": "LBPoolStatusPerEP"
},
"readonly": true,
"title": "LBPoolStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBPoolStatusPerEP",
"type": "object"
}
AggregateLBServiceStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBServiceStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceStatisticsPerEP list results.",
"items": {
"$ref": "LBServiceStatisticsPerEP,
"title": "LBServiceStatisticsPerEP"
},
"readonly": true,
"title": "LBServiceStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBServiceStatisticsPerEP",
"type": "object"
}
AggregateLBServiceStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBServiceStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceStatusPerEP list results.",
"items": {
"$ref": "LBServiceStatusPerEP,
"title": "LBServiceStatusPerEP"
},
"readonly": true,
"title": "LBServiceStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBServiceStatusPerEP",
"type": "object"
}
AggregateLBServiceUsage (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBServiceUsage",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBServiceUsagePerEP list results.",
"items": {
"$ref": "LBServiceUsagePerEP,
"title": "LBServiceUsagePerEP"
},
"readonly": true,
"title": "LBServiceUsagePerEP list results",
"type": "array"
}
},
"title": "Aggregate of LBServiceUsagePerEP across Enforcement Points.",
"type": "object"
}
AggregateLBVirtualServerStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBVirtualServerStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBVirtualServerStatisticsPerEP list results.",
"items": {
"$ref": "LBVirtualServerStatisticsPerEP,
"title": "LBVirtualServerStatisticsPerEP"
},
"readonly": true,
"title": "LBVirtualServerStatisticsPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBVirtualServerStatisticsPerEP",
"type": "object"
}
AggregateLBVirtualServerStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "AggregateLBVirtualServerStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"results": {
"description": "LBVirtualServerStatusPerEP list results.",
"items": {
"$ref": "LBVirtualServerStatusPerEP,
"title": "LBVirtualServerStatusPerEP"
},
"readonly": true,
"title": "LBVirtualServerStatusPerEP list results",
"type": "array"
}
},
"title": "Paged Collection of LBVirtualServerStatusPerEP",
"type": "object"
}
AggregatePolicyDnsAnswer (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder nslookup answer across enforcement points.",
"id": "AggregatePolicyDnsAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"dns_answer_per_enforcement_point": {
"description": "List of DNS forwarder nslookup answer per enforcement point.",
"items": {
"$ref": "PolicyDnsAnswerPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder nslookup answer per enforcement point",
"type": "array"
},
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
}
},
"title": "Aggregate of DNS forwarder nslookup answer",
"type": "object"
}
AggregatePolicyRuntimeInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.",
"id": "AggregatePolicyRuntimeInfo",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
}
},
"title": "Aggregate of PolicyRuntimeInfoPerEP",
"type": "object"
}
AggregateTunnelTrafficStatistics (type)
{
"description": "Aggregate Tunnel Traffic Statistics object",
"id": "AggregateTunnelTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "GreTunnelAggregateTrafficStatistics - Resource type as GreTunnelAggregateTrafficStatistics will be used to populate P2P GRE Aggregate Tunnel traffic statistics",
"enum": [
"GreTunnelAggregateTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
}
},
"title": "Aggregate Tunnel Traffic Statistics object",
"type": "object"
}
AggregatedDataCounter (type)
{
"id": "AggregatedDataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedDataCounterEx (type)
{
"extends": {
"$ref": "AggregatedDataCounter
},
"id": "AggregatedDataCounterEx",
"module_id": "AggSvcL2Types",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedFeatureDetailListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AggregatedFeatureDetailListResult",
"module_id": "PolicyFeatureFlags",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AggregatedFeatureStateDetails
},
"required": true,
"title": "AggregatedFeatureStateDetail list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AggregatedFeatureStateDetail",
"type": "object"
}
AggregatedFeatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AggregatedFeatureListResult",
"module_id": "PolicyFeatureFlags",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AggregatedFeatureState
},
"required": true,
"title": "AggregatedFeatureState list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AggregatedFeatureState",
"type": "object"
}
AggregatedFeatureState (type)
{
"additionalProperties": false,
"description": "Feature state aggregating both feature flag and license information",
"id": "AggregatedFeatureState",
"module_id": "PolicyFeatureFlags",
"properties": {
"feature_name": {
"required": true,
"title": "feature name",
"type": "string"
},
"state": {
"enum": [
"INCOMPATIBLE",
"DISABLED_AND_UNLICENSED",
"ENABLED_ONLY",
"LICENSED_ONLY",
"ENABLED_AND_LICENSED"
],
"required": true,
"title": "Aggregated feature state",
"type": "string"
}
},
"title": "Aggregated Feature State",
"type": "object"
}
AggregatedFeatureStateDetails (type)
{
"additionalProperties": false,
"description": "Feature state aggregating both feature flag and license information including API details",
"id": "AggregatedFeatureStateDetails",
"module_id": "PolicyFeatureFlags",
"properties": {
"apis": {
"description": "The list of APIs included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "APIs in feature",
"type": "array"
},
"attributes": {
"description": "The list of DTO attributes included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "DTO attributes in feature",
"type": "array"
},
"enum_values": {
"description": "The list of DTO attribute enum values included in the named feature",
"items": {
"type": "string"
},
"required": false,
"title": "DTO attribute enums in feature",
"type": "array"
},
"feature_name": {
"required": true,
"title": "feature name",
"type": "string"
},
"state": {
"enum": [
"INCOMPATIBLE",
"DISABLED_AND_UNLICENSED",
"ENABLED_ONLY",
"LICENSED_ONLY",
"ENABLED_AND_LICENSED"
],
"required": true,
"title": "Aggregated feature state",
"type": "string"
}
},
"title": "Aggregated Feature State Details",
"type": "object"
}
AggregatedLogicalRouterPortCounters (type)
{
"id": "AggregatedLogicalRouterPortCounters",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
Alarm (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "Alarm",
"module_id": "Monitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarm_source": {
"description": "If alarm_source_type = INTENT_PATH, this field will contain a list of intent paths for the entity that the event instance applies to. If alarm_source_type = ENTITY_ID, this field will contain a list with a single item identifying the entity id that the event instance applies to.",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Source identifying entity that the Event instance applies to\n",
"type": "array",
"uniqueItems": true
},
"alarm_source_type": {
"$ref": "AlarmSourceType,
"description": "Type of alarm source of the Event instance. Can be one of - INTENT_PATH, ENTITY_ID.",
"readonly": true,
"required": true,
"title": "Alarm Source type of the Event"
},
"description": {
"description": "Detailed description of Alarm. This is the same detailed description as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Detailed description of Alarm",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entity_id": {
"description": "The entity that the Event instance applies to. Note entity_id may not be included in a response body. For example, the cpu_high Event may not return an entity_id.",
"readonly": true,
"title": "The UUID of the entity that the Event instance applies to",
"type": "string"
},
"entity_resource_type": {
"description": "The entity type that the Event instance applies to.",
"readonly": true,
"title": "The type of entity that the Event instance applies to",
"type": "string"
},
"event_tags": {
"description": "Tags applicable to event, for example, INFRASTRUCTURE or INTELLIGENCE.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Tags applicable to the event",
"type": "array"
},
"event_type": {
"description": "Name of Event, e.g. manager_cpu_usage_high, certificate_expired.",
"readonly": true,
"required": true,
"title": "Name of event",
"type": "string"
},
"event_type_display_name": {
"description": "Display name of Event type.",
"readonly": true,
"required": true,
"title": "Display name of event type",
"type": "string"
},
"feature_display_name": {
"description": "Display name of feature defining this Event.",
"readonly": true,
"required": true,
"title": "Display name of feature",
"type": "string"
},
"feature_name": {
"description": "Feature defining this Event, e.g. manager_health, certificates.",
"readonly": true,
"required": true,
"title": "Feature defining this event",
"type": "string"
},
"id": {
"description": "ID that uniquely identifies an Alarm.",
"readonly": true,
"required": true,
"title": "ID that uniquely identifies an Alarm",
"type": "string"
},
"kb_article": {
"description": "KB article link that contains more information on this alarm and recommended actions. Users can refer to the specified link if needed.",
"readonly": true,
"title": "Link to knowledge base article",
"type": "string"
},
"last_reported_time": {
"$ref": "EpochMsTimestamp,
"description": "Indicates when the corresponding Event instance was last reported in milliseconds since epoch.",
"readonly": true,
"title": "Last reported time of event instance"
},
"node_display_name": {
"description": "Display name of node that the event instance applies to.",
"readonly": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"description": "The UUID of the node that the Event instance applies to.",
"readonly": true,
"required": true,
"title": "The UUID of the node that the Event instance applies to",
"type": "string"
},
"node_ip_addresses": {
"description": "IP addresses of node that the event instance applies to.",
"items": {
"type": "string"
},
"readonly": true,
"title": "IP addresses of node",
"type": "array"
},
"node_resource_type": {
"description": "The resource type of node that the Event instance applies to eg. ClusterNodeConfig, TransportNode.",
"readonly": true,
"title": "The resource type of node that the Event instance applies to",
"type": "string"
},
"recommended_action": {
"description": "Recommended action for Alarm. This is the same action as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Recommended action for Alarm",
"type": "string"
},
"reoccurrences_while_suppressed": {
"description": "The number of reoccurrences since this alarm has been SUPPRESSED.",
"readonly": true,
"title": "The number of reoccurrences since this alarm has been SUPPRESSED",
"type": "integer"
},
"resolved_by": {
"description": "User ID of the user that set the status value to RESOLVED. This value can be SYSTEM to indicate that the system resolved the Alarm, for example when the system determines CPU usage is no longer high and the cpu_high Alarm is no longer applicable. This property is only returned when the status value is RESOLVED.",
"readonly": true,
"title": "User ID of the user that set the status value to RESOLVED",
"type": "string"
},
"resolved_time": {
"$ref": "EpochMsTimestamp,
"description": "Indicates when the Alarm was resolved in milliseconds since epoch. This property is only returned when the status value is RESOLVED.",
"readonly": true,
"title": "Time when Alarm was resolved"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_data": {
"description": "Runtime data for Alarm. When an alarming condition occurs, there may be additional data of interest when triaging the underlying issue, for example, output from system commands captured at the time of the error. Note, the contents of this property are not localized.",
"readonly": true,
"title": "Runtime data for Alarm",
"type": "string"
},
"severity": {
"$ref": "MonitoringSeverity,
"description": "Severity of the Alarm.Can be one of - CRITICAL, HIGH, MEDIUM, LOW.",
"readonly": true,
"required": true,
"title": "Severity of the Alarm"
},
"status": {
"$ref": "MonitoringStatus,
"description": "Indicate the status which the Alarm is in.",
"required": true,
"title": "Status of the Alarm"
},
"summary": {
"description": "Summary description of Alarm. This is the same summary description as the corresponding Event identified by feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Summary description of Alarm",
"type": "string"
},
"suppress_duration": {
"description": "The time period between suppress_start_time and suppress_start_time + suppress_duration (specified in hours) an Alarm is SUPPRESSED. This property is only returned when the status value is SUPPRESSED.",
"title": "Duration in hours for which an Alarm is SUPPRESSED",
"type": "integer"
},
"suppress_start_time": {
"$ref": "EpochMsTimestamp,
"description": "Indicates when the Alarm was suppressed in milliseconds since epoch. This property is only returned when the status value is SUPPRESSED.",
"readonly": true,
"title": "Time when Alarm was suppressed"
},
"suppressed_by": {
"description": "User ID of the user that set the status value to SUPPRESSED. This property is only returned when the status value is SUPPRESSED.",
"readonly": true,
"title": "User ID of the user that set the status value to SUPPRESSED",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AlarmFilterParameter (type)
{
"id": "AlarmFilterParameter",
"module_id": "Monitoring",
"properties": {
"after": {
"$ref": "EpochMsTimestamp,
"description": "Filter to fetch alarms after the specified time.",
"required": false,
"title": "Filter to fetch alarms after the specified time"
},
"before": {
"$ref": "EpochMsTimestamp,
"description": "Filter to fetch alarms before the specified time.",
"required": false,
"title": "Filter to fetch alarms before the specified time"
},
"cursor": {
"description": "Opaque cursor to be used for getting next page of records (supplied by current result page).",
"readonly": false,
"required": false,
"title": "Cursor for pagination",
"type": "string"
},
"event_tag": {
"description": "Specify tags for which alarms should be filtered, for example, INFRASTRUCTURE or INTELLIGENCE.",
"required": false,
"title": "Event tag",
"type": "string"
},
"event_type": {
"description": "Specify one or more event types for which alarms should be filtered.",
"required": false,
"title": "Event Type Filter",
"type": "string"
},
"feature_name": {
"description": "Specify one or more feature names for which alarms should be filtered.",
"required": false,
"title": "Feature Name",
"type": "string"
},
"id": {
"description": "Specify one or more alarm IDs for which alarms should be filtered.",
"required": false,
"title": "Alarm ID",
"type": "string"
},
"intent_path": {
"description": "Specify one or more intent paths for which alarms should be filtered.",
"required": false,
"title": "Intent Path for entity ID",
"type": "string"
},
"node_id": {
"description": "Specify one or more node IDs for which alarms should be filtered.",
"required": false,
"title": "Node ID",
"type": "string"
},
"node_resource_type": {
"description": "Specify one or more node resource types for which alarms should be filtered.",
"required": false,
"title": "Node Resource Type",
"type": "string"
},
"org": {
"description": "Specify Org ID for which alarms should be filtered.",
"required": false,
"title": "Org ID",
"type": "string"
},
"page_size": {
"description": "Maximum number of results to return in this page (server may return fewer).",
"required": false,
"title": "Page Size for pagination",
"type": "integer"
},
"project": {
"description": "Specify Project ID for which alarms should be filtered.",
"required": false,
"title": "Project ID",
"type": "string"
},
"severity": {
"description": "Specify one or more severity levels for which alarms should be filtered. Must be one of CRITICAL, HIGH, MEDIUM, LOW.",
"required": false,
"title": "Severity",
"type": "string"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"required": false,
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_by": {
"description": "Sorting on column is based on the sort_by. sort_by represents the field in the output data on which sort is requested.",
"required": false,
"title": "Key for sorting on this column",
"type": "string"
},
"status": {
"description": "Specify one or more status for which alarms should be filtered. Must be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": false,
"title": "Status",
"type": "string"
},
"vpc": {
"description": "Specify VPC ID for which alarms should be filtered.",
"required": false,
"title": "VPC ID",
"type": "string"
}
},
"title": "Parameters to filter alarms",
"type": "object"
}
AlarmSourceType (type)
{
"enum": [
"INTENT_PATH",
"ENTITY_ID",
"SYSTEM_ID"
],
"id": "AlarmSourceType",
"module_id": "Monitoring",
"type": "string"
}
AlarmStatusParameter (type)
{
"id": "AlarmStatusParameter",
"module_id": "Monitoring",
"properties": {
"new_status": {
"$ref": "MonitoringStatus,
"description": "Specify new alarm status for the alarm. Can be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": true,
"title": "Status"
},
"suppress_duration": {
"description": "Specify duration in hours for which Alarm should be suppressed.This value must be specified if the new_status is SUPPRESSED.",
"title": "Duration in hours for which Alarm should be suppressed",
"type": "integer"
}
},
"title": "Parameters to update status of alarm",
"type": "object"
}
AlarmsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AlarmsListResult",
"module_id": "Monitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Alarm
},
"readonly": true,
"title": "List of alarms known to the system",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AlbControllerClusterRuntimeError (type)
{
"description": "Advanced Load Balancer controller cluster runtime error.",
"id": "AlbControllerClusterRuntimeError",
"module_id": "PolicyALBControllerDeployment",
"properties": {
"error_code": {
"description": "Advanced Load Balancer cluster runtime error code.",
"readonly": true,
"title": "Advanced Load Balancer cluster runtime error code",
"type": "int"
},
"error_message": {
"description": "Advanced Load Balancer cluster runtime error msg.",
"readonly": true,
"title": "Advanced Load Balancer cluster runtime error msg",
"type": "string"
}
},
"title": "Advanced Load Balancer controller cluster runtime error",
"type": "object"
}
AlbControllerVsphereClusterNodeVmDeploymentConfig (type)
{
"description": "The vSphere deployment configuration determines where to deploy the Advanced Load Balancer controller node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - management_port_subnets, and default_gateway_addresses",
"extends": {
"$ref": "ALBControllerNodeVMDeploymentConfig
},
"id": "AlbControllerVsphereClusterNodeVmDeploymentConfig",
"module_id": "PolicyALBControllerDeployment",
"polymorphic-type-descriptor": {
"type-identifier": "AlbControllerVsphereClusterNodeVmDeploymentConfig"
},
"properties": {
"compute_id": {
"description": "The Advanced Load Balancer controller node VM will be deployed on the specified cluster or resourcepool for specified VC server.",
"required": true,
"title": "Cluster identifier or resourcepool identifier",
"type": "string"
},
"default_gateway_addresses": {
"description": "The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network.",
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Default gateway for the VM",
"type": "array"
},
"disk_provisioning": {
"$ref": "DiskProvisioning,
"default": "THIN",
"description": "Specifies the disk provisioning type of the VM.",
"required": false,
"title": "Disk provitioning type"
},
"display_name": {
"description": "Desired display name for Advanced Load Balancer controller VM to be deployed.",
"required": false,
"title": "Advanced Load Balancer controller VM display name",
"type": "string"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"host_id": {
"description": "The Advanced Load Balancer controller node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.",
"required": false,
"title": "Host identifier",
"type": "string"
},
"hostname": {
"description": "Desired host name/FQDN for the VM to be deployed.",
"format": "hostname-or-ip",
"required": true,
"title": "Host name or FQDN for the VM",
"type": "string"
},
"management_network_id": {
"description": "Distributed portgroup identifier to which the management vnic of Advanced Load Balancer controller node VM will be connected.",
"required": true,
"title": "Portgroup identifier for management network connectivity",
"type": "string"
},
"management_port_subnets": {
"description": "IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Port subnets for management port",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": false,
"title": "NTP servers.",
"type": "array"
},
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM.",
"enum": [
"AlbControllerVsphereClusterNodeVmDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
},
"storage_id": {
"description": "The Advanced Load Balancer controller node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.",
"required": true,
"title": "Storage/datastore identifier",
"type": "string"
},
"storage_policy_id": {
"description": "The cluster node VM will be deployed with the specified storage policy on the specified datastore in the specified VC server. User must ensure that the storage policy is applicable on the given datastore.",
"required": false,
"title": "Storage policy uuid",
"type": "string"
},
"vc_id": {
"description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.",
"required": true,
"title": "vSphere compute identifier for identifying VC server",
"type": "string"
}
},
"title": "Deployment config on the vSphere platform",
"type": "object"
}
AllClusterGroupStatus (type)
{
"additionalProperties": false,
"description": "A list of the statuses of all the groups in the cluster.",
"id": "AllClusterGroupStatus",
"module_id": "Cluster",
"properties": {
"cluster_id": {
"readonly": true,
"title": "UUID of the cluster",
"type": "string"
},
"groups": {
"items": {
"$ref": "ClusterGroupStatus
},
"readonly": true,
"title": "Array of groups and their statuses",
"type": "array"
},
"overall_status": {
"enum": [
"STABLE",
"DEGRADED",
"UNAVAILABLE"
],
"readonly": true,
"title": "Overall status of the cluster",
"type": "string"
}
},
"title": "Status of all the cluster groups",
"type": "object"
}
AllIdsEventsRequestQueryParameters (type)
{
"description": "Represents the query parameters, such as the tenancy context, that the ids-events API accepts.",
"id": "AllIdsEventsRequestQueryParameters",
"module_id": "PolicyIDSMetrics",
"properties": {
"context": {
"$ref": "TenancyContextQueryParameter
}
},
"title": "Query parameters passed to the ids-events API",
"type": "object"
}
AllocatedService (type)
{
"additionalProperties": false,
"id": "AllocatedService",
"module_id": "EdgeClusters",
"properties": {
"allocation_details": {
"description": "Additional properties of a service, say the sub_pool_size and sub_pool_type for a LoadBalancer.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"title": "Key-Value map of additional specific properties of services",
"type": "array"
},
"high_availability_status": {
"description": "Represents the active or the standby state of the service.",
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN"
],
"readonly": true,
"title": "HA Status of the service context node",
"type": "string"
},
"service_reference": {
"$ref": "ResourceReference,
"readonly": true,
"required": true,
"title": "Id and Name of the service context configured on edge node."
}
},
"type": "object"
}
AllocationAction (type)
{
"additionalProperties": false,
"id": "AllocationAction",
"module_id": "Ipam",
"properties": {
"action": {
"enum": [
"ALLOCATE",
"RELEASE"
],
"readonly": false,
"required": true,
"title": "Specifies allocate or release action",
"type": "string"
}
},
"type": "object"
}
AllocationBasedOnFailureDomain (type)
{
"additionalProperties": false,
"description": "Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge nodes (active and standby) from different failure domains.",
"extends": {
"$ref": "AllocationRuleAction
},
"id": "AllocationBasedOnFailureDomain",
"module_id": "EdgeClusters",
"polymorphic-type-descriptor": {
"type-identifier": "AllocationBasedOnFailureDomain"
},
"properties": {
"action_type": {
"$ref": "AllocationRuleActionType,
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"required": true,
"title": "Type of action for allocation rule"
},
"enabled": {
"default": false,
"description": "Enable placement algorithm to consider failure domain of edge transport nodes and place active and standby contexts in different failure domains.",
"required": false,
"title": "Flag to enable failure domain based allocation",
"type": "boolean"
}
},
"title": "Placement based on failure domain of edge node",
"type": "object"
}
AllocationIpAddress (type)
{
"additionalProperties": false,
"description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.",
"extends": {
"$ref": "ManagedResource
},
"id": "AllocationIpAddress",
"module_id": "Ipam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_id": {
"$ref": "IPAddress,
"readonly": true,
"title": "Address that is allocated from pool"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AllocationIpAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AllocationIpAddressListResult",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AllocationIpAddress
},
"required": true,
"title": "Pool allocation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AllocationPool (type)
{
"additionalProperties": false,
"id": "AllocationPool",
"module_id": "EdgeClusters",
"properties": {
"active_service_count": {
"description": "Represents the number of acitve services running on the edge node.",
"readonly": true,
"title": "Number of active services on edge node",
"type": "int"
},
"standby_service_count": {
"description": "Represents the number of standby services running on the edge node.",
"readonly": true,
"title": "Number of standby services on edge node",
"type": "int"
},
"sub_pools": {
"description": "Allocation details of sub-pools configured on edge node.",
"items": {
"$ref": "SubPool
},
"title": "Edge node sub-pool allocation details",
"type": "array"
}
},
"type": "object"
}
AllocationPoolType (type)
{
"additionalProperties": false,
"enum": [
"LoadBalancerAllocationPool"
],
"id": "AllocationPoolType",
"module_id": "LogicalRouter",
"title": "Types of logical router allocation pool based on services",
"type": "string"
}
AllocationRule (type)
{
"additionalProperties": false,
"description": "Allocation rule on edge cluster which will be considered in auto placement of TIER1 logical routers, DHCP and MDProxy.",
"id": "AllocationRule",
"module_id": "EdgeClusters",
"properties": {
"action": {
"$ref": "AllocationRuleAction,
"description": "Set action for each allocation rule",
"required": true,
"title": "Action for allocation rule"
}
},
"title": "Allocation rule on edge cluster",
"type": "object"
}
AllocationRuleAction (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Define action for each allocation rule which added on edge cluster.",
"id": "AllocationRuleAction",
"module_id": "EdgeClusters",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "action_type"
},
"properties": {
"action_type": {
"$ref": "AllocationRuleActionType,
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"required": true,
"title": "Type of action for allocation rule"
}
},
"title": "Set action for allocation rule",
"type": "object"
}
AllocationRuleActionType (type)
{
"additionalProperties": false,
"description": "Set action for each allocation rule on edge cluster which will help in auto placement.",
"enum": [
"AllocationBasedOnFailureDomain"
],
"id": "AllocationRuleActionType",
"module_id": "EdgeClusters",
"title": "Type of action for allocation rule",
"type": "string"
}
AnalyticsMaintenanceMode (type)
{
"description": "Set Analytics agents to maintenance mode during cluster changes.",
"id": "AnalyticsMaintenanceMode",
"module_id": "AnalyticsAgent",
"properties": {
"agent_error_message": {
"description": "string describing the error",
"readonly": false,
"required": false,
"title": "Error if site cannot be found in Corfu",
"type": "string"
},
"enable": {
"description": "Activate/deactivate maintenance mode",
"readonly": false,
"required": true,
"title": "Boolean switch to activate/deactivate the AnalyticsAgent's maintenance mode",
"type": "boolean"
}
},
"title": "NSX+ Analytics Agent Maintenance Mode",
"type": "object"
}
AntreaAdapterStatus (type)
{
"additionalProperties": false,
"id": "AntreaAdapterStatus",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"conditions": {
"description": "Collection of adapter conditions.",
"items": {
"$ref": "ComponentConditionItem
},
"readonly": true,
"title": "Adapter conditions",
"type": "array"
},
"status": {
"$ref": "ComponentStatus,
"description": "Indicate overall healthy status.",
"readonly": true,
"title": "Antrea adapter status"
}
},
"title": "Antrea adapter status",
"type": "object"
}
AntreaAgentsInfo (type)
{
"additionalProperties": false,
"id": "AntreaAgentsInfo",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"degraded_agent_num": {
"readonly": true,
"title": "The number of degraded agents",
"type": "int"
},
"failed_agent_num": {
"readonly": true,
"title": "The number of failed agents",
"type": "int"
},
"healthy_agent_num": {
"readonly": true,
"title": "The number of healthy agents",
"type": "int"
}
},
"title": "Antrea agents information",
"type": "object"
}
AntreaClusterInfo (type)
{
"additionalProperties": false,
"description": "Antrea cluster status info.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AntreaClusterInfo",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"agent_info": {
"$ref": "AntreaAgentsInfo,
"readonly": true,
"title": "Antrea agent info"
},
"ccp_adapter_status": {
"$ref": "AntreaAdapterStatus,
"description": "Including component status and CCP_ADAPTER_ prefix conditions status.",
"readonly": true,
"title": "Antrea CCP adapter status"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"controller_status": {
"$ref": "AntreaControllerStatus,
"description": "Including component status, connected agent and CONTROLLER_ prefix conditions status.",
"readonly": true,
"title": "Antrea Controller status"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mp_adapter_status": {
"$ref": "AntreaAdapterStatus,
"description": "Including component status and MP_ADAPTER_ prefix conditions status.",
"readonly": true,
"title": "Antrea MP adapter status"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "ComponentStatus,
"readonly": true,
"title": "Roll-up status of components"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea cluster info",
"type": "object"
}
AntreaClusterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "AntreaClusterListRequestParameters",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea cluster list request parameters",
"type": "object"
}
AntreaClusterListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Antrea Cluster list.",
"extends": {
"$ref": "ListResult
},
"id": "AntreaClusterListResult",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaClusterInfo
},
"required": true,
"title": "Antrea cluster list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea Cluster list",
"type": "object"
}
AntreaContainerClusterNode (type)
{
"id": "AntreaContainerClusterNode",
"properties": {
"cluster_id": {
"required": true,
"title": "The UUID of the container cluster",
"type": "string"
},
"nodes": {
"items": {
"type": "string"
},
"minItems": 1,
"title": "List of at most 200 container node UUIDs requiring a support bundle",
"type": "array"
}
},
"title": "Antrea container cluster and its nodes requiring a support bundle",
"type": "object"
}
AntreaControllerStatus (type)
{
"additionalProperties": false,
"description": "Antrea Controller status, including component status, connected agent and CONTROLLER_ prefix conditions status.",
"id": "AntreaControllerStatus",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"conditions": {
"description": "Collection of controller related conditions.",
"items": {
"$ref": "ComponentConditionItem
},
"readonly": true,
"title": "Controller conditions",
"type": "array"
},
"connected_agent_num": {
"description": "If status is UNKNOWN, this number is meaningless.",
"readonly": true,
"title": "The number of connected agents",
"type": "int"
},
"status": {
"$ref": "ComponentStatus,
"description": "Indicate overall healthy status.",
"readonly": true,
"title": "Antrea Controller status"
}
},
"title": "Antrea Controller status",
"type": "object"
}
AntreaHeartbeatConfig (type)
{
"additionalProperties": false,
"description": "Antrea heartbeat configuration for interval time.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AntreaHeartbeatConfig",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"report_interval": {
"default": 60,
"description": "If exceeding 3*report_interval, there is still no heartbeat, cluster status will be UNKNOWN.",
"maximum": 600,
"minimum": 60,
"required": true,
"title": "Report interval for Antrea heartbeat with NSX in seconds",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea heartbeat configuration",
"type": "object"
}
AntreaHeartbeatConfigListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Antrea Cluster heartbeat config.",
"extends": {
"$ref": "ListResult
},
"id": "AntreaHeartbeatConfigListResult",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of Antrea cluster heartbeat config.",
"items": {
"$ref": "AntreaHeartbeatConfig
},
"required": true,
"title": "Antrea cluster heartbeat config list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Antrea Cluster heartbeat config list",
"type": "object"
}
AntreaSupportBundleContainerNode (type)
{
"additionalProperties": {},
"extends": {
"$ref": "SupportBundleContainerNode
},
"id": "AntreaSupportBundleContainerNode",
"polymorphic-type-descriptor": {
"type-identifier": "ANTREA"
},
"properties": {
"clusters": {
"items": {
"$ref": "AntreaContainerClusterNode
},
"minItems": 1,
"title": "List of AntreaContainerClusterNodes identifying container clusters and their nodes",
"type": "array"
},
"container_type": {
"enum": [
"ANTREA"
],
"required": true,
"title": "Support bundle container type",
"type": "string"
}
},
"type": "object"
}
AntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "The configuration for Antrea traceflow.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"container_cluster_id": {
"description": "Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T.",
"required": true,
"title": "Container cluster ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_external_id": {
"description": "Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data.",
"required": false,
"title": "Destination external id",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true.",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"packet": {
"$ref": "AntreaTraceflowPacketData,
"description": "Configuration of packet data.",
"required": false,
"title": "Packet configuration"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_external_id": {
"description": "Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id.",
"required": true,
"title": "Source external id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea traceflow configuration",
"type": "object"
}
AntreaTraceflowConfigListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection for AntreaTraceflowConfigs.",
"extends": {
"$ref": "ListResult
},
"id": "AntreaTraceflowConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaTraceflowConfig
},
"required": true,
"title": "AntreaTraceflowConfig list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of AntreaTraceflowConfigs",
"type": "object"
}
AntreaTraceflowIcmpEchoRequestHeader (type)
{
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIcmpEchoRequestHeader",
"module_id": "PolicyConnectivity",
"properties": {
"id": {
"description": "Id of IcmpEchoRequest.",
"title": "IcmpEchoRequest id",
"type": "integer"
},
"sequence": {
"description": "Sequence number of IcmpEchoRequest.",
"title": "Icmp sequence",
"type": "integer"
}
},
"title": "IcmpEchoHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpHeader (type)
{
"description": "Ip header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in IpHeader.",
"title": "Destination ip",
"type": "string"
},
"flags": {
"description": "Protocol setting in IpHeader.",
"title": "Flags",
"type": "integer"
},
"protocol": {
"description": "Protocol setting in IpHeader.",
"title": "Protocol",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in IpHeader.",
"title": "Source ip",
"type": "string"
},
"ttl": {
"description": "TTL value in IpHeader. Default is 64.",
"title": "Time to live",
"type": "integer"
}
},
"title": "IpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpv6Header (type)
{
"description": "Ipv6 header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpv6Header",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in Ipv6Header.",
"title": "Destination ip",
"type": "string"
},
"hopLimit": {
"description": "Hop limit setting in Ipv6Header.",
"title": "Hop limit",
"type": "integer"
},
"nextHeader": {
"description": "Next header setting in Ipv6Header.",
"title": "Next header",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in Ipv6Header.",
"title": "Source ip",
"type": "string"
}
},
"title": "Ipv6Header for Antrea traceflow",
"type": "object"
}
AntreaTraceflowObservation (type)
{
"additionalProperties": false,
"description": "Observation result for Antrea traceflow.",
"id": "AntreaTraceflowObservation",
"module_id": "PolicyConnectivity",
"properties": {
"component_type": {
"description": "The type of component.",
"enum": [
"UNKNOWN",
"ANTREA_SPOOFGUARD",
"ANTREA_LB",
"ANTREA_ROUTING",
"ANTREA_DFW",
"ANTREA_FORWARDING"
],
"readonly": true,
"required": false,
"title": "The component type",
"type": "string"
},
"container_node_id": {
"description": "UID of the container node that observed a traceflow packet.",
"readonly": true,
"required": false,
"title": "Container node UID",
"type": "string"
},
"observation_type": {
"description": "The type of observation. AntreaTraceflowObservationDelivered: The packet was delivered to destination Pod properly AntreaTraceflowObservationReceived: The packet was received from another ContainerNode AntreaTraceflowObservationForwarded: The packet was forwarded to next logical node or ContainerNode AntreaTraceflowObservationDropped: The packet was dropped",
"enum": [
"AntreaTraceflowObservationDelivered",
"AntreaTraceflowObservationReceived",
"AntreaTraceflowObservationForwarded",
"AntreaTraceflowObservationDropped"
],
"required": true,
"title": "The observation type",
"type": "string"
},
"timestamp": {
"description": "Timestamp when the observation was collect by Antrea controller.",
"readonly": true,
"required": false,
"title": "Timestamp",
"type": "integer"
}
},
"title": "Observation for Antrea traceflow",
"type": "object"
}
AntreaTraceflowObservationListResult (type)
{
"additionalProperties": false,
"description": "List collection for AnteaTraceflowObservation, used in batch API.",
"extends": {
"$ref": "ListResult
},
"id": "AntreaTraceflowObservationListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AntreaTraceflowObservation
},
"required": false,
"title": "AntreaTraceflowObservation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List object for AnteaTraceflowObservation",
"type": "object"
}
AntreaTraceflowPacketData (type)
{
"description": "Packet data stuffs for Antrea traceflow.",
"id": "AntreaTraceflowPacketData",
"module_id": "PolicyConnectivity",
"properties": {
"frameSize": {
"description": "This property is used to set packet data size.",
"title": "Packet frame size",
"type": "integer"
},
"ipHeader": {
"$ref": "AntreaTraceflowIpHeader,
"description": "This property is used to set ipv4 header data.",
"title": "Ipv4 header configuration"
},
"ipv6Header": {
"$ref": "AntreaTraceflowIpv6Header,
"description": "This property is used to set ipv6 header data.",
"title": "Ipv6 header configuration"
},
"payload": {
"description": "This property is used to set payload data.",
"title": "Packet payload",
"type": "string"
},
"resourceType": {
"description": "This property is used to set resource type.",
"enum": [
"FIELDS_PACKET_DATA",
"BINARY_PACKET_DATA"
],
"title": "Packet resource type",
"type": "string"
},
"transportHeader": {
"$ref": "AntreaTraceflowTransportHeader,
"description": "This property is used to set transport header data.",
"title": "Transport header configuration"
},
"transportType": {
"description": "This property is used to set transport type.",
"enum": [
"UNICAST",
"MULTICAST",
"BROADCAST",
"UNKNOWN"
],
"title": "Transport type",
"type": "string"
}
},
"title": "Packet data for Antrea traceflow",
"type": "object"
}
AntreaTraceflowStatus (type)
{
"description": "The status value of one Antrea traceflow.",
"id": "AntreaTraceflowStatus",
"module_id": "PolicyConnectivity",
"properties": {
"phase": {
"description": "The execution phase of one traceflow.",
"enum": [
"SUCCEEDED",
"FAILED"
],
"title": "Phase",
"type": "string"
},
"reason": {
"description": "The reason for the failure.",
"title": "Reason",
"type": "string"
}
},
"title": "Status for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTcpHeader (type)
{
"description": "Tcp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTcpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in TcpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in TcpHeader.",
"title": "Source port",
"type": "integer"
},
"tcpFlags": {
"description": "Tcp flags in TcpHeader. SYN flag must be set for traceflow.",
"title": "Tcp flags",
"type": "integer"
}
},
"title": "TcpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTransportHeader (type)
{
"description": "Transport header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTransportHeader",
"module_id": "PolicyConnectivity",
"properties": {
"icmpEchoRequestHeader": {
"$ref": "AntreaTraceflowIcmpEchoRequestHeader,
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"title": "IcmpEchoRequestHeader for Antrea traceflow"
},
"tcpHeader": {
"$ref": "AntreaTraceflowTcpHeader,
"description": "Tcp header stuffs for Antrea traceflow.",
"title": "TcpHeader for Antrea traceflow"
},
"udpHeader": {
"$ref": "AntreaTraceflowUdpHeader,
"description": "Udp header stuffs for Antrea traceflow.",
"title": "UdpHeader for Antrea traceflow"
}
},
"title": "TransportHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowUdpHeader (type)
{
"description": "Udp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowUdpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in UdpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in UdpHeader.",
"title": "Source port",
"type": "integer"
}
},
"title": "UdpHeader for Antrea traceflow",
"type": "object"
}
AphInfo (type)
{
"additionalProperties": false,
"description": "APH information.",
"id": "AphInfo",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"required": true,
"title": "IP address of APH service",
"type": "string"
},
"certificate": {
"required": true,
"title": "PEM Certificate of APH service",
"type": "string"
},
"fqdn": {
"required": false,
"title": "FQDN, only returned by GET /sites and GET /sites/self",
"type": "string"
},
"node_id": {
"required": true,
"title": "Node ID of the APH service",
"type": "string"
},
"port": {
"required": true,
"title": "Port of APH service",
"type": "integer"
},
"use_fqdn": {
"required": false,
"title": "whether or not fqdn flag is on",
"type": "boolean"
},
"uuid": {
"required": true,
"title": "ID of the APH service",
"type": "string"
}
},
"title": "Apliance proxy hub information",
"type": "object"
}
ApiError (type)
{
"extends": {
"$ref": "RelatedApiError
},
"id": "ApiError",
"module_id": "Common",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
},
"related_errors": {
"items": {
"$ref": "RelatedApiError
},
"title": "Other errors related to this error",
"type": "array"
}
},
"title": "Detailed information about an API Error",
"type": "object"
}
ApiRequestBody (type)
{
"additionalProperties": false,
"description": "API Request Body is an Event Source that represents an API request body that is being reveived as part of an API. Supported Request Bodies are those received as part of a PATCH/PUT/POST request.",
"extends": {
"$ref": "Source
},
"id": "ApiRequestBody",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ApiRequestBody"
},
"properties": {
"resource_pointer": {
"description": "Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.",
"required": true,
"title": "Resource Pointer",
"type": "string"
},
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "API Request Body",
"type": "object"
}
ApiServiceConfig (type)
{
"additionalProperties": false,
"description": "Properties that affect the configuration of the NSX API service.",
"extends": {
"$ref": "ManagedResource
},
"id": "ApiServiceConfig",
"module_id": "ApiServiceConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"basic_authentication_enabled": {
"default": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"cipher_suites": {
"description": "The TLS cipher suites that the API service will negotiate.",
"items": {
"$ref": "CipherSuite
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"description": "A per-client concurrency limit. This is the maximum number of outstanding requests that a client can have. For example, a client can open multiple connections to NSX and submit operations on each connection. When this limit is exceeded, the server returns a 503 Service Unavailable error to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API concurrency limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"default": 30,
"description": "NSX connection timeout, in seconds. To disable timeout, set to 0.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_api_concurrency_limit": {
"default": 199,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API concurrency limit in calls",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lockout_immune_addresses": {
"description": "The list of IP addresses which are not subjected to a lockout on failed login attempts.",
"items": {
"$ref": "IPAddress
},
"title": "IP addresses which are not subject to lockout on failed login attempts",
"type": "array"
},
"protocol_versions": {
"description": "The TLS protocol versions that the API service will negotiate.",
"items": {
"$ref": "ProtocolVersion
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString,
"default": "",
"description": "Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (\"\").",
"title": "Hostname/IP to use in redirect headers"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_timeout": {
"default": 1800,
"descriptions": "Sessions inactive for more than this value are terminated. The value is given in seconds. Set to 0 to disable timeouts.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Configuration of the API service",
"type": "object"
}
ApplianceLatencyData (type)
{
"extends": {
"$ref": "Resource
},
"id": "ApplianceLatencyData",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"id": {
"description": "Display the Appliance id.",
"title": "Appliance id",
"type": "string"
},
"latency_data": {
"description": "Latency Data list.",
"items": {
"$ref": "ApplianceLatencyDataItem
},
"title": "Latency Data List",
"type": "array"
},
"name": {
"description": "Display the appliance name.",
"title": "Appliance name",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp of last modification.",
"title": "Timestamp of last modification"
}
},
"title": "Display the latency data by given appliance node",
"type": "object"
}
ApplianceLatencyDataItem (type)
{
"description": "Describes appliance latency data in detail.",
"id": "ApplianceLatencyDataItem",
"module_id": "ShaApplianceMonitor",
"properties": {
"destination_node_id": {
"description": "Display the appliance node id.",
"title": "Node id",
"type": "string"
},
"destination_node_ip": {
"description": "Display the appliance node ip.",
"title": "Node name",
"type": "string"
},
"destination_node_name": {
"description": "Display the appliance node name.",
"title": "Node name",
"type": "string"
},
"packet_loss_percent": {
"description": "Display the percentage of lost packet.",
"title": "Display the percentage of lost packet",
"type": "string"
},
"packet_received": {
"description": "Display the received packets.",
"title": "Display the received packets",
"type": "integer"
},
"packet_transmitted": {
"description": "Display the transmitted packets in Ping",
"title": "Display the transmitted packets",
"type": "integer"
},
"rtt_avg": {
"description": "Display the average Round Trip Time in milliseconds.",
"title": "Display the average rtt of latency value",
"type": "number"
},
"rtt_max": {
"description": "Display the max Round Trip Time in milliseconds.",
"title": "Display the max rtt of latency value",
"type": "number"
},
"rtt_mdev": {
"description": "Display the mean Round Trip Time in milliseconds.",
"title": "Display the mean rtt of latency value",
"type": "number"
},
"rtt_min": {
"description": "Display the min Round Trip Time in milliseconds.",
"title": "Display the min rtt of latency value",
"type": "number"
},
"source_node_ip": {
"description": "Display the appliance node ip.",
"title": "Node name",
"type": "string"
},
"status": {
"description": "Display the connection status between source node and destination node.",
"enum": [
"UP",
"DOWN"
],
"title": "Display the connection status",
"type": "string"
},
"total_time": {
"description": "Display the total time of sending and receiving packets in milliseconds.",
"title": "Display the total time in milliseconds",
"type": "integer"
}
},
"title": "Appliance Latency data",
"type": "object"
}
ApplianceLatencyListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ApplianceLatencyListResult",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total appliance latency count",
"type": "integer"
},
"results": {
"description": "Display the appliance latency data list.",
"items": {
"$ref": "ApplianceLatencyData
},
"title": "Appliance Process List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of process data",
"type": "object"
}
ApplianceManagementSuppressRedirectQueryParameter (type)
{
"additionalProperties": false,
"id": "ApplianceManagementSuppressRedirectQueryParameter",
"properties": {
"suppress_redirect": {
"default": false,
"description": "Do not return a redirect HTTP status.",
"title": "Suppress redirect status if applicable",
"type": "boolean"
}
},
"type": "object"
}
ApplianceManagementTaskListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ApplianceManagementTaskListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ApplianceManagementTaskProperties
},
"required": true,
"title": "Task property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Appliance management task query results",
"type": "object"
}
ApplianceManagementTaskProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ApplianceManagementTaskProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"details": {
"readonly": true,
"title": "Details about the task if known",
"type": "object"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"id": {
"pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_is_async": {
"readonly": true,
"title": "True if request was invoked with Vmw-Async:true header; otherwise, false",
"type": "boolean"
},
"request_method": {
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "ApplianceManagementTaskStatus,
"readonly": true,
"title": "Current status of the task"
},
"user": {
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Appliance management task properties",
"type": "object"
}
ApplianceManagementTaskQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "ApplianceManagementTaskQueryParameters",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"request_method": {
"description": "Comma-separated request methods to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request method(s) to include in query result",
"type": "string"
},
"request_path": {
"description": "Comma-separated request paths to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI path(s) to include in query result",
"type": "string"
},
"request_uri": {
"description": "Comma-separated request URIs to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI(s) to include in query result",
"type": "string"
},
"status": {
"description": "Comma-separated status values to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Status(es) to include in query result",
"type": "string"
},
"user": {
"description": "Comma-separated user names to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Names of users to include in query result",
"type": "string"
}
},
"type": "object"
}
ApplianceManagementTaskStatus (type)
{
"enum": [
"running",
"error",
"success",
"canceling",
"canceled",
"killed"
],
"id": "ApplianceManagementTaskStatus",
"title": "Current status of the appliance management task",
"type": "string"
}
ApplianceProcessData (type)
{
"extends": {
"$ref": "Resource
},
"id": "ApplianceProcessData",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"id": {
"description": "Display the Appliance id.",
"title": "Appliance id",
"type": "string"
},
"name": {
"description": "Display the appliance name.",
"title": "Appliance name",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp of last modification.",
"title": "Timestamp of last modification"
},
"top_process_by_cpu_count": {
"description": "Display the total count of process.",
"title": "Process count",
"type": "integer"
},
"top_process_by_cpu_list": {
"description": "Display the top process list by CPU.",
"items": {
"$ref": "ProcessInformation
},
"title": "Top process list by CPU",
"type": "array"
},
"top_process_by_mem_count": {
"description": "Display the total count of process.",
"title": "Process count",
"type": "integer"
},
"top_process_by_mem_list": {
"description": "Display the top process list by memory.",
"items": {
"$ref": "ProcessInformation
},
"title": "Top process list by memory",
"type": "array"
}
},
"title": "List of process data in given appliance node",
"type": "object"
}
ApplianceProcessListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ApplianceProcessListResult",
"module_id": "ShaApplianceMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Display the appliance process list.",
"items": {
"$ref": "ApplianceProcessData
},
"title": "Appliance Process List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of process data",
"type": "object"
}
ApplicationConnectivityStrategy (type)
{
"additionalProperties": false,
"description": "Allows more granular policies for application workloads",
"id": "ApplicationConnectivityStrategy",
"module_id": "Policy",
"properties": {
"application_connectivity_strategy": {
"description": "App connectivity strategies",
"enum": [
"ALLOW_INTRA",
"ALLOW_EGRESS",
"ALLOW_INGRESS",
"DROP_INGRESS",
"DROP_EGRESS"
],
"required": true,
"title": "Application connectivity strategy",
"type": "string"
},
"default_application_rule_id": {
"description": "Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule.",
"readonly": true,
"required": false,
"title": "Default rule ID associated with the application_connectivity_strategy",
"type": "integer"
},
"logging_enabled": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
}
},
"title": "Application specific connectivity strategy",
"type": "object"
}
ApplicationProfileType (type)
{
"additionalProperties": false,
"description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile. LbFastTCPProfile or LbFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LbHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LbHttpProfile is intended to simplify enabling certain common use cases. LbHttpProfile is deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LbHttpProfile",
"LbFastTcpProfile",
"LbFastUdpProfile"
],
"id": "ApplicationProfileType",
"module_id": "LoadBalancer",
"title": "application profile type",
"type": "string"
}
AppliedTos (type)
{
"description": "Entity lists where the profile will be enabled on.",
"id": "AppliedTos",
"module_id": "UpmCommon",
"properties": {
"logical_ports": {
"items": {
"$ref": "ResourceReference
},
"readonly": false,
"required": false,
"title": "Logical Port List",
"type": "array"
},
"logical_switches": {
"items": {
"$ref": "ResourceReference
},
"readonly": false,
"required": false,
"title": "Logical Switch List",
"type": "array"
},
"nsgroups": {
"items": {
"$ref": "ResourceReference
},
"nsx_feature": "UnifiedProfileManagementSupportNSGroup",
"readonly": false,
"required": false,
"title": "NSGroup List",
"type": "array"
}
},
"title": "Entities Applied to Profile",
"type": "object"
}
ApplyCertificateParameters (type)
{
"additionalProperties": false,
"id": "ApplyCertificateParameters",
"module_id": "CertificateManager",
"properties": {
"node_id": {
"description": "Optional node-id to which to apply the certificate. The cluster_certificate field of the matching Certificate Profile must be false, as those get applied to all nodes.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"description": "Service Type of the CertificateProfile to apply the certificate to.",
"required": true,
"title": "Service Type"
}
},
"type": "object"
}
ArpHeader (type)
{
"additionalProperties": false,
"id": "ArpHeader",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv4Address,
"required": true,
"title": "The destination IP address"
},
"op_code": {
"default": "ARP_REQUEST",
"description": "This field specifies the nature of the Arp message being sent.",
"enum": [
"ARP_REQUEST",
"ARP_REPLY"
],
"required": true,
"title": "Arp message type",
"type": "string"
},
"src_ip": {
"$ref": "IPv4Address,
"description": "This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0.",
"required": false,
"title": "The source IP address"
}
},
"type": "object"
}
ArpSnoopingConfig (type)
{
"additionalProperties": false,
"description": "Contains ARP snooping related configuration.",
"id": "ArpSnoopingConfig",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_binding_limit": {
"default": 1,
"description": "Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Maximum number of ARP bindings",
"type": "int"
},
"arp_snooping_enabled": {
"default": true,
"description": "Indicates whether ARP snooping is enabled",
"required": false,
"title": "Is ARP snooping enabled or not",
"type": "boolean"
}
},
"title": "ARP Snooping Configuration",
"type": "object"
}
ArpTableRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseEdgeStatisticsRequestParameters
},
"id": "ArpTableRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
AssessmentMessage (type)
{
"additionalProperties": false,
"description": "Assessment message.",
"extends": {
"$ref": "ColoredMessage
},
"id": "AssessmentMessage",
"module_id": "OverlayAdoption",
"properties": {
"color": {
"$ref": "ColorCode,
"default": "YELLOW",
"description": "The message color that shows the message's severity or priority.",
"readonly": true,
"required": false,
"title": "The message color that shows the message's severity or priority"
},
"message": {
"description": "A string message.",
"readonly": true,
"required": false,
"title": "A string message",
"type": "string"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": true,
"required": true,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": true,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType,
"description": "Assessment resource type.",
"readonly": true,
"required": true,
"title": "Assessment resource type"
}
},
"title": "Assessment message",
"type": "object"
}
AssessmentMessageListRequestParameters (type)
{
"description": "Assessment message list request parameters.",
"id": "AssessmentMessageListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"message_severity": {
"$ref": "ColorCode,
"description": "Assessment message severity.",
"readonly": false,
"required": false,
"title": "Assessment message severity"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": false,
"required": false,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": false,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType,
"description": "Assessment resource type.",
"readonly": false,
"required": false,
"title": "Assessment resource type"
}
},
"title": "Assessment message list request parameters",
"type": "object"
}
AssessmentMessageListResult (type)
{
"additionalProperties": false,
"description": "List of assessment messages.",
"extends": {
"$ref": "ListResult
},
"id": "AssessmentMessageListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of assessment messages.",
"items": {
"$ref": "AssessmentMessage
},
"readonly": true,
"required": true,
"title": "Paged collection of assessment messages",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"total_number_of_errors": {
"description": "Number of errors.",
"readonly": true,
"required": false,
"title": "Number of errors",
"type": "int"
},
"total_number_of_warnings": {
"description": "Number of warnings.",
"readonly": true,
"required": false,
"title": "Number of warnings",
"type": "int"
}
},
"title": "List of assessment messages",
"type": "object"
}
AssessmentResourceType (type)
{
"description": "Assessment resource type.",
"enum": [
"VC",
"DVPG",
"VDS"
],
"id": "AssessmentResourceType",
"module_id": "OverlayAdoption",
"title": "Assessment resource type",
"type": "string"
}
AssessmentUnit (type)
{
"description": "Detailed assessment information about a resource",
"id": "AssessmentUnit",
"module_id": "OverlayAdoption",
"properties": {
"number_of_errors": {
"description": "Number of errors.",
"readonly": true,
"required": false,
"title": "Number of errors",
"type": "int"
},
"number_of_warnings": {
"description": "Number of warnings.",
"readonly": true,
"required": false,
"title": "Number of warnings",
"type": "int"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": true,
"required": true,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": true,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType,
"description": "Assessment resource type.",
"readonly": true,
"required": true,
"title": "Assessment resource type"
},
"result": {
"$ref": "ColorCode,
"description": "Assessment result for the resource.",
"readonly": true,
"required": false,
"title": "Assessment result for the resource"
}
},
"title": "Assessment unit",
"type": "object"
}
AssessmentUnitListRequestParameters (type)
{
"description": "Assessment unit list request parameters.",
"id": "AssessmentUnitListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode,
"description": "Assessment result for the resource.",
"readonly": false,
"required": false,
"title": "Assessment result for the resource"
},
"resource_id": {
"description": "Assessment resource ID.",
"readonly": false,
"required": false,
"title": "Assessment resource ID",
"type": "string"
},
"resource_name": {
"description": "Assessment resource name.",
"readonly": false,
"required": false,
"title": "Assessment resource name",
"type": "string"
},
"resource_type": {
"$ref": "AssessmentResourceType,
"description": "Assessment resource type.",
"readonly": false,
"required": false,
"title": "Assessment resource type"
}
},
"title": "Assessment unit list request parameters",
"type": "object"
}
AssessmentUnitListResult (type)
{
"additionalProperties": false,
"description": "Detailed assessment information about multiple resources",
"extends": {
"$ref": "ListResult
},
"id": "AssessmentUnitListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of assessment units.",
"items": {
"$ref": "AssessmentUnit
},
"readonly": true,
"required": true,
"title": "Paged collection of assessment units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Assessment unit list",
"type": "object"
}
AssignedByAutoConf (type)
{
"description": "This type can be specified in ipv6 assignment spec of host switch if auto-conf based IPv6 assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "AssignedByAutoConf",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByAutoConf"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "Auto-conf based IPv6 assignment.",
"type": "object"
}
AssignedByDhcp (type) (Deprecated)
{
"deprecated": true,
"description": "This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "IpAssignmentSpec
},
"id": "AssignedByDhcp",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByDhcp"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IP assignment.",
"type": "object"
}
AssignedByDhcpv6 (type)
{
"description": "This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "AssignedByDhcpv6",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "AssignedByDhcpv6"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "DHCP based IPv6 assignment.",
"type": "object"
}
AssociatedKubernetesClusterListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the api that get associated clusters of a given group.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "AssociatedKubernetesClusterListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Associated kubernetes clusters list request params",
"type": "object"
}
AssociationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "AssociationListRequestParameters",
"module_id": "Association",
"properties": {
"associated_resource_type": {
"$ref": "AssociationTargetType,
"required": true,
"title": "Type of the associated resources"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"fetch_ancestors": {
"default": false,
"description": "If set to true, will fetch direct as well as indirect(considering containment as well as nesting) associated objects for the given source Id.",
"required": false,
"title": "Fetch complete list of associated resources considering\ncontainment and nesting\n",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_id": {
"required": true,
"title": "The resource for which associated resources are to be fetched",
"type": "string"
},
"resource_type": {
"$ref": "AssociationSourceType,
"required": true,
"title": "Type of the resource for which associated resources are to be fetched"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Association list request parameters",
"type": "object"
}
AssociationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AssociationListResult",
"module_id": "Association",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ResourceReference
},
"required": true,
"title": "Paged Collection of ResourceReference",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
AssociationSourceType (type)
{
"enum": [
"NSGroup",
"IPSet",
"MACSet",
"LogicalSwitch",
"LogicalPort",
"VirtualMachine",
"DirectoryGroup",
"VirtualNetworkInterface",
"TransportNode",
"IPAddress",
"CloudNativeServiceInstance",
"PhysicalServer"
],
"id": "AssociationSourceType",
"module_id": "Association",
"title": "Resource type valid for use as source in association API",
"type": "string"
}
AssociationTargetType (type)
{
"enum": [
"NSGroup"
],
"id": "AssociationTargetType",
"module_id": "Association",
"title": "Resource type valid for use as target in association API",
"type": "string"
}
AttachedInterface (type) (Deprecated)
{
"deprecated": true,
"description": "The Attached interface is only effective for the port on Bare metal server.",
"id": "AttachedInterface",
"module_id": "LogicalPort",
"properties": {
"app_intf_name": {
"required": true,
"title": "The name of application interface",
"type": "string"
},
"default_gateway": {
"$ref": "IPAddress,
"required": false,
"title": "Gateway IP"
},
"migrate_intf": {
"description": "IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP.",
"required": false,
"title": "Interface name to migrate",
"type": "string"
},
"routing_table": {
"items": {
"type": "string"
},
"required": false,
"title": "Routing rules",
"type": "array"
}
},
"title": "Attached interface specification for Bare metal server",
"type": "object"
}
AttachedInterfaceEntry (type)
{
"additionalProperties": false,
"description": "The Attached interface is only effective for the segment port on Bare metal server.",
"id": "AttachedInterfaceEntry",
"module_id": "PolicyConnectivity",
"properties": {
"app_intf_name": {
"required": true,
"title": "The name of application interface",
"type": "string"
},
"default_gateway": {
"$ref": "IPAddress,
"required": false,
"title": "Gateway IP"
},
"migrate_intf": {
"description": "IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP.",
"required": false,
"title": "Interface name to migrate",
"type": "string"
},
"routing_table": {
"items": {
"type": "string"
},
"required": false,
"title": "Routing rules",
"type": "array"
}
},
"title": "Attached interface information for Bare metal server",
"type": "object"
}
AttachmentContext (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"id": "AttachmentContext",
"module_id": "LogicalPort",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"allocate_addresses": {
"enum": [
"IpPool",
"MacPool",
"Both",
"None",
"Dhcp",
"DhcpV6",
"SLAAC"
],
"required": false,
"title": "A flag to indicate whether to allocate addresses from allocation\n pools bound to the parent logical switch.\n",
"type": "string"
},
"resource_type": {
"help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n",
"required": true,
"title": "Used to identify which concrete class it is",
"type": "string"
}
},
"type": "object"
}
AttachmentType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"VIF",
"LOGICALROUTER",
"BRIDGEENDPOINT",
"DHCP_SERVICE",
"METADATA_PROXY",
"L2VPN_SESSION",
"L2FORWARDER"
],
"id": "AttachmentType",
"module_id": "LogicalPort",
"title": "Type of attachment for logical port.",
"type": "string"
}
AttachmentTypeQueryString (type) (Deprecated)
{
"deprecated": true,
"enum": [
"VIF",
"LOGICALROUTER",
"BRIDGEENDPOINT",
"DHCP_SERVICE",
"METADATA_PROXY",
"L2VPN_SESSION",
"NONE"
],
"id": "AttachmentTypeQueryString",
"module_id": "LogicalPort",
"title": "Type of attachment for logical port; for query only.",
"type": "string"
}
Attribute (type)
{
"description": "Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.",
"id": "Attribute",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"attribute_type": {
"description": "Attribute Type can be of any of the allowed enum type.",
"enum": [
"IP_ADDRESS",
"PORT",
"PASSWORD",
"STRING",
"LONG",
"BOOLEAN"
],
"readonly": false,
"required": false,
"title": "Attributetype.",
"type": "string"
},
"display_name": {
"description": "Attribute display name string value.",
"readonly": false,
"required": false,
"title": "Display name",
"type": "string"
},
"key": {
"description": "Attribute key string value.",
"readonly": false,
"required": true,
"title": "key",
"type": "string"
},
"read_only": {
"default": false,
"description": "Read only Attribute cannot be overdidden by service instance/deployment.",
"readonly": false,
"required": false,
"title": "read only",
"type": "boolean"
},
"value": {
"description": "Attribute value string value.",
"readonly": false,
"required": false,
"title": "value",
"type": "string"
}
},
"title": "Attributes",
"type": "object"
}
AttributeVal (type)
{
"description": "Contains type specific properties of generic realized entity",
"id": "AttributeVal",
"module_id": "PolicyRealizedState",
"properties": {
"data_type": {
"description": "Datatype of the property",
"enum": [
"STRING",
"DATE",
"INTEGER",
"BOOLEAN"
],
"readonly": true,
"required": true,
"title": "Datatype of property represented by this attribute",
"type": "string"
},
"key": {
"description": "Attribute key",
"required": false,
"title": "Key for the attribute value",
"type": "string"
},
"multivalue": {
"description": "If attribute has a single value or collection of values",
"readonly": true,
"title": "multivalue flag",
"type": "boolean"
},
"values": {
"description": "List of attribute values",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of values for the attribute",
"type": "array"
}
},
"title": "Attribute values of realized type",
"type": "object"
}
AuditLog (type)
{
"additionalProperties": false,
"id": "AuditLog",
"properties": {
"appname": {
"required": true,
"title": "Application name field of the log",
"type": "string"
},
"facility": {
"required": true,
"title": "Facility field of the log",
"type": "integer"
},
"full_log": {
"required": true,
"title": "Full log with both header and message",
"type": "string"
},
"hostname": {
"required": true,
"title": "Hostname field of the log",
"type": "string"
},
"message": {
"required": true,
"title": "Message field of the log",
"type": "string"
},
"msgid": {
"required": true,
"title": "Message ID field of the log",
"type": "string"
},
"priority": {
"required": true,
"title": "Priority field of the log",
"type": "integer"
},
"procid": {
"required": true,
"title": "Process ID field of the log",
"type": "integer"
},
"struct_data": {
"$ref": "StructuredData,
"required": true,
"title": "Structured data field of the log"
},
"timestamp": {
"required": true,
"title": "Date and time in UTC of the log",
"type": "string"
}
},
"title": "Audit log in RFC5424 format",
"type": "object"
}
AuditLogListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "AuditLogListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_full_sync_timestamp": {
"required": true,
"title": "Timestamp of the last full audit log collection",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AuditLog
},
"required": true,
"title": "Audit log results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Audit log collection results",
"type": "object"
}
AuditLogQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "AuditLogQueryParameters",
"properties": {
"cursor": {
"description": "A log cursor points to a specific line number in the master audit log",
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "integer"
},
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"page_size": {
"default": 100,
"description": "The page size determines the number of logs to be returned",
"maximum": 100,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
}
},
"type": "object"
}
AuditLogRequest (type)
{
"additionalProperties": false,
"id": "AuditLogRequest",
"properties": {
"log_age_limit": {
"minimum": 0,
"title": "Include logs with timstamps not past the age limit in days",
"type": "integer"
},
"log_filter": {
"required": false,
"title": "Audit logs should meet the filter condition",
"type": "string"
},
"log_filter_type": {
"default": "TEXT",
"enum": [
"TEXT",
"REGEX"
],
"title": "Type of log filter",
"type": "string"
}
},
"type": "object"
}
AuthServiceProperties (type)
{
"id": "AuthServiceProperties",
"properties": {
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
}
},
"title": "Auth Service properties",
"type": "object"
}
AuthenticationPolicyProperties (type)
{
"additionalProperties": {},
"extends": {
"$ref": "PasswordComplexityProperties
},
"id": "AuthenticationPolicyProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_retry_prompt": {
"default": 3,
"readonly": true,
"title": "Prompt user at most N times before returning with error.",
"type": "integer"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"api_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 9000,
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"api_failed_auth_reset_period": {
"default": 900,
"description": "In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 9000,
"minimum": 0,
"title": "Period, in seconds, for authentication failures to trigger lockout",
"type": "integer"
},
"api_max_auth_failures": {
"default": 5,
"description": "Only applies to NSX Manager nodes. Ignored on other node types.",
"maximum": 50,
"minimum": 0,
"title": "Number of authentication failures that trigger API lockout",
"type": "integer"
},
"cli_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.",
"maximum": 604800,
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"cli_max_auth_failures": {
"default": 5,
"maximum": 10,
"minimum": 0,
"title": "Number of authentication failures that trigger CLI lockout",
"type": "integer"
},
"digits": {
"default": -1,
"description": "Number of digits (0..9) expected in user password. <p>N < 0, to set minimum credit for having digits in the new password, i.e. this is the minimum number of digits that must be met for a new password.</p> <p>N > 0, to set maximum credit for having digits in the new password, i.e. per occurrence of digit in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> digits.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 digit is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of digits in password",
"type": "integer"
},
"hash_algorithm": {
"default": "sha512",
"description": "Sets hash/cryptographic algorithm type for new passwords.",
"enum": [
"sha512",
"sha256"
],
"title": "Hash algorithm",
"type": "string"
},
"lower_chars": {
"default": -1,
"description": "Number of lower case characters (a..z) expected in user password. <p>N < 0, to set minimum credit for having lower case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having lower case characters in the new password, i.e. per occurrence of lower case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> lower case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 lower case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of lower-case characters in password",
"type": "integer"
},
"max_repeats": {
"default": 0,
"description": "Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of same consecutive characters",
"type": "integer"
},
"max_sequence": {
"default": 0,
"description": "Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Length of permissible monotonic sequence in password substring",
"type": "integer"
},
"maximum_password_length": {
"default": 128,
"description": "Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters.",
"maximum": 128,
"minimum": 8,
"title": "Maximum password length",
"type": "integer"
},
"minimum_password_length": {
"default": 12,
"description": "Minimum number of characters expected in password; user can not set their password of length less than this parameter.<br /> NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - <p>if existing appliance is configured with <code>minimum_password_length</code> less than current default value, then upgraded appliance will reset the configured setting back to recommended default; which can be explicitly modified back to original value or any other integer greater than or equal to supported minimum value.</p> <p>VMware recommends to set strong passwords for systems and appliances, further suggests to maintain strong <code>minimum_password_length</code> value. NSX resets this value to default and recommends to maintain upgraded default value or above for password complexity requirement.</p> <p>If any existing user passwords are set with length of less than newly configured <code>minimum_password_length</code>, then its recommended to reset the user passwords as per newly configured password complexity compliance.</p> <p>If existing <code>minimum_password_length</code> is greater than or equal to default value, which shall be retained as it is in newly upgraded appliance.</p> By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed.",
"maximum": 128,
"minimum": 8,
"title": "Minimum password length",
"type": "integer"
},
"minimum_unique_chars": {
"default": 0,
"description": "Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of unique characters from old password",
"type": "integer"
},
"password_remembrance": {
"default": 0,
"description": "Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0.",
"minimum": 0,
"title": "Password remembrance from previous generations",
"type": "integer"
},
"special_chars": {
"default": -1,
"description": "Number of special characters (!@#$&*..) expected in user password. <p>N < 0, to set minimum credit for having special characters in the new password, i.e. this is the minimum number of special characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having special characters in the new password, i.e. per occurrence of special case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> special case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 special character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of special characters in password",
"type": "integer"
},
"upper_chars": {
"default": -1,
"description": "Number of upper case characters (A..Z) expected in user password. <p>N < 0, to set minimum credit for having upper case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having upper case characters in the new password, i.e. per occurrence of upper case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> upper case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 upper case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of upper-case characters in password",
"type": "integer"
}
},
"title": "Configuration of authentication and password policies for the NSX node",
"type": "object"
}
AuthenticationScheme (type)
{
"additionalProperties": {},
"id": "AuthenticationScheme",
"properties": {
"scheme_name": {
"required": true,
"title": "Authentication scheme name",
"type": "string"
}
},
"type": "object"
}
AutoRds (type)
{
"description": "This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations.",
"id": "AutoRds",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"l2_auto_rds": {
"items": {
"$ref": "L2AutoRD
},
"title": "List of layer 2 Auto assigned Route Distinguisher",
"type": "array"
},
"l3_auto_rd": {
"description": "This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway.",
"title": "Layer 3 Auto assigned Route Distinguisher",
"type": "string"
}
},
"title": "Auto assigned Route Distinguishers",
"type": "object"
}
AutomaticHealthCheck (type)
{
"description": "Health check performed by system automatically on a specific transport zone. For overlay based zone, health check is performed on corresponding N-VDS of each transport node with the VLAN and MTU specified by uplink profile of N-VDS for the node. For VLAN based zone, health check is performed on corresponding N-VDS of each transport node with MTU specified by uplink profile of N-VDS for the node and VLAN specified by all logical switches in this zone.",
"id": "AutomaticHealthCheck",
"module_id": "HealthCheck",
"properties": {
"result": {
"$ref": "HealthCheckResult,
"readonly": true
},
"transport_zone_id": {
"description": "ID of the transport zone where this automatic health check is performed.",
"readonly": true,
"title": "Transport Zone ID",
"type": "string"
}
},
"title": "Automatic Health Check",
"type": "object"
}
AutomaticHealthCheckListResult (type)
{
"description": "Automatic health check list result for query with list parameters.",
"extends": {
"$ref": "ListResult
},
"id": "AutomaticHealthCheckListResult",
"module_id": "HealthCheck",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "AutomaticHealthCheck
},
"readonly": true,
"title": "Automatic Health Check List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Automatic Health Checks",
"type": "object"
}
AutomaticHealthCheckToggle (type)
{
"description": "Toggle to enable/disable automatic health check.",
"extends": {
"$ref": "ManagedResource
},
"id": "AutomaticHealthCheckToggle",
"module_id": "HealthCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"required": true,
"title": "Status of automatic health check",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Automatic Health Check Toggle",
"type": "object"
}
AviConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a AVI type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "AviConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "AviConnectionInfo"
},
"properties": {
"certificate": {
"description": "Certificate used when on-borading workflow created by LCM/VCF.",
"required": false,
"title": "Certificate used when on-borading workflow created by LCM/VCF.",
"type": "string"
},
"cloud": {
"deprecated": true,
"description": "Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity.",
"required": false,
"sensitive": false,
"title": "Cloud",
"type": "string"
},
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"is_default_cert": {
"description": "Advanced Load Balancer controller using default portal certificate.",
"required": false,
"title": "Advanced Load Balancer controller using default portal certificate.",
"type": "boolean"
},
"managed_by": {
"description": "Managed by used when on-borading workflow created by LCM/VCF.",
"required": false,
"title": "Managed by used when on-borading workflow created by LCM/VCF.",
"type": "string"
},
"password": {
"description": "Password or Token for Avi Controller.",
"required": true,
"sensitive": true,
"title": "Password or Token for Avi Controller",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"status": {
"$ref": "ALBEnforcementPointState,
"default": "DEACTIVATE_API",
"description": "This is connection property which checks whether ALB is connected to the controller. Enum options - ACTIVATE, DEACTIVATE_PROVIDER, DEACTIVATE_API. Default value is DEACTIVATE_API.",
"required": true,
"title": "Enforcement point state for ALB"
},
"tenant": {
"description": "A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant",
"required": true,
"sensitive": false,
"title": "Tenant",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
},
"version": {
"deprecated": true,
"description": "Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs",
"required": false,
"sensitive": false,
"title": "Version",
"type": "string"
}
},
"title": "Avi Connection Info",
"type": "object"
}
AviEndPoint (type)
{
"additionalProperties": false,
"description": "Details about the AVI LB endpoint",
"id": "AviEndPoint",
"module_id": "Migration",
"properties": {
"avi_endpoint_ip": {
"description": "IP address of the AVI LB endpoint.",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "IP address of the AVI LB endpoint",
"type": "string"
},
"avi_endpoint_password": {
"description": "Password for AVI LB endpoint.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Password for AVI LB endpoint",
"type": "secure_string"
},
"avi_endpoint_port": {
"default": 443,
"description": "AVI LB endpoint port.",
"readonly": false,
"required": false,
"title": "AVI LB endpoint port",
"type": "int"
},
"avi_endpoint_username": {
"description": "Username for AVI LB endpoint.",
"readonly": false,
"required": true,
"title": "Username for AVI LB endpoint",
"type": "string"
}
},
"title": "AVI LB endpoint details",
"type": "object"
}
Axes (type)
{
"additionalProperties": false,
"description": "Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.",
"id": "Axes",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"x_label": {
"$ref": "Label,
"decription": "Describes the X axis of a graph. If x_label is not specified, the label will not appear for X axis. To have a support for mulitple condition use 'x-labels' property.",
"title": "Label for X axis of a graph"
},
"x_labels": {
"description": "A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of X-Axis Labels with condition support.",
"type": "array"
},
"y_axis_unit_labels": {
"description": "A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of Y-Axis unit Labels with condition support.",
"type": "array"
},
"y_axis_units": {
"description": "A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc.",
"items": {
"$ref": "AxisUnit
},
"minItems": 0,
"title": "A list of Y-Axis unit with condition support.",
"type": "array"
},
"y_label": {
"$ref": "Label,
"decription": "Describes the Y axis of a graph. If y_label is not specified, the label will not appear for Y axis.",
"title": "Label for Y axis of a graph"
},
"y_labels": {
"description": "A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of Y-Axis Labels with condition support.",
"type": "array"
}
},
"title": "Axes of a graph",
"type": "object"
}
AxisUnit (type)
{
"additionalProperties": false,
"description": "Represents X and Y axis unit of a graph.",
"id": "AxisUnit",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"unit": {
"description": "An Axis unit.",
"enum": [
"COUNT",
"PERCENT",
"BYTES",
"MILLISECONDS",
"SECONDS",
"MINUTE",
"HOUR",
"DAY",
"KILO_BYTES",
"MEGA_BYTES",
"GIGA_BYTES"
],
"title": "An Axis unit.",
"type": "string"
}
},
"title": "Axis unit of a graph",
"type": "object"
}
BFDDiagnosticCount (type)
{
"additionalProperties": false,
"id": "BFDDiagnosticCount",
"module_id": "Heatmap",
"properties": {
"administratively_down_count": {
"description": "Number of tunnels with administratively down diagnostic message",
"title": "Number of tunnels with administratively message",
"type": "integer"
},
"concatenated_path_down_count": {
"description": "Number of tunnels with concatenated path down diagnostic message",
"title": "Number of tunnels with concatenated message",
"type": "integer"
},
"control_detection_time_expired_count": {
"description": "Number of tunnels with control detection time expired diagnostic message",
"title": "Number of tunnels with expired message",
"type": "integer"
},
"echo_function_failed_count": {
"description": "Number of tunnels with echo function failed diagnostic message",
"title": "Number of tunnels with failed message",
"type": "integer"
},
"forwarding_plane_reset_count": {
"description": "Number of tunnels with forwarding plane reset diagnostic message",
"title": "Number of tunnels with reset message",
"type": "integer"
},
"neighbor_signaled_session_down_count": {
"title": "Number of tunnels neighbor signaled session down",
"type": "integer"
},
"no_diagnostic_count": {
"title": "Number of tunnels with no diagnostic",
"type": "integer"
},
"path_down_count": {
"description": "Number of tunnels with path down diagnostic message",
"title": "Number of tunnels with path down message",
"type": "integer"
},
"reverse_concatenated_path_down_count": {
"description": "Number of tunnels with reverse concatenated path down diagnostic message",
"title": "Number of tunnels with reverse message",
"type": "integer"
}
},
"type": "object"
}
BFDProperties (type)
{
"additionalProperties": false,
"id": "BFDProperties",
"module_id": "Tunnel",
"properties": {
"active": {
"readonly": true,
"required": false,
"title": "True if tunnel is active in a gateway HA setup",
"type": "boolean"
},
"bfd_encap": {
"description": "The encapsulation type of BFD. GENEVE - BFD with GENEVE encapsulation NONE - BFD with no encapsulation UNKNOWN_ENCAP - BFD with unknown encapsulation",
"enum": [
"GENEVE",
"NONE",
"UNKNOWN_ENCAP"
],
"title": "BFD encapsulation type",
"type": "string"
},
"diagnostic": {
"description": "A short message indicating what the BFD session thinks is wrong in case of a problem",
"readonly": true,
"required": false,
"title": "Diagnostic message of a problem",
"type": "string"
},
"forwarding": {
"readonly": true,
"required": false,
"title": "True if the BFD session believes this interface may be used to forward traffic",
"type": "boolean"
},
"remote_diagnostic": {
"description": "A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem",
"readonly": true,
"required": false,
"title": "Diagnostic message of a problem",
"type": "string"
},
"remote_state": {
"enum": [
"UNKNOWN_STATE",
"ADMIN_DOWN",
"DOWN",
"INIT",
"UP"
],
"readonly": true,
"required": false,
"title": "State of the remote interface's BFD session",
"type": "string"
},
"state": {
"enum": [
"UNKNOWN_STATE",
"ADMIN_DOWN",
"DOWN",
"INIT",
"UP"
],
"readonly": true,
"required": false,
"title": "State of the BFD session",
"type": "string"
}
},
"title": "BFD information",
"type": "object"
}
BFDStatusCount (type)
{
"additionalProperties": false,
"id": "BFDStatusCount",
"module_id": "Heatmap",
"properties": {
"bfd_admin_down_count": {
"title": "Number of tunnels in BFD admin down state",
"type": "int"
},
"bfd_down_count": {
"title": "Number of tunnels in BFD down state",
"type": "int"
},
"bfd_init_count": {
"title": "Number of tunnels in BFD init state",
"type": "int"
},
"bfd_up_count": {
"title": "Number of tunnels in BFD up state",
"type": "int"
}
},
"type": "object"
}
BGPCommunityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "BGPCommunityList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"communities": {
"description": "Array of BGP communities",
"items": {
"type": "string"
},
"required": true,
"title": "BGP community list",
"type": "array"
},
"community_type": {
"default": "NormalBGPCommunity",
"description": "BGP community type. It has two types as NormalBGPCommunity BGP normal community which includes well-known community name as well as community value in range from [1-4294967295] or value in aa:nn format(aa/nn range from 1-65535). LargeBGPCommunity BGP large community which includes community value in aa:bb:nn format where aa, bb, nn are unsigned integers in the range [1-4294967295].",
"enum": [
"NormalBGPCommunity",
"LargeBGPCommunity"
],
"title": "BGP community type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BGPCommunityListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BGPCommunityListListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paginated list of bgp community lists",
"items": {
"$ref": "BGPCommunityList
},
"required": false,
"title": "List of bgp communities",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BMSGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing Physical server external ID and enforcement point path",
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "BMSGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"physical_server_external_id": {
"required": true,
"title": "Physical external ID",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing Physical server external ID and enforcement point path",
"type": "object"
}
BackupConfiguration (type)
{
"additionalProperties": false,
"id": "BackupConfiguration",
"module_id": "BackupConfiguration",
"properties": {
"after_inventory_update_interval": {
"maximum": 86400,
"minimum": 300,
"required": false,
"title": "A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups.",
"type": "integer"
},
"backup_enabled": {
"default": false,
"title": "true if automated backup is enabled",
"type": "boolean"
},
"backup_schedule": {
"$ref": "BackupSchedule,
"title": "Set when backups should be taken - on a weekly schedule or at regular intervals."
},
"inventory_summary_interval": {
"default": 240,
"maximum": 3600,
"minimum": 30,
"title": "The minimum number of seconds between each upload of the inventory summary to backup server.",
"type": "integer"
},
"passphrase": {
"description": "Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character).",
"sensitive": true,
"title": "Passphrase used to encrypt backup files.",
"type": "secure_string"
},
"remote_file_server": {
"$ref": "RemoteFileServer,
"required": false,
"title": "The server to which backups will be sent."
}
},
"title": "Configuration for taking manual/automated backup",
"type": "object"
}
BackupFrameRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters (site_id, etc), that describes a backup/restore frame",
"id": "BackupFrameRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"site_id": {
"default": "localhost",
"description": "Site ID of LM site, which will be supported in a frame",
"required": false,
"title": "Site ID",
"type": "string"
}
},
"title": "Backup Frame Request Parameters",
"type": "object"
}
BackupOperationHistory (type)
{
"additionalProperties": false,
"id": "BackupOperationHistory",
"module_id": "BackupConfiguration",
"properties": {
"cluster_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous cluster backups",
"type": "array"
},
"inventory_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous inventory backups",
"type": "array"
},
"node_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous node backups",
"type": "array"
},
"overall_backup_status": {
"description": "This attribute is used to indicate the overall backup status",
"enum": [
"NOT_AVAILABLE",
"IN_PROGRESS",
"SUCCESS",
"FAILED"
],
"required": false,
"title": "Overall status of last backup",
"type": "string"
}
},
"title": "Past backup operation details",
"type": "object"
}
BackupOperationStatus (type)
{
"additionalProperties": false,
"id": "BackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": true,
"title": "Unique identifier of a backup",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was ended"
},
"error_code": {
"enum": [
"BACKUP_NOT_RUN_ON_MASTER",
"BACKUP_SERVER_UNREACHABLE",
"BACKUP_AUTHENTICATION_FAILURE",
"BACKUP_PERMISSION_ERROR",
"BACKUP_TIMEOUT",
"BACKUP_BAD_FINGERPRINT",
"BACKUP_GENERIC_ERROR",
"UPGRADE_IN_PROGRESS",
"CERTIFICATE_ROTATION_IN_PROGRESS"
],
"required": false,
"title": "Error code",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error code details",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was started"
},
"success": {
"required": true,
"title": "True if backup is successfully completed, else false",
"type": "boolean"
}
},
"readOnly": true,
"title": "Backup operation status",
"type": "object"
}
BackupOverview (type)
{
"description": "Data for a single backup/restore card",
"extends": {
"$ref": "ClusterBackupInfoListResult
},
"id": "BackupOverview",
"module_id": "BackupConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"backup_config": {
"$ref": "BackupConfiguration,
"description": "Configuration to generate a manual/automated backup",
"required": true,
"title": "Backup configuration"
},
"backup_operation_history": {
"$ref": "BackupOperationHistory,
"description": "Status of the last backup execution per component",
"required": true,
"title": "Last backup status"
},
"current_backup_operation_status": {
"$ref": "CurrentBackupOperationStatus,
"description": "Backup status decribes type, phase, success/failure and time of a | latest backup execution",
"required": true,
"title": "Current backup status"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"restore_status": {
"$ref": "ClusterRestoreStatus,
"description": "Status of restore process executing/executed on appliance",
"required": true,
"title": "Current restore status"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview",
"type": "object"
}
BackupOverviewRequestParameters (type)
{
"description": "Parameters, that REST API client needs to provide, in order to get data for a backup/restore card with or without a list of generated backups.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "BackupOverviewRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"show_backups_list": {
"default": true,
"description": "True to request a list of backups",
"required": false,
"title": "Need a list of backups",
"type": "boolean"
},
"site_id": {
"default": "localhost",
"description": "UUID of LM site, which will be supported in a frame",
"required": false,
"title": "UUID of the site",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview request parameters",
"type": "object"
}
BackupSchedule (type)
{
"abstract": true,
"id": "BackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
}
},
"title": "Abstract base type for Weekly or Interval Backup Schedule",
"type": "object"
}
BackupUiFramesInfo (type)
{
"id": "BackupUiFramesInfo",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"readonly": true,
"required": false,
"title": "Does site have active GM",
"type": "string"
},
"api_endpoint": {
"enum": [
"global-manager",
"nsxapi",
"ica"
],
"readonly": true,
"required": true,
"title": "prefix to be used for api call",
"type": "string"
},
"frame_type": {
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"help_detail": "This attribute is used to indicate the service on current\nsite or other site for which backup is handled.\nLOCAL_LOCAL_MANAGER corresponds to local LM of the site.\nLOCAL_MANAGER cprresponds to LM of other site.\n",
"readonly": true,
"required": true,
"title": "Type of service, for which backup is handled",
"type": "string"
},
"site_id": {
"readonly": true,
"required": true,
"title": "Id of the site",
"type": "string"
},
"site_version": {
"readonly": true,
"required": true,
"title": "Version of the site",
"type": "string"
}
},
"type": "object"
}
BackupUiFramesInfoList (type)
{
"id": "BackupUiFramesInfoList",
"properties": {
"backup_frames_list": {
"items": {
"$ref": "BackupUiFramesInfo
},
"readonly": true,
"required": true,
"title": "List of backup frames(and metadata) to be displayed in UI",
"type": "array"
}
},
"type": "object"
}
BaseConsolidatedStatusPerEnforcementPoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "BaseConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Base class for ConsolidatedStatusPerEnforcementPoint",
"type": "object"
}
BaseCountObservation (type)
{
"description": "The count action results from aggregating checkpoints per port.",
"extends": {
"$ref": "CountObservation
},
"id": "BaseCountObservation",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "BaseCountObservation"
},
"properties": {
"checkpoints": {
"$ref": "CheckpointCounterResult,
"description": "The count result from checkpoints associated with this port",
"readonly": true,
"required": false,
"title": "Count result from checkpoints associated with this port"
},
"port_id": {
"description": "The port identifier in UUID format. This field won't appear together with port_name.",
"readonly": true,
"required": false,
"title": "Port ID",
"type": "string"
},
"port_name": {
"description": "The port name for a port. It applies to ports like the uplink port. This field won't appear together with port_id.",
"readonly": true,
"required": false,
"title": "Port Name",
"type": "string"
},
"resource_type": {
"required": true,
"title": "Type of count observation",
"type": "string"
},
"transport_node_id": {
"description": "This field tells which transport node the checkpoints are reported from.",
"readonly": true,
"required": false,
"title": "Transport node ID",
"type": "string"
}
},
"type": "object"
}
BaseEdgeStatisticsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "BaseEdgeStatisticsRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BaseEndpoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an endpoint which will be used as subject in rule. It is a polymorphic type object which can be either of the types - 1. Virtual 2. Logical We have 2 separate objects representing these 2 types. VirtualEndPoint for Virtual type and ServiceInstanceEndpoint for Logical.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An endpoint to be used in redirection rule",
"type": "object"
}
BaseFirewallProfile (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource
},
"id": "BaseFirewallProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseHostSwitchProfile (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "BaseHostSwitchProfile",
"module_id": "BaseHostSwitchProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseInterfaceGroup (type)
{
"additionalProperties": false,
"description": "Tier0/Tier1 Interface group for interface grouping.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseInterfaceGroup",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of interface reference. Interface must belong to same location.",
"items": {
"$ref": "GatewayInterfaceReference
},
"required": false,
"title": "Tier0/Tier1 interface memeber list",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base gateway Interface group",
"type": "object"
}
BaseListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "BaseListRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BaseNodeAggregateInfo (type)
{
"additionalProperties": false,
"id": "BaseNodeAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"display_name": {
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_interface_properties": {
"items": {
"$ref": "NodeInterfaceProperties
},
"readonly": true,
"title": "Array of Node interface statistic properties",
"type": "array"
},
"node_interface_statistics": {
"items": {
"$ref": "NodeInterfaceStatisticsProperties
},
"readonly": true,
"title": "Array of Node network interface statistic properties",
"type": "array"
},
"node_status": {
"$ref": "ClusterNodeStatus,
"readonly": true
},
"node_status_properties": {
"items": {
"$ref": "NodeStatusProperties
},
"title": "Time series of the node's system properties",
"type": "array"
}
},
"type": "object"
}
BasePktCapResource (type)
{
"abstract": true,
"id": "BasePktCapResource",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"required": true,
"title": "Type of packet capture resource",
"type": "string"
}
},
"type": "object"
}
BasePolicyServiceInstance (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an instance of partner Service and its configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BasePolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an instance of partner Service and its configuration",
"type": "object"
}
BaseRule (type)
{
"additionalProperties": false,
"description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseRule",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule represent base properties for ,dfw, forwarding, redirection rule",
"type": "object"
}
BaseRuleListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "BaseRuleListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
BaseServiceInstance (type)
{
"abstract": true,
"description": "The deployment of a registered service. service instance is instantiation of service.",
"extends": {
"$ref": "ManagedResource
},
"id": "BaseServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType,
"required": true
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Base Instance of a service",
"type": "object"
}
BaseServiceProfile (type)
{
"description": "Base Service Profile",
"extends": {
"$ref": "ManagedResource
},
"id": "BaseServiceProfile",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'",
"required": true,
"title": "Service Profile Resource type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base Service Profile",
"type": "object"
}
BaseSwitchingProfile (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "BaseSwitchingProfile",
"module_id": "BaseSwitchingProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BaseTier0Interface (type)
{
"additionalProperties": false,
"description": "Tier-0 interface configuration for external connectivity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseTier0Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-0 interface configuration",
"type": "object"
}
BasicAuthenticationScheme (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AuthenticationScheme
},
"id": "BasicAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"basic"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^.+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
BatchParameter (type)
{
"id": "BatchParameter",
"module_id": "Common",
"properties": {
"atomic": {
"default": false,
"description": "This flag is ignored. Transactional atomicity is no longer supported.",
"required": false,
"title": "Ignored (transactional atomicity flag)",
"type": "boolean"
}
},
"title": "Options that affect how batch operations are processed",
"type": "object"
}
BatchRequest (type)
{
"id": "BatchRequest",
"module_id": "Common",
"properties": {
"continue_on_error": {
"default": true,
"description": "Continue even if an error is encountered.",
"required": false,
"type": "boolean"
},
"requests": {
"items": {
"$ref": "BatchRequestItem
},
"sensitive": true,
"type": "array"
}
},
"title": "A set of operations to be performed in a single batch",
"type": "object"
}
BatchRequestItem (type)
{
"id": "BatchRequestItem",
"module_id": "Common",
"properties": {
"body": {
"type": "object"
},
"method": {
"description": "http method type",
"enum": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"required": true,
"title": "method type(POST/PUT/DELETE/UPDATE)",
"type": "string"
},
"uri": {
"description": "relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters",
"required": true,
"title": "Internal uri of the call",
"type": "string"
}
},
"title": "A single request within a batch of operations",
"type": "object"
}
BatchResponse (type)
{
"additionalProperties": false,
"id": "BatchResponse",
"module_id": "Common",
"properties": {
"has_errors": {
"description": "Indicates if any of the APIs failed",
"title": "errors indicator",
"type": "boolean"
},
"results": {
"items": {
"$ref": "BatchResponseItem
},
"required": true,
"title": "Bulk list results",
"type": "array"
},
"rolled_back": {
"description": "Optional flag indicating that all items were rolled back even if succeeded initially",
"title": "indicates if all items were rolled back.",
"type": "boolean"
}
},
"title": "The reponse to a batch operation",
"type": "object"
}
BatchResponseItem (type)
{
"id": "BatchResponseItem",
"module_id": "Common",
"properties": {
"body": {
"description": "object returned by api",
"required": false,
"title": "object returned by api",
"type": "object"
},
"code": {
"description": "http status code",
"required": true,
"title": "object returned by api",
"type": "integer"
},
"headers": {
"description": "The headers returned by the API call",
"title": "object returned by api",
"type": "object"
}
},
"title": "A single respose in a list of batched responses",
"type": "object"
}
BfdConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "BfdConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"required": false,
"title": "Flag to enable BFD for this LogicalRouter",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"receive_interval": {
"default": 500,
"description": "the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Receive interval for heartbeats",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transmit_interval": {
"default": 500,
"description": "the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Transmit interval for heartbeats",
"type": "integer"
}
},
"title": "BFD configuration for LogicalRouter",
"type": "object"
}
BfdConfigParameters (type)
{
"id": "BfdConfigParameters",
"module_id": "Routing",
"properties": {
"declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"receive_interval": {
"default": 500,
"description": "The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 50ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 500ms.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Receive interval for heartbeats",
"type": "integer"
},
"transmit_interval": {
"default": 500,
"description": "The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.",
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "Transmit interval for heartbeats",
"type": "integer"
}
},
"title": "BFD configuration for the given Peer.",
"type": "object"
}
BfdHealthMonitoringConfig (type)
{
"description": "Bfd Health Monitoring Options used specific to BFD Transport Zone profiles",
"id": "BfdHealthMonitoringConfig",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"enabled": {
"required": true,
"title": "Whether the heartbeat is enabled. A PATCH or PUT request with \"enabled\" false (with no probe intervals) will set or reset the probe_interval to their default value.",
"type": "boolean"
},
"latency_enabled": {
"description": "The flag is to turn on/off latency. A PATCH or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.",
"required": false,
"title": "Whether the latency is enabled.",
"type": "boolean"
},
"probe_interval": {
"default": 1000,
"minimum": 300,
"required": false,
"title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.",
"type": "integer"
}
},
"title": "Bfd Health Monitoring Options",
"type": "object"
}
BfdHealthMonitoringProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "TransportZoneProfile
},
"id": "BfdHealthMonitoringProfile",
"module_id": "BfdHealthMonitoringProfile",
"polymorphic-type-descriptor": {
"type-identifier": "BfdHealthMonitoringProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"required": true,
"title": "Whether the heartbeat is enabled. A POST or PUT request with \"enabled\" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"latency_enabled": {
"description": "The flag is to turn on/off latency. A POST or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.",
"required": false,
"title": "Whether the latency is enabled.",
"type": "boolean"
},
"probe_interval": {
"default": 1000,
"minimum": 300,
"required": false,
"title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.",
"type": "integer"
},
"resource_type": {
"enum": [
"BfdHealthMonitoringProfile"
],
"help_summary": "Possible value is 'BfdHealthMonitoringProfile'",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD health monitoring",
"type": "object"
}
BfdProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BfdProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Bidirectional Forwarding Detection configuration for BGP peers",
"type": "object"
}
BfdProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of BfdProfile.",
"extends": {
"$ref": "ListResult
},
"id": "BfdProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Bfd Profile list results.",
"items": {
"$ref": "BfdProfile
},
"required": true,
"title": "Bfd Profile List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of BfdProfile",
"type": "object"
}
BgpAddressFamily (type)
{
"additionalProperties": false,
"id": "BgpAddressFamily",
"module_id": "AggSvcLogicalRouter",
"properties": {
"in_prefix_count": {
"description": "Count of in prefixes",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"out_prefix_count": {
"description": "Count of out prefixes",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"type": {
"description": "BGP address family type",
"enum": [
"IPV4_UNICAST",
"VPNV4_UNICAST",
"IPV6_UNICAST",
"L2VPN_EVPN",
"VPNV6_UNICAST"
],
"readonly": true,
"required": true,
"title": "BGP address family type",
"type": "string"
}
},
"type": "object"
}
BgpBfdConfig (type)
{
"additionalProperties": false,
"id": "BgpBfdConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "Flag to enable BFD cofiguration.",
"title": "Flag to enable BFD cofiguration",
"type": "boolean"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
}
},
"title": "BFD configuration for BGP peers",
"type": "object"
}
BgpConfig (type)
{
"additionalProperties": false,
"description": "BGP configuration for Tier0 logical router. We create BGP configuration while creation of Tier0 logical router.",
"extends": {
"$ref": "ManagedResource
},
"id": "BgpConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"as_num": {
"description": "For VRF logical router, the as_num from parent logical router will be effective.",
"required": false,
"title": "4 Byte ASN in ASPLAIN/ASDOT Format",
"type": "string"
},
"as_number": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'as_num' instead. For VRF logical router, the as_number from parent logical router will be effective.",
"maximum": 4294967296,
"minimum": 1,
"required": false,
"title": "Autonomous System Number",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ecmp": {
"default": true,
"description": "While creation of BGP config this flag will be set to true User can change this value while updating BGP config. If this property is not specified in the payload, the default value will be considered as true.",
"required": false,
"title": "Flag to enable outbound ECMP",
"type": "boolean"
},
"enabled": {
"default": false,
"description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating the config. If this property is not specified in the payload, the default value will be considered as false irrespective of the high-availability mode.",
"required": false,
"title": "Flag to enable this configuration",
"type": "boolean"
},
"graceful_restart": {
"deprecated": true,
"description": "Flag to enable graceful restart. This field is deprecated, kindly use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other [i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "Flag to enable graceful restart",
"type": "boolean"
},
"graceful_restart_config": {
"$ref": "GracefulRestartConfig,
"description": "Configuration parameters for BGP Graceful Restart functionality. It has graceful_restart_mode and graceful_restart_timer parameters. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "BGP Graceful Restart configuration"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_sr_ibgp": {
"$ref": "InterSRRoutingConfig,
"required": false,
"title": "Inter SR IBGP configuration"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"multipath_relax": {
"description": "For TIER0 logical router, default is true. For VRF logical router, the settings from parent logical router will be effective.",
"required": false,
"title": "Flag to enable BGP multipath relax option.",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_aggregation": {
"items": {
"$ref": "BgpRouteAggregation
},
"maxItems": 1000,
"minItems": 0,
"required": false,
"title": "List of routes to be aggregated",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "BGP configuration for logical router",
"type": "object"
}
BgpGracefulRestartConfig (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart mode and timer.",
"id": "BgpGracefulRestartConfig",
"module_id": "PolicyConnectivity",
"properties": {
"mode": {
"default": "HELPER_ONLY",
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"required": false,
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"timer": {
"$ref": "BgpGracefulRestartTimer,
"description": "Configuration field to hold BGP restart timers.",
"title": "BGP Graceful Restart Timer"
}
},
"title": "BGP Graceful Restart Configuration",
"type": "object"
}
BgpGracefulRestartTimer (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart timers",
"id": "BgpGracefulRestartTimer",
"module_id": "PolicyConnectivity",
"properties": {
"restart_timer": {
"default": 180,
"description": "Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Graceful Restart Timer",
"type": "integer"
},
"stale_route_timer": {
"default": 600,
"description": "Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Stale Route Timer",
"type": "integer"
}
},
"title": "BGP Graceful Restart Timers",
"type": "object"
}
BgpNeighbor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "BgpNeighbor",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_families": {
"description": "User can enable the neighbor for the specific address families and also define filters per address family. When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons. User can change that if required, by defining the address family configuration.",
"items": {
"$ref": "BgpNeighborAddressFamily
},
"required": false,
"title": "AddressFamily settings for the neighbor",
"type": "array"
},
"allow_as_in": {
"default": false,
"required": false,
"title": "Flag to enable allowas_in option for BGP neighbor",
"type": "boolean"
},
"bfd_config": {
"$ref": "BfdConfigParameters,
"description": "By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer)",
"required": false,
"title": "BFD Configuration Parameters for the given peer."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_bfd": {
"default": false,
"description": "Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence.",
"required": false,
"title": "Enable BFD for this BGP Neighbor",
"type": "boolean"
},
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this BGP Neighbor",
"type": "boolean"
},
"filter_in_ipprefixlist_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_in_routemap_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "RouteMap to be used for IN direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_out_ipprefixlist_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family",
"type": "string"
},
"filter_out_routemap_id": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'address_family' instead.",
"required": false,
"title": "RouteMap to be used for OUT direction filter for IPV4_UNICAST address family",
"type": "string"
},
"graceful_restart_mode": {
"$ref": "GracefulRestartMode,
"description": "BGP Graceful Restart mode. If specified, then it will take precedence over global Graceful Restart mode configured in logical router BgpConfig otherwise BgpConfig level Graceful Restart mode will be applicable for peer.",
"required": false,
"title": "Graceful Restart Mode"
},
"hold_down_timer": {
"default": 180,
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Wait period (seconds) before declaring peer dead",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"keep_alive_timer": {
"default": 60,
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Frequency (seconds) with which keep alive messages are sent to peers",
"type": "integer"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"maximum_hop_limit": {
"default": 1,
"description": "This value is set on TTL(time to live) of BGP header. When router receives the BGP packet, it decrements the TTL. The default value of TTL is one when BPG request is initiated.So in the case of a BGP peer multiple hops away and and value of TTL is one, then next router in the path will decrement the TTL to 0, realize it cant forward the packet and will drop it. If the hop count value to reach neighbor is equal to or less than the maximum_hop_limit value then intermediate router decrements the TTL count by one and forwards the request to BGP neighour. If the hop count value is greater than the maximum_hop_limit value then intermediate router discards the request when TTL becomes 0.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Maximum Number of hops allowed to reach BGP neighbor",
"type": "int"
},
"neighbor_address": {
"$ref": "IPAddress,
"required": true,
"title": "Neighbor IP Address"
},
"password": {
"description": "User can create (POST) the neighbor with or without the password. The view (GET) on the neighbor, would never reveal if the password is set or not. The password can be set later using edit neighbor workFlow (PUT) On the edit neighbor (PUT), if the user does not specify the password property, the older value is retained. Maximum length of this field is 32 characters.",
"maxLength": 32,
"minLength": 1,
"required": false,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"remote_as": {
"deprecated": true,
"description": "This is a deprecated property, Please use 'remote_as_num' instead.",
"maximum": 4294967296,
"minimum": 1,
"required": false,
"title": "Autonomous System Number of the neighbor",
"type": "integer"
},
"remote_as_num": {
"required": false,
"title": "4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_address": {
"$ref": "IPAddress,
"deprecated": true,
"description": "Deprecated - do not provide a value for this field. Use source_addresses instead.",
"required": false,
"title": "Logical Router Uplink IP Address"
},
"source_addresses": {
"description": "BGP neighborship will be formed from all these source addresses to this neighbour.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": false,
"title": "Array of Logical Router Uplink IP Addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
BgpNeighborAddressFamily (type)
{
"id": "BgpNeighborAddressFamily",
"module_id": "Routing",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Enable this address family",
"type": "boolean"
},
"in_filter_ipprefixlist_id": {
"required": false,
"title": "Id of the IPPrefix List to be used for IN direction filter",
"type": "string"
},
"in_filter_routemap_id": {
"required": false,
"title": "Id of the RouteMap to be used for IN direction filter",
"type": "string"
},
"maximum_routes": {
"minimum": 0,
"required": false,
"title": "Maximum number of routes supported on the address family",
"type": "integer"
},
"out_filter_ipprefixlist_id": {
"required": false,
"title": "Id of the IPPrefixList to be used for OUT direction filter",
"type": "string"
},
"out_filter_routemap_id": {
"required": false,
"title": "Id of the RouteMap to be used for OUT direction filter",
"type": "string"
},
"type": {
"$ref": "AddressFamilyType,
"required": true,
"title": "Address family type"
}
},
"type": "object"
}
BgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Contains information necessary to configure a BGP neighbor.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BgpNeighborConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_as_in": {
"default": false,
"required": false,
"title": "Flag to enable allowas_in option for BGP neighbor",
"type": "boolean"
},
"bfd": {
"$ref": "BgpBfdConfig,
"description": "BFD configuration for failure detection. BFD is enabled with default values when not configured.",
"title": "BFD configuration for failure detection"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable/disable BGP peering. Disabling will stop the BGP peering. True - indicates enable BGP peering, False - indicates disable BGP peering. Default is True.",
"required": false,
"title": "Flag to enable/disable BGP peering.",
"type": "boolean"
},
"graceful_restart_mode": {
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"hold_down_time": {
"default": 180,
"description": "Wait time in seconds before declaring peer dead.",
"maximum": 65535,
"minimum": 1,
"title": "Wait time in seconds before declaring peer dead",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"in_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"keep_alive_time": {
"default": 60,
"description": "Interval (in seconds) between keep alive messages sent to peer.",
"maximum": 65535,
"minimum": 1,
"title": "Interval between keep alive messages sent to peer",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_hop_limit": {
"default": 1,
"description": "Maximum number of hops allowed to reach BGP neighbor.",
"maximum": 255,
"minimum": 1,
"title": "Maximum number of hops allowed to reach BGP neighbor",
"type": "int"
},
"neighbor_address": {
"$ref": "IPAddress,
"required": true,
"title": "Neighbor IP Address"
},
"neighbor_local_as_config": {
"$ref": "BgpNeighborLocalAsConfig,
"description": "Configuration field to hold the Local AS config for BGP Neighbor",
"required": false,
"title": "Local as configuration for BGP Neighbor"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"out_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "Specify password for BGP neighbor authentication. Empty string (\"\") clears existing password.",
"maxLength": 32,
"minLength": 0,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_as_num": {
"required": true,
"title": "4 Byte ASN of the neighbor in ASPLAIN Format",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_filtering": {
"description": "Enable address families and route filtering in each direction.",
"items": {
"$ref": "BgpRouteFiltering
},
"maxItems": 2,
"required": false,
"title": "Enable address families and route filtering in each direction",
"type": "array"
},
"source_addresses": {
"description": "Source addresses should belong to Tier0 external or loopback or VTI interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": false,
"title": "Source IP Addresses for BGP peering",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_SOURCE_ADDRESS_TIER0_INTERFACE_RELATIONSHIP",
"rightType": [
"Tier0Interface"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP neighbor config",
"type": "object"
}
BgpNeighborConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "BgpNeighborConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routing Config list request parameters",
"type": "object"
}
BgpNeighborConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BgpNeighborConfig
},
"required": true,
"title": "BGP neighbor configs list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of BGP Neighbor Configs",
"type": "object"
}
BgpNeighborListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BgpNeighbor
},
"required": true,
"title": "Paginated list of bgp neighbors",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpNeighborLocalAsConfig (type)
{
"additionalProperties": false,
"id": "BgpNeighborLocalAsConfig",
"module_id": "PolicyConnectivity",
"properties": {
"as_path_modifier_type": {
"description": "Optional parameter. If this property is not set, by default BGP prepends neighbor's local_as_num value to the AS_PATH for BOTH outgoing and incoming route advertisements from the peer neighbor. By setting one of the following value, user can modify the default prepend action on the AS_PATH in both inbound and outbound direction. NO_PREPEND: If type is NO_PREPEND, then the local router will NOT prepend the incoming advertisement from that peer with neighbor's local_as_num, so the AS path advertised will now prepend only the BGP local-as of the router. NO_PREPEND_REPLACE_AS - If type is \"NO_PREPEND_REPLACE_AS\", then the local routes will be advertised with the neighbor's local-as instead of the BGP's local-as to peer router.",
"enum": [
"NO_PREPEND",
"NO_PREPEND_REPLACE_AS"
],
"required": false,
"title": "AS_PATH modifier type for BGP local AS",
"type": "string"
},
"local_as_num": {
"description": "Specify local-as number for Tier-0 to advertize to BGP peer. This overrides local_as_num configured in the BgpRoutingConfig object. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. It is supported for BgpNeighborConfig under both default tier0 and vrf tier0. When this capability is configured, it enables the BGP to prepend \"local_as_num\" value to the beginning of AS_PATH for BOTH outgoing and incoming route advertisements from the configured neighbor. After prepend, AS_PATH contains both \"neighbor's <local_as_num>\" and BGP's <local_as_num>.",
"required": true,
"title": "BGP neighbor local-as number in ASPLAIN/ASDOT Format",
"type": "string"
}
},
"title": "BGP neighbor local-as configuration",
"type": "object"
}
BgpNeighborRouteDetails (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"id": "BgpNeighborRouteDetails",
"module_id": "AggSvcLogicalRouter",
"properties": {
"logical_router_id": {
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "BGP neighbor peer IP address.",
"readonly": true,
"required": true,
"title": "Neighbor IP address"
},
"neighbor_id": {
"readonly": true,
"required": true,
"title": "BGP neighbor id",
"type": "string"
},
"per_transport_node_routes": {
"description": "Array of BGP neighbor route details per transport node.",
"items": {
"$ref": "RoutesPerTransportNode
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRouteDetailsCsvRecord (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"extends": {
"$ref": "CsvRecord
},
"id": "BgpNeighborRouteDetailsCsvRecord",
"module_id": "AggSvcLogicalRouter",
"properties": {
"as_path": {
"description": "BGP AS path attribute.",
"readonly": true,
"required": false,
"title": "AS path",
"type": "string"
},
"local_pref": {
"description": "BGP Local Preference attribute.",
"readonly": true,
"required": false,
"title": "Local preference",
"type": "integer"
},
"logical_router_id": {
"description": "Logical router id",
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"med": {
"description": "BGP Multi Exit Discriminator attribute.",
"readonly": true,
"required": false,
"title": "Multi Exit Discriminator",
"type": "integer"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "BGP neighbor peer IP address.",
"readonly": true,
"required": true,
"title": "Neighbor IP address"
},
"neighbor_id": {
"description": "BGP neighbor id",
"readonly": true,
"required": true,
"title": "BGP neighbor id",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address.",
"readonly": true,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop IP address.",
"readonly": true,
"required": false,
"title": "Next hop IP address"
},
"source_address": {
"$ref": "IPAddress,
"description": "BGP neighbor source address.",
"readonly": true,
"required": false,
"title": "BGP neighbor source address"
},
"transport_node_id": {
"description": "Transport node id",
"readonly": true,
"required": true,
"title": "Transport node id",
"type": "string"
},
"weight": {
"description": "BGP Weight attribute.",
"readonly": true,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRouteDetailsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "BgpNeighborRouteDetailsInCsvFormat",
"module_id": "AggSvcLogicalRouter",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "BgpNeighborRouteDetailsCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
BgpNeighborRoutes (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"id": "BgpNeighborRoutes",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_routes": {
"description": "Array of BGP neighbor route details per edge node.",
"items": {
"$ref": "RoutesPerTransportNode
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
},
"enforcement_point_path": {
"readonly": true,
"required": true,
"title": "Enforcement point policy path",
"type": "string"
},
"neighbor_path": {
"readonly": true,
"required": true,
"title": "BGP neighbor policy path",
"type": "string"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRoutesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborRoutesListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Bgp neighbor routes.",
"items": {
"$ref": "BgpNeighborRoutes
},
"required": false,
"title": "Paged Collection of Bgp neighbor routes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpNeighborStatus (type)
{
"additionalProperties": false,
"id": "BgpNeighborStatus",
"module_id": "AggSvcLogicalRouter",
"properties": {
"address_families": {
"description": "Address families of BGP neighbor",
"items": {
"$ref": "BgpAddressFamily
},
"readonly": true,
"required": false,
"title": "Address families of BGP neighbor",
"type": "array"
},
"announced_capabilities": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities sent to BGP neighbor.",
"type": "array"
},
"connection_drop_count": {
"readonly": true,
"required": false,
"title": "Count of connection drop",
"type": "integer"
},
"connection_state": {
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current state of the BGP session.",
"type": "string"
},
"established_connection_count": {
"readonly": true,
"required": false,
"title": "Count of connections established",
"type": "integer"
},
"graceful_restart": {
"deprecated": true,
"description": "Current state of graceful restart where graceful_restart = true indicates graceful restart is enabled and graceful_restart = false indicates graceful restart is disabled. This is deprecated field, use graceful_restart_mode instead.",
"readonly": true,
"required": false,
"title": "Graceful restart flag",
"type": "boolean"
},
"graceful_restart_mode": {
"description": "Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled",
"readonly": true,
"required": false,
"title": "Graceful restart mode",
"type": "string"
},
"hold_time": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down.",
"type": "integer"
},
"keep_alive_interval": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO packet from BGP peer",
"type": "integer"
},
"local_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of Local BGP connection",
"type": "integer"
},
"lr_component_id": {
"readonly": true,
"required": true,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"messages_received": {
"readonly": true,
"required": false,
"title": "Count of messages received from the neighbor",
"type": "integer"
},
"messages_sent": {
"readonly": true,
"required": false,
"title": "Count of messages sent to the neighbor",
"type": "integer"
},
"negotiated_capability": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities negotiated with BGP neighbor.",
"type": "array"
},
"neighbor_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The IP of the BGP neighbor"
},
"neighbor_edge_node": {
"readonly": true,
"title": "Inter-SR bgp neighbor edge node",
"type": "string"
},
"neighbor_router_id": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "Router ID of the BGP neighbor."
},
"remote_as_number": {
"readonly": true,
"required": false,
"title": "AS number of the BGP neighbor",
"type": "string"
},
"remote_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of remote BGP Connection",
"type": "integer"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The Ip address of logical port"
},
"time_since_established": {
"readonly": true,
"required": false,
"title": "Time(in seconds) since connection was established.",
"type": "integer"
},
"total_in_prefix_count": {
"description": "Sum of in prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"total_out_prefix_count": {
"description": "Sum of out prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"transport_node": {
"$ref": "ResourceReference,
"readonly": true,
"required": false,
"title": "Transport node id and name"
},
"type": {
"description": "BGP neighbor type",
"enum": [
"INTER_SR",
"USER"
],
"readonly": true,
"title": "BGP neighbor type",
"type": "string"
}
},
"type": "object"
}
BgpNeighborStatusLiteDto (type)
{
"additionalProperties": false,
"id": "BgpNeighborStatusLiteDto",
"module_id": "AggSvcLogicalRouter",
"properties": {
"connection_state": {
"description": "Current state of the BGP session.",
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"title": "BGP session state",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "Ip address of BGP neighbor.",
"readonly": true,
"title": "Neighor address"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress,
"description": "Source Ip address.",
"readonly": true,
"title": "Source address"
}
},
"type": "object"
}
BgpNeighborsStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborsStatusListResult",
"module_id": "AggSvcLogicalRouter",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"logical_router_id": {
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"logical_router_name": {
"readonly": true,
"required": false,
"title": "Name of the logical router",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"items": {
"$ref": "BgpNeighborStatus
},
"readonly": true,
"required": false,
"title": "Status of BGP neighbors of the logical router",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpRouteAggregation (type)
{
"additionalProperties": false,
"id": "BgpRouteAggregation",
"module_id": "Routing",
"properties": {
"prefix": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "cidr of the aggregate address"
},
"summary_only": {
"default": true,
"required": false,
"title": "Flag to send only summarized route",
"type": "boolean"
}
},
"type": "object"
}
BgpRouteFiltering (type)
{
"additionalProperties": false,
"id": "BgpRouteFiltering",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"description": "Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration.",
"enum": [
"IPV4",
"IPV6",
"L2VPN_EVPN"
],
"title": "Address family type",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable address family.",
"title": "Enable address family",
"type": "boolean"
},
"in_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for IN direction.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"maximum_routes": {
"description": "Maximum number of routes for the address family.",
"maximum": 1000000,
"minimum": 1,
"required": false,
"title": "Maximum number of routes for the address family",
"type": "int"
},
"out_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
}
},
"title": "Enable address_families and route filtering in each direction",
"type": "object"
}
BgpRouteLeaking (type)
{
"additionalProperties": false,
"id": "BgpRouteLeaking",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"description": "Address family type. Assumed IPv4 address family when not specified.",
"enum": [
"IPV4",
"IPV6"
],
"title": "Address family type",
"type": "string"
},
"in_filter": {
"description": "Specify path of route map to filter routes for IN direction. If not specified then all exported routes from peer attachment will be imported.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "route map path for IN direction",
"type": "array"
},
"out_filter": {
"description": "Specify path of route map to filter routes for OUT direction. If not specified then all redistribute routes will be exported.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "route map path for OUT direction",
"type": "array"
}
},
"title": "BGP route leaking in each direction",
"type": "object"
}
BgpRoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "BgpRoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"count": {
"default": 1000,
"description": "Number of routes to return in response. Not used when routes are requested in CSV format.",
"minimum": 1,
"title": "Number of routes to retrieve",
"type": "int"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BGP Routes request parameters",
"type": "object"
}
BgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Contains BGP routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BgpRoutingConfig",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildBgpNeighborConfig",
"ChildBgpTroubleshootConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ebgp_admin_distance": {
"default": 20,
"description": "Administrative distance for IPv4 and IPv6 eBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "eBGP route administrative distance",
"type": "int"
},
"ecmp": {
"description": "Flag to enable ECMP.",
"required": false,
"title": "Flag to enable ECMP",
"type": "boolean"
},
"enabled": {
"description": "Flag to enable BGP configuration. Disabling will stop feature and BGP peering.",
"required": false,
"title": "Flag to enable BGP configuration",
"type": "boolean"
},
"graceful_restart": {
"deprecated": true,
"description": "Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown.",
"required": false,
"title": "Flag to enable graceful restart",
"type": "boolean"
},
"graceful_restart_config": {
"$ref": "BgpGracefulRestartConfig,
"description": "Configuration field to hold BGP Restart mode and timer.",
"title": "BGP Graceful Restart Configuration"
},
"ibgp_admin_distance": {
"default": 200,
"description": "Administrative distance for IPv4 and IPv6 iBGP learnt routes(inbound). User is allowed to set this value only if BGP is disabled.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "iBGP route administrative distance",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_sr_ibgp": {
"description": "Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode.",
"required": false,
"title": "Enable inter SR IBGP configuration",
"type": "boolean"
},
"local_as_num": {
"description": "Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0.",
"required": false,
"title": "BGP AS number in ASPLAIN/ASDOT Format",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multipath_relax": {
"description": "Flag to enable BGP multipath relax option.",
"required": false,
"title": "Flag to enable BGP multipath relax option",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_aggregations": {
"description": "List of routes to be aggregated.",
"items": {
"$ref": "RouteAggregationEntry
},
"maxItems": 1000,
"required": false,
"title": "List of routes to be aggregated",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP routing config",
"type": "object"
}
BgpTroubleshootConfig (type)
{
"description": "Configuration field to hold BGP session diagnostics, system diagnostics and bfd control packet diagnostics.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BgpTroubleshootConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_control_pkt_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of the timestamps of sent and received BFD control messages per BFD peer session. Enabled by default.",
"required": false,
"title": "BFD control packet diagnostics configuration for troubleshooting",
"type": "boolean"
},
"bgp_session_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of the timestamps of sent and received Keep-Alive messages per BGP peer session, and the session states. Enabled by default.",
"required": false,
"title": "BGP session diagnostics configuration for troubleshooting",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"system_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of system diagnostic data such as ARP, Ping, CPU stats, etc.",
"required": false,
"title": "BGP system diagnostics configuration for troubleshooting",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP troubleshoot config",
"type": "object"
}
BinaryPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData
},
"id": "BinaryPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "BinaryPacketData"
},
"properties": {
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64 encoded full payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"description": "When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate.",
"required": false,
"title": "Awareness of logical routing",
"type": "boolean"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "Transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
BingdingMapStackStatusListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters for port/group/segment binding map mirror stack status.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "BingdingMapStackStatusListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String path for the enforcement point.",
"required": false,
"title": "Binding map path enforcemnt point path to remote L3 mirror session",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Request parameters for binding map mirror stack status",
"type": "object"
}
BlackholeAction (type)
{
"additionalProperties": false,
"enum": [
"DISCARD"
],
"id": "BlackholeAction",
"module_id": "Routing",
"title": "Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.",
"type": "string"
}
BondPnicStatus (type)
{
"additionalProperties": false,
"description": "pNIC/bond statuses",
"id": "BondPnicStatus",
"module_id": "Heatmap",
"properties": {
"name": {
"description": "Name of the pNIC/bond",
"title": "pNIC/bond name",
"type": "string"
},
"status": {
"description": "Status of pNIC/bond",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "pNic/bond status",
"type": "string"
},
"type": {
"description": "Type, whether the object is a pNIC or a bond",
"enum": [
"UNKNOWN_TYPE",
"PNIC",
"BOND"
],
"title": "Object type",
"type": "string"
}
},
"title": "bond type pnic status",
"type": "object"
}
BpduFilter (type) (Deprecated)
{
"deprecated": true,
"id": "BpduFilter",
"module_id": "SwitchSecuritySwitchingProfile",
"properties": {
"enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether BPDU filter is enabled",
"type": "boolean"
},
"white_list": {
"items": {
"type": "string"
},
"maxItems": 32,
"minItems": 0,
"readonly": false,
"required": false,
"title": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering",
"type": "array"
}
},
"title": "BPDU filter configuration",
"type": "object"
}
BridgeEndpoint (type)
{
"description": "A bridge endpoint can be created on a bridge cluster or on an edge cluster. Few of the properties of this class will not be used depending on the type of bridge endpoint being created. When creating a bridge endpoint on a bridge cluster, following propeties will be used: vlan, bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint on an edge cluster following properties will be used: vlan, bridge_endpoint_profile_id and vlan_transport_zone_id.",
"extends": {
"$ref": "ManagedResource
},
"id": "BridgeEndpoint",
"module_id": "BridgeEndpoint",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bridge_cluster_id": {
"description": "This field will not be used if an edge cluster is being used for the bridge endpoint",
"maxLength": 36,
"required": false,
"title": "UUID of the bridge cluster for this bridge endpoint",
"type": "string"
},
"bridge_endpoint_profile_id": {
"description": "This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "Bridge endpoint profile used by the edge cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_enable": {
"default": true,
"description": "This field will not be used if an edge cluster is being used for the bridge endpoint",
"required": false,
"title": "Controls the enabling of HA on the VLAN for this endpoint",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_teaming_policy_name": {
"description": "This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "The name of the switching uplink teaming policy for the bridge endpoint",
"type": "string"
},
"vlan": {
"$ref": "VlanID,
"description": "This property is used for VLAN specification of bridge endpoint. It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec' should be specified.",
"required": false
},
"vlan_transport_zone_id": {
"description": "This field will not be used if a bridge cluster is being used for the bridge endpoint",
"required": false,
"title": "VLAN transport zone id by the edge cluster",
"type": "string"
},
"vlan_trunk_spec": {
"$ref": "VlanTrunkSpec,
"description": "This property is used for VLAN trunk specification of edge bridge endpoint. It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec' should be specified.",
"required": false,
"title": "VLAN trunk spec of edge bridge endpoint"
}
},
"title": "Bridge Endpoint",
"type": "object"
}
BridgeEndpointListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "BridgeEndpointListResult",
"module_id": "BridgeEndpoint",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BridgeEndpoint
},
"minItems": 0,
"readonly": true,
"required": true,
"title": "BridgeEndpoint Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint queries result",
"type": "object"
}
BridgeEndpointProfile (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "BridgeEndpointProfile",
"module_id": "BridgeEndpointProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"maxLength": 36,
"required": true,
"title": "UUID of the edge cluster for this bridge endpoint",
"type": "string"
},
"edge_cluster_member_indexes": {
"description": "First index will be used as the preferred member",
"items": {
"type": "int"
},
"required": false,
"title": "Indexes of the member hosts of the edge bridge cluster",
"type": "array"
},
"failover_mode": {
"default": "PREEMPTIVE",
"description": "Faileover mode can be preemmptive or non-preemptive",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode for the edge bridge cluster",
"type": "string"
},
"high_availability_mode": {
"default": "ACTIVE_STANDBY",
"description": "High avaialability mode can be active-active or active-standby",
"enum": [
"ACTIVE_STANDBY"
],
"required": false,
"title": "High availability mode for the edge bridge cluster",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Bridge Endpoint Profile",
"type": "object"
}
BridgeEndpointProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "BridgeEndpointProfileListResult",
"module_id": "BridgeEndpointProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BridgeEndpointProfile
},
"minItems": 0,
"readonly": true,
"required": true,
"title": "BridgeEndpointProfile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint Profile queries result",
"type": "object"
}
BridgeEndpointProfileRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "BridgeEndpointProfileRequestParameters",
"module_id": "BridgeEndpointProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_cluster_id": {
"required": false,
"title": "Edge Cluster Identifier",
"type": "string"
},
"failover_mode": {
"required": false,
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Bridge Endpoint Profile request parameters",
"type": "object"
}
BridgeEndpointRequestParameters (type)
{
"description": "When querying for bridge endpoints on a bridge cluster, following parameters can be used: bridge_cluster_id and logical_switch_id. When querying for bridge endpoints on an edge cluster, following parameters can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and logical_switch_id. When multiple parameters are provided they will be anded together. if bridge_cluster_id is used along with bridge_endpoint_profile_id or vlan_transport_zone_id an error will be thrown.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "BridgeEndpointRequestParameters",
"module_id": "BridgeEndpoint",
"properties": {
"bridge_cluster_id": {
"description": "If provided, only bridge endpoints associated with the given bridge cluster will be returned.",
"required": false,
"title": "Bridge Cluster Identifier",
"type": "string"
},
"bridge_endpoint_profile_id": {
"description": "If provided, only bridge endpoints associated with the given bridge endpoint profile will be returned.",
"required": false,
"title": "Bridge endpoint profile used by the edge cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_switch_id": {
"description": "If provided, only bridge endpoints associated with the given logical switch will be returned.",
"required": false,
"title": "Logical Switch Identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vlan_transport_zone_id": {
"description": "If provided, only bridge endpoints associated with the given transport zone will be returned.",
"required": false,
"title": "VLAN transport zone id used by the edge cluster",
"type": "string"
}
},
"title": "Bridge Endpoint request parameters",
"type": "object"
}
BridgeEndpointStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounter
},
"id": "BridgeEndpointStatistics",
"module_id": "AggSvcBridging",
"properties": {
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
BridgeEndpointStatus (type)
{
"id": "BridgeEndpointStatus",
"module_id": "AggSvcBridging",
"properties": {
"active_nodes": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "The Ids of the transport nodes which actively serve the endpoint.",
"type": "array"
},
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
}
},
"type": "object"
}
BridgeHighAvailabilityClusterProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ClusterProfile
},
"id": "BridgeHighAvailabilityClusterProfile",
"module_id": "BridgeHighAvailabilityClusterProfile",
"polymorphic-type-descriptor": {
"type-identifier": "BridgeHighAvailabilityClusterProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_probe_interval": {
"default": 1000,
"maximum": 60000,
"minimum": 300,
"required": false,
"title": "the time interval (in millisec) between probe packets for heartbeat purpose",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"required": false,
"title": "whether the heartbeat is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType,
"help_summary": "The cluster profile type.",
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD HA cluster setting",
"type": "object"
}
BridgeProfileConfig (type)
{
"additionalProperties": false,
"description": "configuration parameters for Bridge Profile",
"id": "BridgeProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bridge_profile_path": {
"description": "Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique.",
"required": true,
"title": "Policy path to L2 Bridge profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_BRIDGE_PROFILE_RELATIONSHIP",
"rightType": [
"L2BridgeEndpointProfile"
]
},
{
"leftType": [
"VpcSubnetBridgeProfile"
],
"relationshipType": "VPC_SUBNET_BRIDGE_PROFILE_RELATIONSHIP",
"rightType": [
"L2BridgeEndpointProfile"
]
}
]
},
"uplink_teaming_policy_name": {
"description": "The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property \"vlan_transport_zone_path\". When this property is not specified, the default teaming policy of the host-switch is assigned. Do not set a value when the 'bridge_profile_path' is the path of L2DistributedBridgeEndpointProfile.",
"title": "Uplink Teaming Policy Name",
"type": "string"
},
"vlan_ids": {
"description": "VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both.",
"items": {
"type": "string"
},
"required": true,
"title": "VLAN IDs",
"type": "array"
},
"vlan_transport_zone_path": {
"description": "The path of the VLAN transport zone that represents the underlay L2 zone in which the VLANs will be bridged to overlay segments. A unique VLAN transport zone should be assigned to each underlay L2 zone when needed for bridging. If two VLANs in two underlay L2 zones are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 zones still should have two different VLAN transport zones assigned to them. It is optional for distributed-bridging but required for other bridging modes. If it is not given, the distributed bridge will span all ESX transport nodes in the overlay transport zone of the segment that contains this profile.",
"required": false,
"title": "Policy path of the VLAN transport zone assigned to the underlay L2 zone for bridging.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment",
"VpcSubnetBridgeProfile"
],
"relationshipType": "_UNOPTIMIZED_RELATIONSHIP_",
"rightType": [
"PolicyTransportZone"
]
}
]
}
},
"title": "Bridge Profile Configuration",
"type": "object"
}
BridgeProfileRequestParameters (type)
{
"additionalProperties": false,
"id": "BridgeProfileRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"bridge_profile_path": {
"description": "Policy path of Bridge profile using which a bridge end point was created.",
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Bridge profile request parameters",
"type": "object"
}
BridgingMode (type)
{
"description": "Bridging mode.",
"enum": [
"EDGE_BRIDGE"
],
"id": "BridgingMode",
"module_id": "OverlayAdoption",
"title": "Bridging mode",
"type": "string"
}
BrokerProperties (type)
{
"additionalProperties": false,
"id": "BrokerProperties",
"properties": {
"BrokerFqdn": {
"description": "Fully qualified domain name of the message bus broker on the management plane node.",
"required": false,
"type": "string"
},
"BrokerIpAddress": {
"$ref": "HostnameOrIPv4Address,
"description": "IP address or hostname of the message bus broker on the management plane node.",
"readonly": false,
"required": true
},
"BrokerIsMaster": {
"description": "Indicates whether this broker is the master.",
"type": "string"
},
"BrokerPort": {
"description": "Port number of the message bus broker on the management plane node.",
"type": "string"
},
"BrokerSslCertThumbprint": {
"description": "Certificate thumbprint of the message bus broker on the management plane node.",
"required": true,
"type": "string"
},
"BrokerVirtualHost": {
"description": "Type of host running the broker.",
"type": "string"
}
},
"title": "Information about a management plane node this transport node is configured to communicate with",
"type": "object"
}
BundleId (type)
{
"additionalProperties": false,
"description": "Identifier of the bundle.",
"id": "BundleId",
"module_id": "FileUploadFramework",
"properties": {
"bundle_id": {
"description": "Identifier of bundle upload",
"readonly": true,
"required": false,
"title": "Bundle Id",
"type": "string"
}
},
"title": "Id of bundle",
"type": "object"
}
BundleIds (type)
{
"additionalProperties": false,
"description": "Contains a list of bundle-ids.",
"id": "BundleIds",
"module_id": "FileUploadFramework",
"properties": {
"failed": {
"description": "Id of a bundle whose upload was failed.",
"readonly": true,
"required": false,
"title": "Failed bundle-Id",
"type": "string"
},
"in_progress": {
"description": "Id of a bundle whose upload is in-progress.",
"readonly": true,
"required": false,
"title": "In-progress bundle-Id",
"type": "string"
},
"successful": {
"description": "Id of a bundle whose upload is successful.",
"readonly": true,
"required": false,
"title": "Sucessful bundle-Id",
"type": "string"
}
},
"title": "List of bundle-ids",
"type": "object"
}
BundleUploadParameters (type)
{
"additionalProperties": false,
"description": "Parameters specified during bundle upload operations.",
"extends": {
"$ref": "ProductType
},
"id": "BundleUploadParameters",
"module_id": "FileUploadFramework",
"properties": {
"file_type": {
"description": "Type of file which will be uploaded.",
"enum": [
"OVA"
],
"required": true,
"title": "Type of file",
"type": "string"
},
"product": {
"description": "Name of the appliance for which upload is performed.",
"enum": [
"SAMPLE",
"ALB_CONTROLLER",
"INTELLIGENCE"
],
"required": true,
"title": "Name of the appliance",
"type": "string"
}
},
"title": "Parameters for bundle upload",
"type": "object"
}
BundleUploadPermission (type)
{
"additionalProperties": false,
"description": "Describes whether bundle upload is allowed or not.",
"id": "BundleUploadPermission",
"module_id": "FileUploadFramework",
"properties": {
"reason": {
"description": "Reason for not allowing upload.",
"readonly": true,
"required": false,
"type": "string"
},
"upload_allowed": {
"description": "Flag indication whether upload is allowed or not.",
"readonly": true,
"required": true,
"title": "Bundle upload allowed flag",
"type": "boolean"
}
},
"title": "Permissions for bundle upload",
"type": "object"
}
BundleUploadStatus (type)
{
"additionalProperties": false,
"description": "Upload status of bundle uploaded from local or remote location.",
"id": "BundleUploadStatus",
"module_id": "FileUploadFramework",
"properties": {
"bundle_name": {
"description": "Name of the uploaded bundle.",
"readonly": true,
"required": false,
"title": "Name of the bundle",
"type": "string"
},
"detailed_status": {
"description": "Detailed status of bundle upload.",
"readonly": true,
"required": false,
"title": "Detailed status of bundle upload",
"type": "string"
},
"percent": {
"description": "Percent of bundle uploaded from remote location.",
"readonly": true,
"required": false,
"title": "Percent of upload completed",
"type": "number"
},
"status": {
"description": "Current status of bundle upload.",
"enum": [
"UPLOADING",
"VERIFYING",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "Status of bundle upload",
"type": "string"
},
"url": {
"description": "URL for uploading bundle.",
"readonly": true,
"required": false,
"title": "URL from which the bundle was uploaded",
"type": "string"
}
},
"title": "Upload status of bundle",
"type": "object"
}
ByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Represents an instance of partner's service whose wiring will be done by partner itself. As partner does all the wiring, we call it as Byod - Bring your own device.",
"extends": {
"$ref": "BasePolicyServiceInstance
},
"id": "ByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"policy_hierarchical_children": [
"ChildServiceInstanceEndpoint"
],
"polymorphic-type-descriptor": {
"type-identifier": "ByodPolicyServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents instance of self wiring partner's service",
"type": "object"
}
ByodPolicyServiceInstanceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ByodPolicyServiceInstanceListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ByodPolicyServiceInstance
},
"required": true,
"title": "Byod Service instance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of only Byod SI objects",
"type": "object"
}
ByodServiceInstance (type)
{
"description": "ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.",
"extends": {
"$ref": "BaseServiceInstance
},
"id": "ByodServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "ByodServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": true,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType,
"required": true
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Custom Instance of a service",
"type": "object"
}
CCPUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "CCPUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of CCP upgrade",
"type": "object"
}
CCSnmpV3User (type)
{
"additionalProperties": false,
"description": "This object contains properties for a SNMP V3 user that can be used to receive SNMP traps/notifications from NSX and/or poll NSX nodes over SNMP.",
"id": "CCSnmpV3User",
"module_id": "CentralConfig",
"properties": {
"access": {
"default": "READ_ONLY",
"description": "Access permissions for polling NSX nodes over SNMP V3.",
"enum": [
"READ_ONLY"
],
"title": "Type of access",
"type": "string"
},
"auth_password": {
"description": "Authentication password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for authentication password.",
"required": false,
"sensitive": true,
"title": "Authentication password",
"type": "secure_string"
},
"priv_password": {
"description": "Privacy password used for SNMP V3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for privacy password.",
"required": false,
"sensitive": true,
"title": "Privacy password",
"type": "secure_string"
},
"security_level": {
"default": "AUTH_PRIV",
"description": "Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value \"AUTH_PRIV\" indicates both authentication and privacy protocols will be used for SNMP communication.",
"enum": [
"AUTH_PRIV"
],
"title": "Security level",
"type": "string"
},
"user_id": {
"description": "Unique SNMP V3 user id.",
"maxLength": 32,
"minLength": 1,
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "SNMP V3 user",
"type": "object"
}
CNSGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing Cloud Native service external ID and enforcement point path",
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "CNSGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cns_external_id": {
"required": true,
"title": "Cloud Native Service external ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing Cloud Native Service external ID and enforcement point path",
"type": "object"
}
CPUReservation (type)
{
"description": "Relative to the form factor pre-defined reservation value. We recommended that you use the predefined measures of CPU reservation shares to reduce the CPU reservation of a VM. Reservation shares are relative to the default form-factor value. Though absolute values for CPU reservation is supported, we advise to use this option with caution as incorrect or high reservation values could lead to deployment failure or lead to resource starvation for other VMs running on the same host.",
"id": "CPUReservation",
"module_id": "FabricNode",
"properties": {
"reservation_in_mhz": {
"description": "The CPU reservation in MHz is the guaranteed minimum amount of clock cycles that the vmkernel CPU scheduler will give the Edge VM in case of contention. If an Edge VM is not using its reserved resources, then other machines can use them thus preventing waste of CPU cycles on the physical host. Note: We recommend use of reservation_in_shares instead of this absolute configuration. When you specify this value, set reservation_in_shares to LOW_PRIORITY.",
"required": false,
"title": "CPU reservation in MHz.",
"type": "int"
},
"reservation_in_shares": {
"default": "HIGH_PRIORITY",
"description": "Shares specify the relative importance of a virtual machine on a given host. When you assign shares to a virtual machine, you always specify the priority for that virtual machine relative to other powered-on virtual machines on the same host. The default priority for shares is HIGH_PRIORITY.",
"enum": [
"EXTRA_HIGH_PRIORITY",
"HIGH_PRIORITY",
"NORMAL_PRIORITY",
"LOW_PRIORITY"
],
"required": false,
"title": "CPU reservation in shares.",
"type": "string"
}
},
"type": "object"
}
CaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CaBundle",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificates": {
"description": "X509Certificates in the bundle",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"earliest_not_after": {
"$ref": "EpochMsTimestamp,
"description": "The earliest time in epoch milliseconds at which a certificate becomes invalid.",
"readonly": true,
"required": false
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"not_after_list": {
"description": "Times for each certificate in the bundle at which the certificate becomes invalid.",
"items": {
"$ref": "EpochMsTimestamp
},
"readonly": true,
"required": false,
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM-encoded CA bundle certificates.",
"readonly": false,
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CA certificates bundle",
"type": "object"
}
CaBundleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CaBundleListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CA bundles list.",
"items": {
"$ref": "CaBundle
},
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CA Bundle query result",
"type": "object"
}
CallbackAuthenticationScheme (type)
{
"description": "CallbackAuthenticationScheme describes how notification requests should authenticate to the server.",
"id": "CallbackAuthenticationScheme",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"certificate_id": {
"description": "Certificate ID with a valid certificate and private key, procured from trust-management API.",
"readonly": false,
"title": "Valid certificate ID",
"type": "string"
},
"password": {
"description": "Password to use if scheme_name is BASIC_AUTH.",
"readonly": false,
"sensitive": true,
"title": "Password for authentication",
"type": "secure_string"
},
"scheme_name": {
"description": "Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE.",
"enum": [
"BASIC_AUTH",
"CERTIFICATE"
],
"readonly": false,
"required": true,
"title": "Authentication scheme to use when making notification requests",
"type": "string"
},
"username": {
"description": "Username to use if scheme_name is BASIC_AUTH.",
"readonly": false,
"title": "Username for authentication",
"type": "string"
}
},
"type": "object"
}
CapacityDashboardUsage (type)
{
"id": "CapacityDashboardUsage",
"module_id": "CapacityDashboard",
"properties": {
"current_usage_count": {
"description": "Indicate the current usage count of object type.",
"required": true,
"title": "Current usage count of object type",
"type": "integer"
},
"current_usage_percentage": {
"description": "Current usage percentage for object type",
"required": true,
"title": "Current usage percentage",
"type": "number"
},
"display_name": {
"description": "Display name for NSX object type.",
"required": true,
"title": "User friendly name for object type",
"type": "string"
},
"max_supported_count": {
"description": "This is the maximum supported count for object type in consideration.",
"required": true,
"title": "Maximum supported count for object type",
"type": "integer"
},
"max_threshold_percentage": {
"description": "This indicates the maximum threshold percentage for object type.",
"required": true,
"title": "Max threshold percentage for object type",
"type": "number"
},
"min_threshold_percentage": {
"description": "This indicates the minimum threshold percentage for object type.",
"required": true,
"title": "Min threshold percentage for object type",
"type": "number"
},
"severity": {
"description": "Severity calculated from percentage usage",
"enum": [
"INFO",
"WARNING",
"CRITICAL",
"ERROR"
],
"required": true,
"title": "Severity calculated from percentage usage",
"type": "string"
},
"usage_type": {
"description": "Indicate the object type for which usage is calculated.",
"required": true,
"title": "Object type for which usage is fetched",
"type": "string"
}
},
"type": "object"
}
CapacityThreshold (type)
{
"id": "CapacityThreshold",
"module_id": "CapacityDashboard",
"properties": {
"max_threshold_percentage": {
"description": "Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical.",
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Maximum threshold percentage",
"type": "number"
},
"min_threshold_percentage": {
"description": "Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning.",
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Minimum threshold percentage",
"type": "number"
},
"threshold_type": {
"description": "Indicate the object type for which threshold is to be set.",
"required": true,
"title": "Object type for which threshold is to be set",
"type": "string"
}
},
"type": "object"
}
CapacityThresholdList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CapacityThresholdList",
"module_id": "CapacityDashboard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"capacity_thresholds": {
"items": {
"$ref": "CapacityThreshold
},
"required": true,
"title": "List of capacity thresholds for NSX Objects",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CapacityUsage (type)
{
"description": "usage of each capacity type ex. vm, cpu",
"extends": {
"$ref": "Resource
},
"id": "CapacityUsage",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"capacity_type": {
"readonly": true,
"title": "type of the capacity field",
"type": "string"
},
"usage_count": {
"readonly": true,
"title": "count of number of items of capacity_type",
"type": "integer"
}
},
"type": "object"
}
CapacityUsageMetaInfo (type)
{
"additionalProperties": false,
"id": "CapacityUsageMetaInfo",
"module_id": "CapacityDashboard",
"properties": {
"last_updated_timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "Timestamp at which capacity usage was last calculated"
},
"max_global_threshold_percentage": {
"description": "Indicates the maximum global threshold percentage",
"required": true,
"title": "Maximum global threshold percentage",
"type": "number"
},
"min_global_threshold_percentage": {
"description": "Indicates the minimum global threshold percentage",
"required": true,
"title": "Minimum global threshold percentage",
"type": "number"
}
},
"type": "object"
}
CapacityUsageRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "CapacityUsageRequestParameters",
"module_id": "CapacityDashboard",
"properties": {
"category": {
"description": "Category of attributes for which capacity details need to be fetched. Supported categories are security, inventory, networking and system. User can provide comma separated list of multiple categories.",
"required": false,
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"force": {
"default": false,
"description": "Parameter to force inline calculation instead of retrieving cached results.",
"required": false,
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Parameter to force inline calculation.",
"type": "object"
}
CapacityUsageResponse (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CapacityUsageResponse",
"module_id": "CapacityDashboard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"capacity_usage": {
"items": {
"$ref": "CapacityDashboardUsage
},
"required": true,
"title": "List of capacity usage for NSX Objects",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"meta_info": {
"extends": {
"$ref": "CapacityUsageMetaInfo
},
"required": true,
"title": "Meta data for capacity usage statistics",
"type": "object"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unreported_usage_types": {
"description": "Types for which usage data was not reported",
"items": {
"type": "string"
},
"required": false,
"title": "Unreported usage types",
"type": "array"
}
},
"type": "object"
}
CbmClusterNode (type)
{
"additionalProperties": false,
"description": "This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.",
"extends": {
"$ref": "ManagedResource
},
"id": "CbmClusterNode",
"module_id": "ClusterBootManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entities": {
"description": "Entities on the node.",
"items": {
"$ref": "CbmClusterNodeEntity
},
"required": true,
"title": "Entities on the node",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_uuid": {
"description": "UUID of the node.",
"required": true,
"title": "UUID of the node",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"default": "REMOVED",
"description": "Current clustering status of the node.",
"enum": [
"JOINING",
"JOINED",
"REMOVING",
"REMOVED"
],
"title": "Current clustering status of the node",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Cluster Node Properties",
"type": "object"
}
CbmClusterNodeEntity (type)
{
"additionalProperties": false,
"description": "NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.",
"id": "CbmClusterNodeEntity",
"module_id": "ClusterBootManager",
"properties": {
"certificate": {
"description": "Public certificate of the entity in PEM format.",
"required": true,
"title": "Public certificate in PEM format",
"type": "string"
},
"entity_type": {
"$ref": "EntityType,
"description": "Type of the entity.",
"required": true,
"title": "Type of the entity"
},
"entity_uuid": {
"description": "UUID of the entity.",
"required": true,
"title": "UUID of the entity",
"type": "string"
},
"fqdn": {
"description": "Domain name the entity binds to.",
"format": "hostname",
"required": false,
"title": "Domain name",
"type": "string"
},
"ip_address": {
"description": "IP address the entity binds to.",
"required": false,
"title": "IP address of entity",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address the entity binds to.",
"required": false,
"title": "IPv6 address of entity",
"type": "string"
},
"ipv6_subnet_prefix_length": {
"description": "IPv6 subnet mask prefix length of the entity binds to.",
"maximum": 128,
"minimum": 0,
"required": false,
"title": "IPv6 subnet mask prefix length",
"type": "integer"
},
"port": {
"description": "Port the entity binds to.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port number",
"type": "integer"
},
"subnet_prefix_length": {
"description": "IPv4 subnet mask prefix length of the entity binds to.",
"maximum": 32,
"minimum": 0,
"required": false,
"title": "IPv4 subnet mask prefix length",
"type": "integer"
}
},
"title": "Cluster Node Entity Properties",
"type": "object"
}
CdpStatusType (type)
{
"enum": [
"NOT_READY",
"FETCHING",
"READY",
"ERROR"
],
"id": "CdpStatusType",
"module_id": "CertificateManager",
"title": "Status types supported of the CrlDistributionPoint",
"type": "string"
}
CentralConfigProperties (type)
{
"id": "CentralConfigProperties",
"properties": {
"local_override": {
"required": true,
"title": "Override Central Config",
"type": "boolean"
}
},
"title": "Central Config properties",
"type": "object"
}
CentralNodeConfigProfile (type)
{
"additionalProperties": false,
"description": "Central Node Config profile for NSX nodes. This set of properties will be pushed to NSX Manager and Edge nodes. SNMP properties will be pushed to KVM Hypervisors in addition to Manager and Edge nodes.",
"extends": {
"$ref": "ManagedResource
},
"id": "CentralNodeConfigProfile",
"module_id": "CentralConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ntp": {
"$ref": "NtpProperties,
"description": "NTP service properties for NSX nodes. Ntp is null by default. If the ntp property is not specified or is set to null, the ntp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing ntp setting on each node will remain as is.",
"required": false,
"title": "NTP service properties"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snmp": {
"$ref": "SnmpProperties,
"description": "SNMP service properties for NSX nodes. Snmp is null by default. If the snmp property is not specified or is set to null, the snmp property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing snmp setting on each node will remain as is.",
"required": false,
"title": "SNMP service properties"
},
"syslog": {
"$ref": "SyslogProperties,
"description": "Syslog service properties for NSX nodes. Syslog is null by default. If the syslog property is not specified or is set to null, the syslog property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing syslog setting on each node will remain as is.",
"required": false,
"title": "Syslog service properties"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timezone": {
"description": "Timezone to be set for NSX nodes. Only timezone strings listed in the Time Zone database (https://www.iana.org/time-zones) are allowed. Timezone is null by default. If the timezone property is not specified or is set to null, the timezone property will not be enforced by the CentralNodeConfigProfile on NSX nodes. The existing timezone setting on each node will remain as is.",
"required": false,
"title": "Timezone",
"type": "string"
}
},
"title": "Central Node Config Profile",
"type": "object"
}
CentralNodeConfigProfileGetRequestParams (type)
{
"additionalProperties": false,
"description": "This object includes GET request parameter to indicate whether sensitive data should be returned for a central Central Node Config profile.",
"id": "CentralNodeConfigProfileGetRequestParams",
"module_id": "CentralConfig",
"properties": {
"show_sensitive_data": {
"default": false,
"description": "If set to true, Central Node Config profile includes sensitive data properties like SNMP community strings if any applicable. Note that passwords are never returned. Default set to false.",
"required": false,
"title": "Show sensitive data in Central Node Config profile",
"type": "boolean"
}
},
"title": "GET request parameters for Central Node Config profile",
"type": "object"
}
CentralNodeConfigProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Central Node Config profiles.",
"extends": {
"$ref": "ListResult
},
"id": "CentralNodeConfigProfileListResult",
"module_id": "CentralConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CentralNodeConfigProfile
},
"required": true,
"title": "Central Node Config profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Central Node Config profiles",
"type": "object"
}
Certificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Certificate",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "Different categories of certificates to distinguish stored certificates. 'APPLIANCE_CERTIFICATE' are certs used by this cluster. 'PRINCIPAL_IDENTITY_CERTIFICATE' used by LM and GM for mutual auth. 'SITE_CERTIFICATE' are certificate of different sites. 'UNUSED_CERTIFICATE' are certs which are not applied yet. 'POLICY_CERTIFICATE' used for external services. 'OTHER_CERTIFICATE' is category for any certificate which is not identified.",
"enum": [
"OTHER_CERTIFICATE",
"APPLIANCE_CERTIFICATE",
"PRINCIPAL_IDENTITY_CERTIFICATE",
"SITE_CERTIFICATE",
"UNUSED_CERTIFICATE",
"POLICY_CERTIFICATE"
],
"readonly": true,
"required": false,
"title": "Category",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"description": "List of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_private_key": {
"default": false,
"description": "Whether we have the private key for this certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"leaf_certificate_sha_256_thumbprint": {
"description": "Unique SHA-256 thumbprint of the leaf node certificate.",
"readonly": true,
"required": false,
"title": "Certificate thumbprint",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"used_by": {
"description": "List of node IDs with services, that are using this certificate.",
"items": {
"$ref": "NodeIdServicesMap
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
CertificateBinding (type)
{
"description": "Details on applied certificate.",
"id": "CertificateBinding",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"certificate_id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Certificate Id",
"type": "string"
},
"node_id": {
"description": "Node Id to which this certificate is applied to.",
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"description": "Service Type of the CertificateProfile to which the certificate is applied to.",
"readonly": false,
"required": true,
"title": "Service Type"
}
},
"title": "Certificate binding",
"type": "object"
}
CertificateCheckingStatus (type)
{
"additionalProperties": false,
"id": "CertificateCheckingStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when checking the certificate.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CertificateCheckingStatusType,
"description": "Status of the checked certificate.",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Result of checking a certificate",
"type": "object"
}
CertificateCheckingStatusType (type)
{
"enum": [
"OK",
"CRL_NOT_READY",
"REJECTED",
"ERROR"
],
"id": "CertificateCheckingStatusType",
"module_id": "CertificateManager",
"title": "Status types returned when checking a certificate",
"type": "string"
}
CertificateClass (type)
{
"enum": [
"REST",
"RPC",
"CBM",
"FEDERATION"
],
"id": "CertificateClass",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"title": "Certificate Class",
"type": "string"
}
CertificateData (type)
{
"additionalProperties": false,
"id": "CertificateData",
"module_id": "InventoryCmObj",
"properties": {
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"title": "PEM encoded certificate data",
"type": "string"
},
"private_key": {
"description": "Private key of certificate.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Private key of certificate",
"type": "secure_string"
}
},
"type": "object"
}
CertificateId (type)
{
"additionalProperties": false,
"id": "CertificateId",
"properties": {
"certificate_id": {
"readonly": true,
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"type": "object"
}
CertificateKeyPair (type)
{
"additionalProperties": false,
"id": "CertificateKeyPair",
"properties": {
"certificate": {
"$ref": "SecurityCertificate,
"display": {
"order": 1
},
"readonly": false,
"required": true
},
"rsa_private_key": {
"description": "The private key must include the enclosing \"-----BEGIN RSA PRIVATE KEY-----\" and \"-----END RSA PRIVATE KEY-----\". An empty string is returned in read responses.",
"display": {
"order": 2
},
"minLength": 60,
"readonly": false,
"required": true,
"sensitive": true,
"title": "PEM encoded RSA private key",
"type": "string"
}
},
"type": "object"
}
CertificateList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CertificateList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Certificate list.",
"items": {
"$ref": "Certificate
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Certificate queries result",
"type": "object"
}
CertificateOperationStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CertificateBinding
},
"id": "CertificateOperationStatus",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"affected_services": {
"description": "A comma-separated list of services that may be affected or interrupted when this certificate operation occurs.",
"readonly": true,
"required": false,
"title": "Affected services",
"type": "string"
},
"certificate_id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Certificate Id",
"type": "string"
},
"certificate_name": {
"description": "Required field presenting new certificate name in certificate replacement operation, or the certificate to be deleted.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": true,
"title": "Name of the new certificate.",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"description": "The end time of this certificate operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "End time"
},
"estimated_duration": {
"description": "Estimated time duration in seconds for this certificate operation.",
"readonly": true,
"required": false,
"title": "Estimated duration",
"type": "integer"
},
"id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": true,
"title": "Unique ID of the operation.",
"type": "string"
},
"message": {
"description": "Localized text explaining the details of the error or deprecation warning and remedial steps to be taken.",
"readonly": true,
"required": false,
"title": "Message",
"type": "string"
},
"node_id": {
"description": "Node Id to which this certificate is applied to.",
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"old_certificate_id": {
"description": "Optional field presenting old certificate id in certificate replacement operation.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": false,
"title": "Id of the old certificate",
"type": "string"
},
"old_certificate_name": {
"description": "Optional field presenting old certificate name in certificate replacement operation.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": true,
"required": false,
"title": "Name of the old certificate",
"type": "string"
},
"operation_type": {
"description": "Type of operation used for the batch.",
"enum": [
"REPLACE",
"DELETE"
],
"readonly": true,
"required": true,
"title": "Operation Type",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"description": "Service Type of the CertificateProfile to which the certificate is applied to.",
"readonly": false,
"required": true,
"title": "Service Type"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"description": "The start time of this certificate operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "Start time"
},
"status": {
"description": "Status of this certificate operation",
"enum": [
"OK",
"ERROR",
"PENDING",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Status",
"type": "string"
}
},
"title": "Status of a certificate operation",
"type": "object"
}
CertificateProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "CertificateProfile",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"abort_on_error": {
"description": "If this field is true, the certificate batch operation would be aborted if an error occurs during the replacement operation for this certificate profile.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Abort when there's an error",
"type": "boolean"
},
"affected_services": {
"description": "A comma-separated list of service names that may be affected/interrupted when replacing the certificate for this service-type.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Affected Services",
"type": "string"
},
"certificate_class": {
"$ref": "CertificateClass,
"description": "Service-types that are in a 'class'' cannot be share a certificate with a service in another 'class'.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Category"
},
"cluster_certificate": {
"description": "True if this is for a cluster certificate",
"readonly": true,
"required": true,
"title": "Cluster Certificate",
"type": "boolean"
},
"deprecated_in_version": {
"description": "Version in which this certificate profile was deprecated.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Deprecated in version",
"type": "string"
},
"description": {
"description": "A longer description what the service-type is used for.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Description",
"type": "string"
},
"extended_key_usage": {
"description": "Indicating whether this certificate is used for server-auth, client-auth or both.",
"items": {
"$ref": "CertificateUsageType
},
"readonly": true,
"required": true,
"title": "Extended Key Usage",
"type": "array"
},
"node_type": {
"description": "List of types of node this certificate applies to.",
"items": {
"$ref": "NodeType
},
"readonly": true,
"required": true,
"title": "Node Type",
"type": "array"
},
"processing_order": {
"description": "The order in which service-type certificates are replaced in a batch-replace.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Processing Order",
"type": "integer"
},
"profile_name": {
"readonly": true,
"required": true,
"title": "Certificate Profile Name",
"type": "string"
},
"replacement_duration": {
"description": "The estimated amount of time it takes to replace the certificate for this service-type, in seconds.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Processing Duration",
"type": "integer"
},
"requires_private_key": {
"description": "True if this certificate needs a private key.",
"readonly": true,
"required": true,
"title": "Requires Private Key",
"type": "boolean"
},
"service_type": {
"$ref": "ServiceType,
"description": "A short and unique name for the type of service this certificate is used for.",
"readonly": true,
"required": true,
"title": "Unique Service Type"
},
"summary": {
"description": "A short phrase what this service-type is for.",
"nsx_feature": "CertificateBatchOperations",
"readonly": true,
"required": false,
"title": "Summary",
"type": "string"
},
"unique_use": {
"description": "True if the certificate used for this service-type cannot be used anywhere else.",
"readonly": true,
"required": true,
"title": "Unique Use",
"type": "boolean"
}
},
"type": "object"
}
CertificateProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CertificateProfileListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CertificateProfile list.",
"items": {
"$ref": "CertificateProfile
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CertificateProfile query result",
"type": "object"
}
CertificateRenewalParameters (type)
{
"additionalProperties": false,
"id": "CertificateRenewalParameters",
"module_id": "CertificateManager",
"properties": {
"force": {
"default": false,
"description": "If true, perform certificate renewal even if blocked.",
"title": "Force renewal of certificates\n",
"type": "boolean"
}
},
"title": "Parameters that affect how certificate renewals are processed",
"type": "object"
}
CertificateReplacementConfig (type)
{
"id": "CertificateReplacementConfig",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"new_certificate_id": {
"description": "Id of the certificate which will replace the old certificate. This is optional field. If not specified, and if the old certificate is a self-signed certificate, a fresh self-signed will be generated with identical attributes as the old certificate.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": false,
"title": "Id of the new certificate",
"type": "string"
},
"old_certificate_id": {
"description": "Id of the currently used certificate which needs to be replaced.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Id of the old certificate",
"type": "string"
}
},
"title": "Configuration for a certificate replacement operation",
"type": "object"
}
CertificateUsageType (type)
{
"enum": [
"SERVER",
"CLIENT"
],
"id": "CertificateUsageType",
"module_id": "CertificateManager",
"title": "Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER",
"type": "string"
}
CertificatesBatchOperationResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CertificatesBatchOperationResult",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"description": "The end time of this certificate batch operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "End time"
},
"pending_estimated_duration": {
"description": "Sum of estimated duration of pending certificate operations.",
"readonly": true,
"required": false,
"title": "Pending estimated duration",
"type": "integer"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of certificate operation statuses.",
"items": {
"$ref": "CertificateOperationStatus
},
"readonly": true,
"required": true,
"title": "Batch results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"description": "The start time of this certificate batch operation in epoch milliseconds",
"readonly": true,
"required": false,
"title": "Start time"
},
"total_estimated_duration": {
"description": "Sum of estimated duration of all certificate operations.",
"readonly": true,
"required": false,
"title": "Total estimated duration",
"type": "integer"
}
},
"title": "Result of certificates batch operation",
"type": "object"
}
CertificatesBatchReplacementRequest (type)
{
"additionalProperties": false,
"id": "CertificatesBatchReplacementRequest",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"certificate_replacements": {
"description": "List of certificate replacement operation configurations.",
"items": {
"$ref": "CertificateReplacementConfig
},
"readonly": false,
"required": true,
"type": "array"
}
},
"title": "Request for batch replacement of certificates",
"type": "object"
}
CheckpointCounter (type)
{
"id": "CheckpointCounter",
"module_id": "LiveTrace",
"properties": {
"checkpoint_type": {
"description": "Type of Livetrace checkpoint. UNKNOWN - Unknown checkpoint. PORT_INPUT - Received by a port on slowpath. The first slowpath checkpoint is encountered when the packet enters a certain port. For a certain port, a series of subsequent checkpoints is usually encountered after the packet traverses through PORT_INPUT. PORT_OUTPUT - Forwarded to a port on slowpath. The last slowpath checkpoint is encountered when the packet left a certain port. For a certain port, a series of checkpoints is usually encountered before the packet traverses through PORT_OUTPUT. SPOOFGUARD_INPUT - Received by slowpath Spoofguard service. This checkpoint should be encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. SPOOFGUARD_OUTPUT - Forwarded from slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. SPOOFUGARD_DROP - Dropped by slowpath Spoofguard service. This checkpoint should be encountered after SPOOFGUARD_INPUT. DFW_INPUT - Received by slowpath DFW service. This checkpoint should be encountered encountered either after the packet encounters PORT_INPUT or before the packet encounters PORT_OUTPUT. This checkpoint should after SPOOFGUARD related checkpoints, if they exist. DFW_OUTPUT - Forwarded from slowpath DFW service. This checkpoint should be encountered after DFW_INPUT. DFW_DROP - Dropped by slowpath DFW service.This checkpoint should be encountered after DFW_INPUT. UPLINK_INPUT - Ingressed via an uplink port on slowpath. The first slowpath checkpoint is encountered when the packet ingress from external network via an uplink. UPLINK_OUTPUT - Egressed via an uplink port on slowpath. The last slowpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_PORT_INPUT - Received by a port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet enters a certain port. ENS_PORT_OUTPUT - Forwarded to a port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet left a certain port. ENS_UPLINK_INPUT - Ingressed via an uplink port on ENS fastpath. The first ENS fastpath checkpoint is encountered when the packet ingress from external network via an uplink. ENS_UPLINK_OUTPUT - Egressed via an uplink port on ENS fastpath. The last ENS fastpath checkpoint is encountered when the packet egress to external network via an uplink. ENS_DFW_INPUT - Received by ENS fastpath DFW service. This checkpoint should be encountered after ENS_PORT_INPUT. ENS_DFW_OUTPUT - Forwarded from ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ENS_DFW_DROP - Dropped by ENS fastpath DFW service. This checkpoint should be encountered after ENS_DFW_INPUT. ROUTER_DROP - Dropped by slowpath router service. This checkpoint should be encountered after PORT_INPUT.",
"enum": [
"UNKNOWN",
"PORT_INPUT",
"PORT_OUTPUT",
"SPOOFGUARD_INPUT",
"SPOOFGUARD_OUTPUT",
"SPOOFGUARD_DROP",
"DFW_INPUT",
"DFW_OUTPUT",
"DFW_DROP",
"UPLINK_INPUT",
"UPLINK_OUTPUT",
"ENS_PORT_INPUT",
"ENS_PORT_OUTPUT",
"ENS_UPLINK_INPUT",
"ENS_UPLINK_OUTPUT",
"ENS_DFW_INPUT",
"ENS_DFW_OUTPUT",
"ENS_DFW_DROP",
"ROUTER_DROP"
],
"readonly": true,
"required": true,
"title": "Type of checkpoint",
"type": "string"
},
"count": {
"description": "The number of packets traversed by this checkpoint. The packet connectivity issue can be discovered by comparing the count value of different checkpoints.",
"readonly": true,
"required": true,
"title": "Packet count",
"type": "integer"
}
},
"type": "object"
}
CheckpointCounterResult (type)
{
"description": "The packets that only have the count action (other permutations such as trace + pktcap or count + trace/pktcap cannot) can traverse through the ENS fastpath. Therefore, two checkpoint results from ENS fastpath and slowpath are listed below.",
"id": "CheckpointCounterResult",
"module_id": "LiveTrace",
"properties": {
"ens_checkpoints_result": {
"description": "The counter result from ENS checkpoints",
"items": {
"$ref": "CheckpointCounter
},
"readonly": true,
"required": false,
"title": "Counter result from ENS checkpoints",
"type": "array"
},
"non_ens_checkpoints_result": {
"description": "The counter result from non ENS checkpoints",
"items": {
"$ref": "CheckpointCounter
},
"readonly": true,
"required": false,
"title": "Counter result from non ENS checkpoints",
"type": "array"
}
},
"title": "Checkpoint counter result",
"type": "object"
}
ChildAntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for AntreaTraceflowConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildAntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildAntreaTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "AntreaTraceflowConfig,
"description": "Contains the actual AntreaTraceflowConfig object.",
"required": true,
"title": "AntreaTraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for AnteaTraceflowConfig",
"type": "object"
}
ChildBfdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for BfdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBfdProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBfdProfile"
},
"properties": {
"BfdProfile": {
"$ref": "BfdProfile,
"description": "Contains the actual BfdProfile object.",
"required": true,
"title": "Bfd Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BfdProfile",
"type": "object"
}
ChildBgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpNeighborConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBgpNeighborConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpNeighborConfig"
},
"properties": {
"BgpNeighborConfig": {
"$ref": "BgpNeighborConfig,
"description": "Contains the actual BgpNeighborConfig object.",
"required": true,
"title": "BgpNeighborConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpNeighborConfig",
"type": "object"
}
ChildBgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpRoutingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBgpRoutingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpRoutingConfig"
},
"properties": {
"BgpRoutingConfig": {
"$ref": "BgpRoutingConfig,
"description": "Contains the actual BgpRoutingConfig object.",
"required": true,
"title": "BgpRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpRoutingConfig",
"type": "object"
}
ChildByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildByodPolicyServiceInstance"
},
"properties": {
"ByodPolicyServiceInstance": {
"$ref": "ByodPolicyServiceInstance,
"description": "Contains actual ByodPolicyServiceInstance.",
"required": true,
"title": "ByodPolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ByodPolicyServiceInstance",
"type": "object"
}
ChildCaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCaBundle",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCaBundle"
},
"properties": {
"CaBundle": {
"$ref": "CaBundle,
"description": "Contains the actual CaBundle object.",
"required": true,
"title": "CaBundle"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper for CA certificates bundle, used in hierarchical API.",
"type": "object"
}
ChildCommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunicationEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationEntry"
},
"properties": {
"CommunicationEntry": {
"$ref": "CommunicationEntry,
"description": "Contains the actual CommunicationEntry object.",
"required": true,
"title": "CommunicationEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationEntry",
"type": "object"
}
ChildCommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunicationMap",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationMap"
},
"properties": {
"CommunicationMap": {
"$ref": "CommunicationMap,
"description": "Contains the actual CommunicationMap object.",
"required": true,
"title": "CommunicationMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationMap",
"type": "object"
}
ChildCommunityList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for CommunityList, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunityList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunityList"
},
"properties": {
"CommunityList": {
"$ref": "CommunityList,
"description": "Contains the actual CommunityList object",
"required": true,
"title": "CommunityList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunityList",
"type": "object"
}
ChildComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildComputeClusterIdfwConfiguration"
},
"properties": {
"ComputeClusterIdfwConfiguration": {
"$ref": "ComputeClusterIdfwConfiguration,
"description": "Contains the actual compute cluster idfw configuration object.",
"required": true,
"title": "ComputeClusterIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ComputeClusterIdfwConfiguration",
"type": "object"
}
ChildConstraint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Constraint, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildConstraint",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "ChildConstraint"
},
"properties": {
"Constraint": {
"$ref": "Constraint,
"description": "Contains the actual Constraint object",
"required": true,
"title": "Constraint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Constraint",
"type": "object"
}
ChildConstraintGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ConstraintGlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildConstraintGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "ConstraintGlobalConfig,
"description": "Settings to Constraint global configs in NSX/NSX+ application platform.",
"required": true,
"title": "ConstraintGlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ConstraintGlobalConfig",
"type": "object"
}
ChildDeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for DeploymentZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDeploymentZone"
},
"properties": {
"DeploymentZone": {
"$ref": "DeploymentZone,
"description": "Contains the actual DeploymentZone object",
"required": true,
"title": "DeploymentZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DeploymentZone",
"type": "object"
}
ChildDfwFirewallConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDfwFirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDfwFirewallConfiguration"
},
"properties": {
"DfwFirewallConfiguration": {
"$ref": "DfwFirewallConfiguration,
"description": "Contains the actual dfw firewall configuration list object.",
"required": true,
"title": "Dfw Firewall Configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FirewallConfiguration",
"type": "object"
}
ChildDhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpRelayConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpRelayConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpRelayConfig"
},
"properties": {
"DhcpRelayConfig": {
"$ref": "DhcpRelayConfig,
"description": "Contains the actual DhcpRelayConfig object",
"required": true,
"title": "DhcpRelayConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpRelayConfig",
"type": "object"
}
ChildDhcpServerConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpServerConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpServerConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpServerConfig"
},
"properties": {
"DhcpServerConfig": {
"$ref": "DhcpServerConfig,
"description": "Contains the actual DhcpServerConfig object",
"required": true,
"title": "DhcpServerConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpServerConfig",
"type": "object"
}
ChildDhcpStaticBindingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for DhcpStaticBindingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpStaticBindingConfig"
},
"properties": {
"DhcpStaticBindingConfig": {
"$ref": "DhcpStaticBindingConfig,
"description": "Contains the actual DhcpStaticBindingConfig object.",
"required": true,
"title": "DhcpStaticBindingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpStaticBindingConfig",
"type": "object"
}
ChildDnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DnsSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"DnsSecurityProfile": {
"$ref": "DnsSecurityProfile,
"description": "Contains the actual DnsSecurityProfile object",
"required": true,
"title": "DnsSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfile",
"type": "object"
}
ChildDnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"DnsSecurityProfileBindingMap": {
"$ref": "DnsSecurityProfileBindingMap,
"description": "Contains the actual DnsSecurityProfileBindingMap object",
"required": true,
"title": "DnsSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfileBindingMap",
"type": "object"
}
ChildDomain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for domain, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDomain",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomain"
},
"properties": {
"Domain": {
"$ref": "Domain,
"description": "Contains the actual domain object.",
"required": true,
"title": "Domain"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Domain",
"type": "object"
}
ChildDomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DomainDeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomainDeploymentMap"
},
"properties": {
"DomainDeploymentMap": {
"$ref": "DomainDeploymentMap,
"description": "Contains the actual DomainDeploymentMap object.",
"required": true,
"title": "DomainDeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DomainDeploymentMap",
"type": "object"
}
ChildEndpointPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointPolicy used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointPolicy"
},
"properties": {
"EndpointPolicy": {
"$ref": "EndpointPolicy,
"description": "Contains actual EndpointPolicy.",
"required": true,
"title": "EndpointPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Policy",
"type": "object"
}
ChildEndpointRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointRule used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEndpointRule",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointRule"
},
"properties": {
"EndpointRule": {
"$ref": "EndpointRule,
"description": "Contains actual EndpointRule.",
"required": true,
"title": "EndpointRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Rule",
"type": "object"
}
ChildEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EnforcementPoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEnforcementPoint"
},
"properties": {
"EnforcementPoint": {
"$ref": "EnforcementPoint,
"description": "Contains the actual Enforcement point object.",
"required": true,
"title": "EnforcementPoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EnforcementPoint",
"type": "object"
}
ChildEvpnConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEvpnConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnConfig"
},
"properties": {
"EvpnConfig": {
"$ref": "EvpnConfig,
"description": "Contains the actual EvpnConfig object.",
"required": true,
"title": "EvpnConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnConfig",
"type": "object"
}
ChildEvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnTunnelEndpointConfig"
},
"properties": {
"EvpnTunnelEndpointConfig": {
"$ref": "EvpnTunnelEndpointConfig,
"description": "Contains the actual EvpnTunnelEndpointConfig object.",
"required": true,
"title": "EvpnTunnelEndpointConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnTunnelEndpointConfig",
"type": "object"
}
ChildFloodProtectionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfile"
},
"properties": {
"FloodProtectionProfile": {
"$ref": "FloodProtectionProfile,
"description": "Contains the actual FloodProtectionProfile object",
"required": true,
"title": "FloodProtectionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfile",
"type": "object"
}
ChildFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfileBindingMap"
},
"properties": {
"FloodProtectionProfileBindingMap": {
"$ref": "FloodProtectionProfileBindingMap,
"description": "Contains the actual FloodProtectionProfileBindingMap object",
"required": true,
"title": "FloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfileBindingMap",
"type": "object"
}
ChildForwardingPolicy (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for ForwardingPolicy used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildForwardingPolicy",
"module_id": "PolicyForwarding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildForwardingPolicy"
},
"properties": {
"ForwardingPolicy": {
"$ref": "ForwardingPolicy,
"description": "Contains actual ForwardingPolicy.",
"required": true,
"title": "ForwardingPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for children of type ForwardingPolicy\n",
"type": "object"
}
ChildForwardingRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for ForwardingRule used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildForwardingRule",
"module_id": "PolicyForwarding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildForwardingRule"
},
"properties": {
"ForwardingRule": {
"$ref": "ForwardingRule,
"description": "Contains actual ForwardingRule.",
"required": true,
"title": "ForwardingRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ForwardingRule\n",
"type": "object"
}
ChildFqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FqdnAnalysisConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFqdnAnalysisConfig"
},
"properties": {
"FqdnAnalysisConfig": {
"$ref": "FqdnAnalysisConfig,
"description": "Contains the actual FqdnAnalysisConfig object",
"required": true,
"title": "FQDN Analysis Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FqdnAnalysisConfig",
"type": "object"
}
ChildGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGatewayPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayPolicy"
},
"properties": {
"GatewayPolicy": {
"$ref": "GatewayPolicy,
"description": "Contains the actual GatewayPolicy object",
"required": true,
"title": "GatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayPolicy",
"type": "object"
}
ChildGatewayQosProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for GatewayQosProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGatewayQosProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayQosProfile"
},
"properties": {
"GatewayQosProfile": {
"$ref": "GatewayQosProfile,
"description": "Contains the actual GatewayQosProfile object.",
"required": true,
"title": "GatewayQosProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayQosProfile",
"type": "object"
}
ChildGeneralSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfile"
},
"properties": {
"GeneralSecurityProfile": {
"$ref": "GeneralSecurityProfile,
"description": "Contains the actual GeneralSecurityProfile object",
"required": true,
"title": "GeneralSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfile",
"type": "object"
}
ChildGeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfileBindingMap"
},
"properties": {
"GeneralSecurityProfileBindingMap": {
"$ref": "GeneralSecurityProfileBindingMap,
"description": "Contains the actual GeneralSecurityProfileBindingMap object",
"required": true,
"title": "GeneralSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfileBindingMap",
"type": "object"
}
ChildGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "GlobalConfig,
"description": "Contains the actual GlobalConfig object.",
"required": true,
"title": "GlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalConfig",
"type": "object"
}
ChildGlobalDfwConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalDfwConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalDfwConfiguration"
},
"properties": {
"GlobalDfwConfiguration": {
"$ref": "GlobalDfwConfiguration,
"description": "Contains the actual global distributed firewall configuration object.",
"required": true,
"title": "Global distributed firewall configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalDfwConfiguration",
"type": "object"
}
ChildGlobalIdsSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalIdsSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalIdsSettings",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalIdsSettings"
},
"properties": {
"GlobalIdsSettings": {
"$ref": "GlobalIdsSettings,
"description": "Contains the GlobalIdsSettings object",
"required": true,
"title": "GlobalIdsSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalIdsSettings",
"type": "object"
}
ChildGlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalIdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalIdsSignature"
},
"properties": {
"GlobalIdsSignature": {
"$ref": "GlobalIdsSignature,
"description": "Contains the GlobalIdsSignature object",
"required": true,
"title": "GlobalIdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalIdsSignature",
"type": "object"
}
ChildGlobalManager (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Global Manager, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalManager",
"module_id": "PolicySiteGM",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalManager"
},
"properties": {
"GlobalManager": {
"$ref": "GlobalManager,
"description": "Contains the actual Global Manager object.",
"required": true,
"title": "GlobalManager"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Global Manager",
"type": "object"
}
ChildGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for group, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroup",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroup"
},
"properties": {
"Group": {
"$ref": "Group,
"description": "Contains the actual group objects.",
"required": true,
"title": "Group"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Group",
"type": "object"
}
ChildGroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"GroupDiscoveryProfileBindingMap": {
"$ref": "GroupDiscoveryProfileBindingMap,
"description": "Contains the actual GroupDiscoveryProfileBindingMap object",
"required": true,
"title": "GroupDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupDiscoveryProfileBindingMap",
"type": "object"
}
ChildGroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroupMonitoringProfileBindingMap"
},
"properties": {
"GroupMonitoringProfileBindingMap": {
"$ref": "GroupMonitoringProfileBindingMap,
"description": "Contains the actual GroupMonitoringProfileBindingMap object",
"required": true,
"title": "GroupMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupMonitoringProfileBindingMap",
"type": "object"
}
ChildHostTransportNode (type)
{
"additionalProperties": false,
"description": "Child wrapper for Host Transport Node, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildHostTransportNode",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "ChildHostTransportNode"
},
"properties": {
"HostTransportNode": {
"$ref": "HostTransportNode,
"description": "Contains the actual Host Transport Node object.",
"required": true,
"title": "Host Transport Node"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Host Transport Node",
"type": "object"
}
ChildHostTransportNodeCollection (type)
{
"additionalProperties": false,
"description": "Child wrapper for Transport Collection, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildHostTransportNodeCollection",
"module_id": "HostTransportNodeCollection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildHostTransportNodeCollection"
},
"properties": {
"HostTransportNodeCollection": {
"$ref": "HostTransportNodeCollection,
"description": "Contains the actual Transport Node Collection object.",
"required": true,
"title": "Transport Node Collection"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Transport Node Collection",
"type": "object"
}
ChildIPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPDiscoveryProfile"
},
"properties": {
"IPDiscoveryProfile": {
"$ref": "IPDiscoveryProfile,
"description": "Contains the actual IPDiscoveryProfile object",
"required": true,
"title": "IPDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPDiscoveryProfile",
"type": "object"
}
ChildIPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWCollectorProfile"
},
"properties": {
"IPFIXDFWCollectorProfile": {
"$ref": "IPFIXDFWCollectorProfile,
"description": "Contains the actual IPFIXDFWCollectorProfile object",
"required": true,
"title": "IPFIXDFWCollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWCollectorProfile",
"type": "object"
}
ChildIPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWProfile"
},
"properties": {
"IPFIXDFWProfile": {
"$ref": "IPFIXDFWProfile,
"description": "Contains the actual IPFIXDFWProfile object",
"required": true,
"title": "IPFIXDFWProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWProfile",
"type": "object"
}
ChildIPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2CollectorProfile"
},
"properties": {
"IPFIXL2CollectorProfile": {
"$ref": "IPFIXL2CollectorProfile,
"description": "Contains the actual IPFIXL2CollectorProfile object",
"required": true,
"title": "IPFIXL2CollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2CollectorProfile",
"type": "object"
}
ChildIPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2Profile"
},
"properties": {
"IPFIXL2Profile": {
"$ref": "IPFIXL2Profile,
"description": "Contains the actual IPFIXL2Profile object",
"required": true,
"title": "IPFIXL2Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2Profile",
"type": "object"
}
ChildIPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnDpdProfile"
},
"properties": {
"IPSecVpnDpdProfile": {
"$ref": "IPSecVpnDpdProfile,
"description": "Contains the actual IPSecVpnDpdProfile object.",
"required": true,
"title": "IPSecVpnDpdProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnDpdProfile",
"type": "object"
}
ChildIPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnIkeProfile"
},
"properties": {
"IPSecVpnIkeProfile": {
"$ref": "IPSecVpnIkeProfile,
"description": "Contains the actual IPSecVpnIkeProfile object.",
"required": true,
"title": "IPSecVpnIkeProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnIkeProfile",
"type": "object"
}
ChildIPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnLocalEndpoint"
},
"properties": {
"IPSecVpnLocalEndpoint": {
"$ref": "IPSecVpnLocalEndpoint,
"description": "Contains the actual IPSecVpnLocalEndpoint object.",
"required": true,
"title": "IPSecVpnLocalEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnLocalEndpoint",
"type": "object"
}
ChildIPSecVpnService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnService"
},
"properties": {
"IPSecVpnService": {
"$ref": "IPSecVpnService,
"description": "Contains the actual IPSecVpnService object.",
"required": true,
"title": "IPSecVpnService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnService",
"type": "object"
}
ChildIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnSession"
},
"properties": {
"IPSecVpnSession": {
"$ref": "IPSecVpnSession,
"description": "Contains the actual IPSecVpnSession object.",
"required": true,
"title": "IPSecVpnSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnSession",
"type": "object"
}
ChildIPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnTunnelProfile"
},
"properties": {
"IPSecVpnTunnelProfile": {
"$ref": "IPSecVpnTunnelProfile,
"description": "Contains the actual IPSecVpnTunnelProfile object",
"required": true,
"title": "IPSecVpnTunnelProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnTunnelProfile",
"type": "object"
}
ChildIdentityFirewallStore (type)
{
"additionalProperties": false,
"description": "Child wrapper for IdentityFirewallStore, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdentityFirewallStore",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdentityFirewallStore"
},
"properties": {
"IdentityFirewallStore": {
"$ref": "IdentityFirewallStore,
"description": "Contains the actual IdentityFirewallStore object.",
"required": true,
"title": "IdentityFirewallStore"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdentityFirewallStore",
"type": "object"
}
ChildIdsClusterConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsClusterConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsClusterConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsClusterConfig"
},
"properties": {
"IdsClusterConfig": {
"$ref": "IdsClusterConfig,
"description": "Contains the IdsClusterConfig object",
"required": true,
"title": "IdsClusterConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsClusterConfig",
"type": "object"
}
ChildIdsCustomSignatureSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsCustomSignatureSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsCustomSignatureSettings",
"module_id": "PolicyIDSCustomSignature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsCustomSignatureSettings"
},
"properties": {
"IdsCustomSignatureSettings": {
"$ref": "IdsCustomSignatureSettings,
"description": "Contains the IdsCustomSignatureSettings object",
"required": true,
"title": "IdsCustomSignatureSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsCustomSignatureSettings",
"type": "object"
}
ChildIdsGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGatewayPolicy"
},
"properties": {
"IdsGatewayPolicy": {
"$ref": "IdsGatewayPolicy,
"description": "Contains the IdsGatewayPolicy object",
"required": true,
"title": "IdsGatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGatewayPolicy",
"type": "object"
}
ChildIdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGlobalEventConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsGlobalEventConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGlobalEventConfig"
},
"properties": {
"IdsGlobalEventConfig": {
"$ref": "IdsGlobalEventConfig,
"description": "Contains the IdsGlobalEventConfig object",
"required": true,
"title": "IdsGlobalEventConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGlobalEventConfig",
"type": "object"
}
ChildIdsPcapFileMetadata (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsPcapFileMetadata, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsPcapFileMetadata",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsPcapFileMetadata"
},
"properties": {
"IdsPcapFileMetadata": {
"$ref": "IdsPcapFileMetadata,
"description": "Contains the IdsPcapFileMetadata object",
"required": true,
"title": "IdsPcapFileMetadata"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsPcapFileMetadata",
"type": "object"
}
ChildIdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsProfile",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsProfile"
},
"properties": {
"IdsProfile": {
"$ref": "IdsProfile,
"description": "Contains the IdsProfile object",
"required": true,
"title": "IdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsProfile",
"type": "object"
}
ChildIdsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsRule",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsRule"
},
"properties": {
"IdsRule": {
"$ref": "IdsRule,
"description": "Contains the IdsRule object",
"required": true,
"title": "IdsRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsRule",
"type": "object"
}
ChildIdsSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSecurityPolicy",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSecurityPolicy"
},
"properties": {
"IdsSecurityPolicy": {
"$ref": "IdsSecurityPolicy,
"description": "Contains the IdsSecurityPolicy object",
"required": true,
"title": "IdsSecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSecurityPolicy",
"type": "object"
}
ChildIdsSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSettings",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSettings"
},
"properties": {
"IdsSettings": {
"$ref": "IdsSettings,
"description": "Contains the IdsSettings object",
"required": true,
"title": "IdsSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSettings",
"type": "object"
}
ChildIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignature"
},
"properties": {
"IdsSignature": {
"$ref": "IdsSignature,
"description": "Contains the IdsSignature object",
"required": true,
"title": "IdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignature",
"type": "object"
}
ChildIdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignatureStatus, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSignatureStatus",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignatureStatus"
},
"properties": {
"IdsSignatureStatus": {
"$ref": "IdsSignatureStatus,
"description": "Contains the IdsSignatureStatus object",
"required": true,
"title": "IdsSignatureStatus"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignatureStatus",
"type": "object"
}
ChildIdsSignatureVersion (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignatureVersion, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSignatureVersion",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignatureVersion"
},
"properties": {
"IdsSignatureVersion": {
"$ref": "IdsSignatureVersion,
"description": "Contains the IdsSignatureVersion object",
"required": true,
"title": "IdsSignatureVersion"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignatureVersion",
"type": "object"
}
ChildIdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsStandaloneHostConfig"
},
"properties": {
"IdsStandaloneHostConfig": {
"$ref": "IdsStandaloneHostConfig,
"description": "Contains the IdsStandaloneHostConfig object",
"required": true,
"title": "IdsStandaloneHostConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsStandaloneHostConfig",
"type": "object"
}
ChildIdsThresholdConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsThresholdConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsThresholdConfig",
"module_id": "PolicyIDS",
"nsx_feature": "IdsThreshold",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsThresholdConfig"
},
"properties": {
"IdsThresholdConfig": {
"$ref": "IdsThresholdConfig,
"description": "Contains the IdsThresholdConfig object.",
"required": true,
"title": "IdsThresholdConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsThresholdConfig",
"type": "object"
}
ChildInfra (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Infra, used in multi-tenancy hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildInfra",
"module_id": "Policy",
"properties": {
"Infra": {
"$ref": "Infra,
"description": "Contains the actual Infra object",
"required": true,
"title": "Infra"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Infra",
"type": "object"
}
ChildIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressAllocation",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressAllocation"
},
"properties": {
"IpAddressAllocation": {
"$ref": "IpAddressAllocation,
"description": "Contains the actual IpAddressAllocation object",
"required": true,
"title": "IpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressAllocation",
"type": "object"
}
ChildIpAddressBlock (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressBlock, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressBlock",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressBlock"
},
"properties": {
"IpAddressBlock": {
"$ref": "IpAddressBlock,
"description": "Contains the actual IpAddressBlock object",
"required": true,
"title": "IpAddressBlock"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressBlock",
"type": "object"
}
ChildIpAddressPool (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPool, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressPool",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPool"
},
"properties": {
"IpAddressPool": {
"$ref": "IpAddressPool,
"description": "Contains the actual IpAddressPool object",
"required": true,
"title": "IpAddressPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPool",
"type": "object"
}
ChildIpAddressPoolSubnet (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPoolSubnet, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressPoolSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPoolSubnet"
},
"properties": {
"IpAddressPoolSubnet": {
"$ref": "IpAddressPoolSubnet,
"description": "Contains the actual IpAddressPoolSubnet object",
"required": true,
"title": "IpAddressPoolSubnet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPoolSubnet",
"type": "object"
}
ChildIpv6DadProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6DadProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpv6DadProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6DadProfile": {
"$ref": "Ipv6DadProfile,
"description": "Contains the actual Ipv6DadProfile objects",
"required": true,
"title": "Ipv6DadProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6DadProfile",
"type": "object"
}
ChildIpv6NdraProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6NdraProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpv6NdraProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6NdraProfile": {
"$ref": "Ipv6NdraProfile,
"description": "Contains the actual Ipv6NdraProfile objects",
"required": true,
"title": "Ipv6NdraProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6NdraProfile",
"type": "object"
}
ChildL2BridgeEndpointProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2BridgeEndpointProfile",
"module_id": "PolicyConnectivity",
"properties": {
"L2BridgeEndpointProfile": {
"$ref": "L2BridgeEndpointProfile,
"description": "Contains the actual L2BridgeEndpointProfile object",
"required": true,
"title": "L2BridgeEndpointProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2BridgeEndpointProfile",
"type": "object"
}
ChildL2VPNService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VPNService",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNService"
},
"properties": {
"L2VPNService": {
"$ref": "L2VPNService,
"description": "Contains the actual L2VPNService object.",
"required": true,
"title": "L2VPNService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNService",
"type": "object"
}
ChildL2VPNSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VPNSession",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNSession"
},
"properties": {
"L2VPNSession": {
"$ref": "L2VPNSession,
"description": "Contains the actual L2VPNSession object.",
"required": true,
"title": "L2VPNSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNSession",
"type": "object"
}
ChildL2Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2Vpn",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2Vpn"
},
"properties": {
"L2Vpn": {
"$ref": "L2Vpn,
"description": "Contains the actual L2Vpn object.",
"required": true,
"title": "L2Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2Vpn",
"type": "object"
}
ChildL2VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VpnContext",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VpnContext"
},
"properties": {
"L2VpnContext": {
"$ref": "L2VpnContext,
"description": "Contains the actual L2VpnContext object.",
"required": true,
"title": "L2VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VpnContext",
"type": "object"
}
ChildL3Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL3Vpn",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3Vpn"
},
"properties": {
"L3Vpn": {
"$ref": "L3Vpn,
"description": "Contains the actual L3Vpn object.",
"required": true,
"title": "L3Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3Vpn",
"type": "object"
}
ChildL3VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL3VpnContext",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3VpnContext"
},
"properties": {
"L3VpnContext": {
"$ref": "L3VpnContext,
"description": "Contains the actual L3VpnContext object.",
"required": true,
"title": "L3VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3VpnContext",
"type": "object"
}
ChildL7AccessEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Entry, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL7AccessEntry",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessEntry"
},
"properties": {
"L7AccessEntry": {
"$ref": "L7AccessEntry,
"description": "Contains the actual L7 access entry object",
"required": true,
"title": "L7 Access Entry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Entry",
"type": "object"
}
ChildL7AccessProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL7AccessProfile",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessProfile"
},
"properties": {
"L7AccessProfile": {
"$ref": "L7AccessProfile,
"description": "Contains the actual L7 access profile object",
"required": true,
"title": "L7 access profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Profile",
"type": "object"
}
ChildLBAppProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBAppProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBAppProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBAppProfile"
},
"properties": {
"LBAppProfile": {
"$ref": "LBAppProfile,
"description": "Contains the actual LBAppProfile object.",
"required": true,
"title": "LBAppProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBAppProfile",
"type": "object"
}
ChildLBClientSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBClientSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBClientSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBClientSslProfile"
},
"properties": {
"LBClientSslProfile": {
"$ref": "LBClientSslProfile,
"description": "Contains the actual LBClientSslProfile object.",
"required": true,
"title": "LBClientSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBClientSslProfile",
"type": "object"
}
ChildLBMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBMonitorProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBMonitorProfile"
},
"properties": {
"LBMonitorProfile": {
"$ref": "LBMonitorProfile,
"description": "Contains the actual LBMonitorProfile object.",
"required": true,
"title": "LBMonitorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBMonitorProfile",
"type": "object"
}
ChildLBPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPersistenceProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPersistenceProfile"
},
"properties": {
"LBPersistenceProfile": {
"$ref": "LBPersistenceProfile,
"description": "Contains the actual LBPersistenceProfile object.",
"required": true,
"title": "LBPersistenceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPersistenceProfile",
"type": "object"
}
ChildLBPool (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPool, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBPool",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPool"
},
"properties": {
"LBPool": {
"$ref": "LBPool,
"description": "Contains the actual LBPool object.",
"required": true,
"title": "LBPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPool",
"type": "object"
}
ChildLBServerSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBServerSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBServerSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBServerSslProfile"
},
"properties": {
"LBServerSslProfile": {
"$ref": "LBServerSslProfile,
"description": "Contains the actual LBServerSslProfile object.",
"required": true,
"title": "LBServerSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBServerSslProfile",
"type": "object"
}
ChildLBService (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBService",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBService"
},
"properties": {
"LBService": {
"$ref": "LBService,
"description": "Contains the actual LBService object.",
"required": true,
"title": "LBService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBService",
"type": "object"
}
ChildLBVirtualServer (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBVirtualServer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBVirtualServer",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBVirtualServer"
},
"properties": {
"LBVirtualServer": {
"$ref": "LBVirtualServer,
"description": "Contains the actual LBVirtualServer object.",
"required": true,
"title": "LBVirtualServer"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBVirtualServer",
"type": "object"
}
ChildLiveTraceConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for LiveTraceConfig for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLiveTraceConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLiveTraceConfig"
},
"properties": {
"LiveTraceConfig": {
"$ref": "LiveTraceConfig,
"description": "The actual LiveTraceConfig object.",
"required": true,
"title": "LiveTraceConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LiveTraceConfig",
"type": "object"
}
ChildLocaleServices (type)
{
"additionalProperties": false,
"description": "Child wrapper object for LocaleServices, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLocaleServices",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLocaleServices"
},
"properties": {
"LocaleServices": {
"$ref": "LocaleServices,
"description": "Contains the actual LocaleServices object",
"required": true,
"title": "LocaleServices"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LocaleServices",
"type": "object"
}
ChildMacDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MacDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMacDiscoveryProfile",
"module_id": "PolicyMacDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMacDiscoveryProfile"
},
"properties": {
"MacDiscoveryProfile": {
"$ref": "MacDiscoveryProfile,
"description": "Contains the actual MacDiscoveryProfile object",
"required": true,
"title": "MacDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MacDiscoveryProfile",
"type": "object"
}
ChildMalwarePreventionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMalwarePreventionProfile",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionProfile"
},
"properties": {
"MalwarePreventionProfile": {
"$ref": "MalwarePreventionProfile,
"description": "Contains the MalwarePreventionProfile object",
"required": true,
"title": "MalwarePreventionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionProfile",
"type": "object"
}
ChildMalwarePreventionSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMalwarePreventionSignature",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionSignature"
},
"properties": {
"MalwarePreventionSignature": {
"$ref": "MalwarePreventionSignature,
"description": "Contains the MalwarePreventionSignature object",
"required": true,
"title": "MalwarePreventionSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionSignature",
"type": "object"
}
ChildMetadataProxyConfig (type)
{
"additionalProperties": false,
"descritpion": "Child wrapper object for MetadataProxyConfig, used in hierarchical APIs",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMetadataProxyConfig",
"module_id": "PolicyMetadataProxy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMetadataProxyConfig"
},
"properties": {
"MetadataProxyConfig": {
"$ref": "MetadataProxyConfig,
"description": "Contains the actual MetadataProxyConfig object.",
"required": true,
"title": "MetadataProxyConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MetadataProxyConfig",
"type": "object"
}
ChildOdsDynamicRunbookInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsDynamicRunbookInstance for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOdsDynamicRunbookInstance",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsDynamicRunbookInstance"
},
"properties": {
"OdsDynamicRunbookInstance": {
"$ref": "OdsDynamicRunbookInstance,
"description": "The actual OdsDynamicRunbookInstance object.",
"required": true,
"title": "OdsDynamicRunbookInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsDynamicRunbookInstance",
"type": "object"
}
ChildOdsRunbookInvocation (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsRunbookInvocation for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOdsRunbookInvocation",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsRunbookInvocation"
},
"properties": {
"OdsRunbookInvocation": {
"$ref": "OdsRunbookInvocation,
"description": "The actual OdsRunbookInvocation object.",
"required": true,
"title": "OdsRunbookInvocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsRunbookInvocation",
"type": "object"
}
ChildOdsRunbookInvocationArtifactBatchRequest (type)
{
"additionalProperties": false,
"description": "Child wrapper for OdsRunbookInvocationArtifactBatchRequest for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOdsRunbookInvocationArtifactBatchRequest",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ChildOdsRunbookInvocationArtifactBatchRequest"
},
"properties": {
"OdsRunbookInvocation": {
"$ref": "OdsRunbookInvocationArtifactBatchRequest,
"description": "The actual OdsRunbookInvocationArtifactBatchRequest object.",
"required": true,
"title": "OdsRunbookInvocationArtifactBatchRequest"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OdsRunbookInvocationArtifactBatchRequest",
"type": "object"
}
ChildOpsGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OpsGlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOpsGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "OpsGlobalConfig,
"description": "Contains the actual OpsGlobalConfig object.",
"required": true,
"title": "OpsGlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OpsGlobalConfig",
"type": "object"
}
ChildOrg (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Org, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOrg",
"module_id": "PolicyOrg",
"properties": {
"Org": {
"$ref": "Org,
"description": "Contains the actual Org object",
"required": true,
"title": "Org"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Org",
"type": "object"
}
ChildOrgRoot (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OrgRoot, used in multi-tenancy hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOrgRoot",
"module_id": "PolicyOrgRoot",
"properties": {
"OrgRoot": {
"$ref": "OrgRoot,
"description": "Contains the actual OrgRoot object",
"required": true,
"title": "OrgRoot"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OrgRoot",
"type": "object"
}
ChildOspfAreaConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfAreaConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOspfAreaConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfAreaConfig": {
"$ref": "OspfAreaConfig,
"description": "Contains actual OspfAreaConfig.",
"required": true,
"title": "OspfAreaConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildOspfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfRoutingConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOspfRoutingConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfRoutingConfig": {
"$ref": "OspfRoutingConfig,
"description": "Contains actual OspfRoutingConfig.",
"required": true,
"title": "OspfRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildPolicyConfigResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an object on the desired state",
"extends": {
"$ref": "ManagedResource
},
"id": "ChildPolicyConfigResource",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the desired state object as child resource",
"type": "object"
}
ChildPolicyContextProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyContextProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyContextProfile",
"module_id": "PolicyContextProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyContextProfile"
},
"properties": {
"PolicyContextProfile": {
"$ref": "PolicyContextProfile,
"description": "Contains the actual PolicyContextProfile objects",
"required": true,
"title": "PolicyContextProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyContextProfile",
"type": "object"
}
ChildPolicyCustomAttributes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyCustomAttributes, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyCustomAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"PolicyCustomAttributes": {
"$ref": "PolicyCustomAttributes,
"description": "Contains the actual PolicyCustomAttributes objects",
"required": true,
"title": "PolicyCustomAttributes"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyCustomAttributes",
"type": "object"
}
ChildPolicyDnsForwarder (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarder, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyDnsForwarder",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarder"
},
"properties": {
"PolicyDnsForwarder": {
"$ref": "PolicyDnsForwarder,
"description": "Contains the actual PolicyDnsForwarder object",
"required": true,
"title": "PolicyDnsForwarder"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarder",
"type": "object"
}
ChildPolicyDnsForwarderZone (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyDnsForwarderZone",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarderZone"
},
"properties": {
"PolicyDnsForwarderZone": {
"$ref": "PolicyDnsForwarderZone,
"description": "Contains the actual PolicyDnsForwarderZone object",
"required": true,
"title": "PolicyDnsForwarderZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarderZone",
"type": "object"
}
ChildPolicyEdgeCluster (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeCluster, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyEdgeCluster",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeCluster"
},
"properties": {
"PolicyEdgeCluster": {
"$ref": "PolicyEdgeCluster,
"description": "Contains the actual PolicyEdgeCluster object.",
"required": true,
"title": "PolicyEdgeCluster"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeCluster",
"type": "object"
}
ChildPolicyEdgeNode (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeNode, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyEdgeNode",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeNode"
},
"properties": {
"PolicyEdgeNode": {
"$ref": "PolicyEdgeNode,
"description": "Contains the actual PolicyEdgeNode object.",
"required": true,
"title": "PolicyEdgeNode"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeNode",
"type": "object"
}
ChildPolicyExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyExcludeList",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyExcludeList"
},
"properties": {
"PolicyExcludeList": {
"$ref": "PolicyExcludeList,
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicyExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyExcludeList",
"type": "object"
}
ChildPolicyFirewallCPUMemThresholdsProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallCPUMemThresholdsProfileBindingMap",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"PolicyFirewallCPUMemThresholdsProfileBindingMap": {
"$ref": "PolicyFirewallCPUMemThresholdsProfileBindingMap,
"description": "Contains the actual PolicyFirewallCPUMemThresholdsProfileBindingMap object.",
"required": true,
"title": "PolicyFirewallCPUMemThresholdsProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallCpuMemThresholdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallCpuMemThresholdsProfile",
"module_id": "PolicyProfile",
"properties": {
"PolicyFirewallCpuMemThresholdsProfile": {
"$ref": "PolicyFirewallCpuMemThresholdsProfile,
"description": "Contains the actual PolicyFirewallCpuMemThresholdsProfile object",
"required": true,
"title": "PolicyFirewallCpuMemThresholdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCpuMemThresholdsProfile",
"type": "object"
}
ChildPolicyFirewallFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallFloodProtectionProfileBindingMap",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"PolicyFirewallFloodProtectionProfileBindingMap": {
"$ref": "PolicyFirewallFloodProtectionProfileBindingMap,
"description": "Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object",
"required": true,
"title": "PolicyFirewallFloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallIpReputationConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallIpReputationConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallIpReputationConfig",
"module_id": "PolicyFirewallIpReputation",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallIpReputationConfig"
},
"properties": {
"PolicyFirewallIpReputationConfig": {
"$ref": "PolicyFirewallIpReputationConfig,
"description": "Contains the actual PolicyFirewallIpReputationConfig object.",
"required": true,
"title": "IP reputation config"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallIpReputationConfig",
"type": "object"
}
ChildPolicyFirewallScheduler (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallScheduler, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallScheduler",
"module_id": "PolicyFirewallScheduler",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallScheduler"
},
"properties": {
"PolicyFirewallScheduler": {
"$ref": "PolicyFirewallScheduler,
"description": "Contains the actual PolicyFirewallScheduler objects",
"required": true,
"title": "PolicyFirewallScheduler"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallScheduler",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallSessionTimerProfile",
"module_id": "PolicyFirewallSessionTimerProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallSessionTimerProfile"
},
"properties": {
"PolicyFirewallSessionTimerProfile": {
"$ref": "PolicyFirewallSessionTimerProfile,
"description": "Contains the actual PolicyFirewallSessionTimerProfile object",
"required": true,
"title": "PolicyFirewallSessionTimerProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfile",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallSessionTimerProfileBindingMap",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"PolicyFirewallSessionTimerProfileBindingMap": {
"$ref": "PolicyFirewallSessionTimerProfileBindingMap,
"description": "Contains the actual PolicyFirewallSessionTimerProfileBindingMap object",
"required": true,
"title": "PolicyFirewallSessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfileBindingMap",
"type": "object"
}
ChildPolicyIgmpProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyIgmpProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyIgmpProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyIgmpProfile": {
"$ref": "PolicyIgmpProfile,
"description": "Contains actual PolicyIgmpProfile.",
"required": true,
"title": "PolicyIgmpProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyIgmpProfile",
"type": "object"
}
ChildPolicyInterVrfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyInterVrfRoutingConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyInterVrfRoutingConfig",
"module_id": "PolicyConnectivity",
"properties": {
"PolicyInterVrfRoutingConfig": {
"$ref": "PolicyInterVrfRoutingConfig,
"description": "Contains actual PolicyInterVrfRoutingConfig.",
"required": true,
"title": "PolicyInterVrfRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for inter-vrf routing config",
"type": "object"
}
ChildPolicyLabel (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLabel, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyLabel",
"module_id": "PolicyLabel",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLabel"
},
"properties": {
"PolicyLabel": {
"$ref": "PolicyLabel,
"description": "Contains the actual PolicyLabel object",
"required": true,
"title": "PolicyLabel"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLabel",
"type": "object"
}
ChildPolicyLatencyStatProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyLatencyStatProfile",
"module_id": "PolicyLatency",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLatencyStatProfile"
},
"properties": {
"PolicyLatencyStatProfile": {
"$ref": "PolicyLatencyStatProfile,
"description": "Contains the actual PolicyLatencyStatProfile object",
"required": true,
"title": "PolicyLatencyStatProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLatencyStatProfile",
"type": "object"
}
ChildPolicyMulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyMulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyMulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyMulticastConfig": {
"$ref": "PolicyMulticastConfig,
"description": "Contains actual PolicyMulticastConfig.",
"required": true,
"title": "PolicyMulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyMulticastConfig",
"type": "object"
}
ChildPolicyNat (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNat, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyNat",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNat"
},
"properties": {
"PolicyNat": {
"$ref": "PolicyNat,
"description": "Contains the actual PolicyNAT object",
"required": true,
"title": "PolicyNat"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNat",
"type": "object"
}
ChildPolicyNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyNatRule",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNatRule"
},
"properties": {
"PolicyNatRule": {
"$ref": "PolicyNatRule,
"description": "Contains the actual PolicyNatRule object",
"required": true,
"title": "PolicyNatRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNatRule",
"type": "object"
}
ChildPolicyPimProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyPimProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyPimProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyPimProfile": {
"$ref": "PolicyPimProfile,
"description": "Contains actual PolicyPimProfile.",
"required": true,
"title": "PolicyPimProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyPimProfile",
"type": "object"
}
ChildPolicySIExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicySIExcludeList",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIExcludeList"
},
"properties": {
"PolicySIExcludeList": {
"$ref": "PolicySIExcludeList,
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicySIExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIExcludeList",
"type": "object"
}
ChildPolicyServiceChain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceChain",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceChain"
},
"properties": {
"PolicyServiceChain": {
"$ref": "PolicyServiceChain,
"description": "Contains actual PolicyServiceChain.",
"required": true,
"title": "PolicyServiceChain"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceChain",
"type": "object"
}
ChildPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceInstance"
},
"properties": {
"PolicyServiceInstance": {
"$ref": "PolicyServiceInstance,
"description": "Contains actual PolicyServiceInstance.",
"required": true,
"title": "PolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceInstance",
"type": "object"
}
ChildPolicyServiceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceProfile",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceProfile"
},
"properties": {
"PolicyServiceProfile": {
"$ref": "PolicyServiceProfile,
"description": "Contains actual PolicyServiceProfile.",
"required": true,
"title": "PolicyServiceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceProfile",
"type": "object"
}
ChildPolicyTier1MulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTier1MulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyTier1MulticastConfig": {
"$ref": "PolicyTier1MulticastConfig,
"description": "Contains actual PolicyTier1MulticastConfig.",
"required": true,
"title": "PolicyTier1MulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTier1MulticastConfig",
"type": "object"
}
ChildPolicyTransportZone (type)
{
"description": "Child wrapper object for PolicyTransportZone, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTransportZone",
"module_id": "PolicyTransportZone",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZone"
},
"properties": {
"PolicyTransportZone": {
"$ref": "PolicyTransportZone,
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZone object.",
"required": true,
"title": "PolicyTransportZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZone",
"type": "object"
}
ChildPolicyTransportZoneProfile (type)
{
"description": "Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTransportZoneProfile",
"module_id": "PolicyTransportZoneProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZoneProfile"
},
"properties": {
"PolicyTransportZoneProfile": {
"$ref": "PolicyTransportZoneProfile,
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZoneProfile object.",
"required": true,
"title": "PolicyTransportZoneProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZoneProfile",
"type": "object"
}
ChildPolicyUrlCategorizationConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyUrlCategorizationConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyUrlCategorizationConfig"
},
"properties": {
"PolicyUrlCategorizationConfig": {
"$ref": "PolicyUrlCategorizationConfig,
"description": "Contains the actual PolicyUrlCategorizationConfig object",
"required": true,
"title": "URL Categorization Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyUrlCategorizationConfig",
"type": "object"
}
ChildPolicyVpcNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyVpcNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyVpcNatRule",
"module_id": "PolicyVpcNat",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyVpcNatRule"
},
"properties": {
"PolicyVpcNatRule": {
"$ref": "PolicyVpcNatRule,
"description": "Contains the actual Policy VPC Nat Rule object",
"required": true,
"title": "Policy VPC Nat Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyVpcNatRule",
"type": "object"
}
ChildPortDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortDiscoveryProfileBindingMap"
},
"properties": {
"PortDiscoveryProfileBindingMap": {
"$ref": "PortDiscoveryProfileBindingMap,
"description": "Contains the actual PortDiscoveryProfileBindingMap object",
"required": true,
"title": "PortDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortDiscoveryProfileBindingMap",
"type": "object"
}
ChildPortMirroringProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMirroringProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortMirroringProfile",
"module_id": "PolicyPortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMirroringProfile"
},
"properties": {
"PortMirroringProfile": {
"$ref": "PortMirroringProfile,
"description": "Contains the actual PortMirroringProfile object",
"required": true,
"title": "PortMirroringProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMirroringProfile",
"type": "object"
}
ChildPortMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMonitoringProfileBindingMap"
},
"properties": {
"PortMonitoringProfileBindingMap": {
"$ref": "PortMonitoringProfileBindingMap,
"description": "Contains the actual PortMonitoringProfileBindingMap object",
"required": true,
"title": "PortMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMonitoringProfileBindingMap",
"type": "object"
}
ChildPortQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortQoSProfileBindingMap"
},
"properties": {
"PortQoSProfileBindingMap": {
"$ref": "PortQoSProfileBindingMap,
"description": "Contains the actual PortQoSProfileBindingMap object",
"required": true,
"title": "PortQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortQoSProfileBindingMap",
"type": "object"
}
ChildPortSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortSecurityProfileBindingMap"
},
"properties": {
"PortSecurityProfileBindingMap": {
"$ref": "PortSecurityProfileBindingMap,
"description": "Contains the actual PortSecurityProfileBindingMap object",
"required": true,
"title": "PortSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortSecurityProfileBindingMap",
"type": "object"
}
ChildPrefixList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PrefixList, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPrefixList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPrefixList"
},
"properties": {
"PrefixList": {
"$ref": "PrefixList,
"description": "Contains the actual PrefixList object.",
"required": true,
"title": "PrefixList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PrefixList",
"type": "object"
}
ChildProject (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Project, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildProject",
"module_id": "PolicyProject",
"properties": {
"Project": {
"$ref": "Project,
"description": "Contains the actual Project object",
"required": true,
"title": "PROJECT"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PROJECT",
"type": "object"
}
ChildProjectRouteFilter (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ProjectRouteFilter used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildProjectRouteFilter",
"module_id": "PolicyConnectivity",
"properties": {
"ProjectRouteFilter": {
"$ref": "ProjectRouteFilter,
"description": "Contains actual ProjectRouteFilter.",
"required": true,
"title": "ProjectRouteFilter"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for project route filter",
"type": "object"
}
ChildQoSProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for QoSProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildQoSProfile",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildQoSProfile"
},
"properties": {
"QoSProfile": {
"$ref": "QoSProfile,
"description": "Contains the actual QoSProfile object",
"required": true,
"title": "QoSProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for QoSProfile",
"type": "object"
}
ChildReaction (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Reaction used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildReaction",
"module_id": "PolicyReaction",
"properties": {
"Reaction": {
"$ref": "Reaction,
"description": "Contains the actual Reaction object.",
"required": true,
"title": "Reaction"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Reaction",
"type": "object"
}
ChildRedirectionPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for RedirectionPolicy used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRedirectionPolicy",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionPolicy"
},
"properties": {
"RedirectionPolicy": {
"$ref": "RedirectionPolicy,
"description": "Contains actual RedirectionPolicy.",
"required": true,
"title": "RedirectionPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionPolicy\n",
"type": "object"
}
ChildRedirectionRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ChildRedirectionRule used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRedirectionRule",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionRule"
},
"properties": {
"RedirectionRule": {
"$ref": "RedirectionRule,
"description": "Contains actual RedirectionRule.",
"required": true,
"title": "RedirectionRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionRule\n",
"type": "object"
}
ChildResourceReference (type)
{
"additionalProperties": false,
"description": "Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildResourceReference",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_type": {
"required": true,
"title": "The target type of this reference",
"type": "string"
}
},
"title": "Represents the reference to ChildPolicyConfigResource",
"type": "object"
}
ChildRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRule",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRule"
},
"properties": {
"Rule": {
"$ref": "Rule,
"description": "Contains the actual Rule object",
"required": true,
"title": "Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildSIStatusConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSIStatusConfiguration",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIStatusConfiguration"
},
"properties": {
"PolicySIStatusConfiguration": {
"$ref": "PolicySIStatusConfiguration,
"description": "Contains the actual service insertion status configuration list object.",
"required": true
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIStatusConfiguration",
"type": "object"
}
ChildSecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T1 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityFeatures"
},
"properties": {
"SecurityFeatures": {
"$ref": "SecurityFeatures,
"description": "Contains the actual SecurityFeatures object",
"required": true,
"title": "Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Security Feature",
"type": "object"
}
ChildSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSecurityPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityPolicy"
},
"properties": {
"SecurityPolicy": {
"$ref": "SecurityPolicy,
"description": "Contains the actual SecurityPolicy object",
"required": true,
"title": "SecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SecurityPolicy",
"type": "object"
}
ChildSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Segment, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegment"
},
"properties": {
"Segment": {
"$ref": "Segment,
"description": "Contains the actual Segment object.",
"required": true,
"title": "Segment"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Segment",
"type": "object"
}
ChildSegmentConnectionBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper for SegmentConnectionBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentConnectionBindingMap",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentConnectionBindingMap"
},
"properties": {
"SegmentConnectionBindingMap": {
"$ref": "SegmentConnectionBindingMap,
"description": "Contains the actual SegmentConnectionBindingMap object.",
"required": true,
"title": "Segment Connection Binding Map"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentConnectionBindingMap",
"type": "object"
}
ChildSegmentDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentDiscoveryProfileBindingMap"
},
"properties": {
"SegmentDiscoveryProfileBindingMap": {
"$ref": "SegmentDiscoveryProfileBindingMap,
"description": "Contains the actual SegmentDiscoveryProfileBindingMap object",
"required": true,
"title": "SegmentDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentDiscoveryProfileBindingMap",
"type": "object"
}
ChildSegmentMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentMonitoringProfileBindingMap"
},
"properties": {
"SegmentMonitoringProfileBindingMap": {
"$ref": "SegmentMonitoringProfileBindingMap,
"description": "Contains the actual SegmentMonitoringProfileBindingMap object",
"required": true,
"title": "SegmentMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentMonitoringProfileBindingMap",
"type": "object"
}
ChildSegmentPort (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentPort, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentPort",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentPort"
},
"properties": {
"SegmentPort": {
"$ref": "SegmentPort,
"description": "Contains the actual SegmentPort object",
"required": true,
"title": "SegmentPort"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentPort",
"type": "object"
}
ChildSegmentQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentQoSProfileBindingMap"
},
"properties": {
"SegmentQoSProfileBindingMap": {
"$ref": "SegmentQoSProfileBindingMap,
"description": "Contains the actual SegmentQoSProfileBindingMap object",
"required": true,
"title": "SegmentQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentQoSProfileBindingMap",
"type": "object"
}
ChildSegmentSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentSecurityProfile",
"module_id": "PolicySegmentSecurity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfile"
},
"properties": {
"SegmentSecurityProfile": {
"$ref": "SegmentSecurityProfile,
"description": "Contains the actual SegmentSecurityProfile object",
"required": true,
"title": "SegmentSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfile",
"type": "object"
}
ChildSegmentSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfileBindingMap"
},
"properties": {
"SegmentSecurityProfileBindingMap": {
"$ref": "SegmentSecurityProfileBindingMap,
"description": "Contains the actual SegmentSecurityProfileBindingMap object",
"required": true,
"title": "SegmentSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfileBindingMap",
"type": "object"
}
ChildService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Service, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildService",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildService"
},
"properties": {
"Service": {
"$ref": "Service,
"description": "Contains the actual Service object.",
"required": true,
"title": "Service"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Service",
"type": "object"
}
ChildServiceEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceEntry, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceEntry"
},
"properties": {
"Service": {
"$ref": "ServiceEntry,
"deprecated": true,
"description": "This is a deprecated property, Please use 'ServiceEntry' instead.",
"title": "ServiceEntry"
},
"ServiceEntry": {
"$ref": "ServiceEntry,
"description": "Contains the actual ServiceEntry object.",
"required": true,
"title": "ServiceEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceEntry",
"type": "object"
}
ChildServiceInstanceEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceInstanceEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInstanceEndpoint"
},
"properties": {
"ServiceInstanceEndpoint": {
"$ref": "ServiceInstanceEndpoint,
"description": "Contains actual ServiceInstanceEndpoint.",
"required": true,
"title": "ServiceInstanceEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInstanceEndpoint",
"type": "object"
}
ChildServiceInterface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInterface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceInterface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInterface"
},
"properties": {
"ServiceInterface": {
"$ref": "ServiceInterface,
"description": "Contains the actual ServiceInterface object.",
"required": true,
"title": "ServiceInterface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInterface",
"type": "object"
}
ChildServiceReference (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceReference used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceReference",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceReference"
},
"properties": {
"ServiceReference": {
"$ref": "ServiceReference,
"description": "Contains actual ServiceReference.",
"required": true,
"title": "ServiceReference"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceReference",
"type": "object"
}
ChildServiceSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceSegment, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceSegment"
},
"properties": {
"ServiceSegment": {
"$ref": "ServiceSegment,
"description": "Contains the actual ServiceSegment objects",
"required": true,
"title": "ServiceSegments"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SerivceSegment",
"type": "object"
}
ChildSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSessionTimerProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSessionTimerProfileBindingMap"
},
"properties": {
"SessionTimerProfileBindingMap": {
"$ref": "SessionTimerProfileBindingMap,
"description": "Contains the actual SessionTimerProfileBindingMap object",
"required": true,
"title": "SessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SessionTimerProfileBindingMap",
"type": "object"
}
ChildShaDynamicPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaDynamicPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaDynamicPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaDynamicPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaDynamicPlugin,
"description": "Contains the actual ShaDynamicPlugin object",
"required": true,
"title": "ShaDynamicPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildShaPluginProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPluginProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPluginProfile"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPluginProfile,
"description": "Contains the actual ShaPluginProfile object",
"required": true,
"title": "ShaPluginProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaPluginProfile",
"type": "object"
}
ChildShaPredefinedPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPredefinedPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaPredefinedPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPredefinedPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPredefinedPlugin,
"description": "Contains the actual ShaPredefinedPlugin object",
"required": true,
"title": "ShaPredefinedPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildShare (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Share, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShare",
"module_id": "PolicyShare",
"properties": {
"Share": {
"$ref": "Share,
"description": "Contains the actual Share object",
"required": true,
"title": "Share"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Share",
"type": "object"
}
ChildSharedResource (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SharedResource, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSharedResource",
"module_id": "PolicyShare",
"properties": {
"SharedResource": {
"$ref": "SharedResource,
"description": "Contains the actual SharedResource object",
"required": true,
"title": "SharedResource"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SharedResource",
"type": "object"
}
ChildSite (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Site, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSite",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSite"
},
"properties": {
"Site": {
"$ref": "Site,
"description": "Contains the actual Site object.",
"required": true,
"title": "Site"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Site",
"type": "object"
}
ChildSpoofGuardProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SpoofGuardProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSpoofGuardProfile",
"module_id": "PolicySpoofGuard",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSpoofGuardProfile"
},
"properties": {
"SpoofGuardProfile": {
"$ref": "SpoofGuardProfile,
"description": "Contains the actual SpoofGuardProfile object",
"required": true,
"title": "SpoofGuardProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SpoofGuardProfile",
"type": "object"
}
ChildStandaloneHostIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStandaloneHostIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStandaloneHostIdfwConfiguration"
},
"properties": {
"StandaloneHostIdfwConfiguration": {
"$ref": "StandaloneHostIdfwConfiguration,
"description": "Contains the actual standalone host idfw configuration object.",
"required": true,
"title": "StandaloneHostIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StandaloneHostIdfwConfiguration",
"type": "object"
}
ChildStaticARPConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticARPConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticARPConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticARPConfig"
},
"properties": {
"StaticARPConfig": {
"$ref": "StaticARPConfig,
"description": "Contains the actual StaticARPConfig object.",
"required": true,
"title": "StaticARPConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticARPConfig",
"type": "object"
}
ChildStaticMimeContent (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Static MIME content, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticMimeContent",
"module_id": "PolicyStaticMimeContent",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticMimeContent"
},
"properties": {
"TlsProfile": {
"$ref": "StaticMimeContent,
"description": "Contains the actual Static MIME content object.",
"required": true,
"title": "Static Mime Content"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child Static MIME content",
"type": "object"
}
ChildStaticRouteBfdPeer (type)
{
"additionalProperties": false,
"description": "Child wrapper for StaticRouteBfdPeer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticRouteBfdPeer",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRouteBfdPeer"
},
"properties": {
"BfdPeer": {
"$ref": "StaticRouteBfdPeer,
"description": "Contains the actual StaticRouteBfdPeer object.",
"required": true,
"title": "Static Route BFD Peer"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRouteBfdPeer",
"type": "object"
}
ChildStaticRoutes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticRoutes, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticRoutes",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRoutes"
},
"properties": {
"StaticRoutes": {
"$ref": "StaticRoutes,
"description": "Contains the actual StaticRoutes object.",
"required": true,
"title": "StaticRoutes"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRoutes",
"type": "object"
}
ChildTagBulkOperation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TagBulkOperation, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTagBulkOperation",
"module_id": "PolicyTag",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTagBulkOperation"
},
"properties": {
"TagBulkOperation": {
"$ref": "TagBulkOperation,
"description": "Contains actual TagBulkOperation object.",
"required": true,
"title": "TagBulkOperation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper object for TagBulkOperation",
"type": "object"
}
ChildTier0 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-0, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0"
},
"properties": {
"Tier0": {
"$ref": "Tier0,
"description": "Contains the actual Tier-0 object.",
"required": true,
"title": "Tier-0"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-0",
"type": "object"
}
ChildTier0DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0DeploymentMap"
},
"properties": {
"Tier0DeploymentMap": {
"$ref": "Tier0DeploymentMap,
"description": "Contains the actual Tier0DeploymentMap object.",
"required": true,
"title": "Tier0DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0DeploymentMap",
"type": "object"
}
ChildTier0Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0Interface"
},
"properties": {
"Tier0Interface": {
"$ref": "Tier0Interface,
"description": "Contains the actual Tier0Interface object.",
"required": true,
"title": "Tier0Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0Interface",
"type": "object"
}
ChildTier0InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0InterfaceGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0InterfaceGroup",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0InterfaceGroup"
},
"properties": {
"Tier0InterfaceGroup": {
"$ref": "Tier0InterfaceGroup,
"description": "Contains the actual Tier0InterfaceGroup object.",
"required": true,
"title": "Tier0InterfaceGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0InterfaceGroup",
"type": "object"
}
ChildTier0RouteMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0RouteMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0RouteMap",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0RouteMap"
},
"properties": {
"Tier0RouteMap": {
"$ref": "Tier0RouteMap,
"description": "Contains the actual Tier0RouteMap object",
"required": true,
"title": "Tier0RouteMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0RouteMap",
"type": "object"
}
ChildTier0SecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T0 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0SecurityFeatures"
},
"properties": {
"Tier0SecurityFeatures": {
"$ref": "Tier0SecurityFeatures,
"description": "Contains the actual TO SecurityFeatures object",
"required": true,
"title": "T0 Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for T0 Security Feature",
"type": "object"
}
ChildTier1 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-1 , used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1"
},
"properties": {
"Tier1": {
"$ref": "Tier1,
"description": "Contains the actual Tier-1 object.",
"required": true,
"title": "Tier-1"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-1",
"type": "object"
}
ChildTier1DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1DeploymentMap"
},
"properties": {
"Tier1DeploymentMap": {
"$ref": "Tier1DeploymentMap,
"description": "Contains the actual Tier1DeploymentMap object.",
"required": true,
"title": "Tier1DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1DeploymentMap",
"type": "object"
}
ChildTier1Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1Interface"
},
"properties": {
"Tier1Interface": {
"$ref": "Tier1Interface,
"description": "Contains the actual Tier1Interface object.",
"required": true,
"title": "Tier1Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1Interface",
"type": "object"
}
ChildTier1InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1InterfaceGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1InterfaceGroup",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1InterfaceGroup"
},
"properties": {
"Tier1InterfaceGroup": {
"$ref": "Tier1InterfaceGroup,
"description": "Contains the actual Tier1InterfaceGroup object.",
"required": true,
"title": "Tier1InterfaceGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1InterfaceGroup",
"type": "object"
}
ChildTlsCertificate (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCertificate, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsCertificate",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCertificate"
},
"properties": {
"TlsCertificate": {
"$ref": "TlsCertificate,
"description": "Contains the actual TlsCertificate object.",
"required": true,
"title": "TlsCertificate"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCertificate",
"type": "object"
}
ChildTlsCrl (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCrl, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsCrl",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCrl"
},
"properties": {
"TlsCrl": {
"$ref": "TlsCrl,
"description": "Contains the actual TlsCrl object.",
"required": true,
"title": "TlsCrl"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCrl",
"type": "object"
}
ChildTlsPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLSPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsPolicy",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsPolicy"
},
"properties": {
"TlsPolicy": {
"$ref": "TlsPolicy,
"description": "Contains the actual TLSPolicy object",
"required": true,
"title": "TlsPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsPolicy",
"type": "object"
}
ChildTlsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLS Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsProfile"
},
"properties": {
"TlsProfile": {
"$ref": "TlsProfile,
"description": "Contains the actual TLS profile object.",
"required": true,
"title": "TLS Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child TLS Profile",
"type": "object"
}
ChildTlsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsRule",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsRule"
},
"properties": {
"TlsRule": {
"$ref": "TlsRule,
"description": "Contains the actual TLS Rule object",
"required": true,
"title": "TLS Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildTlsTrustData (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsTrustData, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsTrustData",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsTrustData"
},
"properties": {
"TlsTrustData": {
"$ref": "TlsTrustData,
"description": "Contains the actual TlsTrustData object.",
"required": true,
"title": "TlsTrustData"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsTrustData",
"type": "object"
}
ChildTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for TraceflowConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "TraceflowConfig,
"description": "Contains the actual TraceflowConfig object.",
"required": true,
"title": "TraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TraceflowConfig",
"type": "object"
}
ChildTunnel (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tunnel, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTunnel",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTunnel"
},
"properties": {
"Tunnel": {
"$ref": "Tunnel,
"description": "Contains the actual Tunnel object.",
"required": true,
"title": "Tunnel"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tunnel",
"type": "object"
}
ChildTypesRequestParameter (type)
{
"description": "Specified child resource types will be populated in the response body",
"id": "ChildTypesRequestParameter",
"module_id": "Policy",
"properties": {
"base_path": {
"description": "Base path of the resource for which user wants to retrieve the hierarchy. This should be the fully qualified path for the resource. - Sample examples - base_path=/infra/domains/default/groups/Group1 base_path=/infra/domains/default/security-policies/SecurityPolicy1/rules/Rule1",
"required": false,
"title": "Base Path for retrieving hierarchical intent",
"type": "string"
},
"filter": {
"description": "Filter string, can contain multiple or single java regular expressions separated by ';'. By default populates immediate child resources of the resource indicated by the URL. These child resources will be filtered by the type provided in the filter. It is recommended to use type_filter parameter instead of filter parameter. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to populate all the Group objects under Infra & Domain: filter=Type-Domain%7CGroup - Sample query string to load every policy object under Infra: filter=Type-.*",
"required": false,
"title": "Filter string as java regex",
"type": "string"
},
"type_filter": {
"description": "Advanced filter string in which user can directly specify the resourceTypes to be filtered. Can be used in conjunction with base_path. - Sample example of type_filter to load all groups - type_filter=Group - Sample example of multiple type_filter - type_filter=Group;SercurityPolicy;RedirectionPolicy - Sample example to load all groups in default domain using base_path in conjunction with type_filter - base_path=/infra/domains/default&type_filter=Group",
"required": false,
"title": "Filter string to retrieve hierarchy.",
"type": "string"
}
},
"title": "Filter to populate child types of the policyConfigResource",
"type": "object"
}
ChildVMTagReplicationPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VMTagReplicationPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVMTagReplicationPolicy",
"module_id": "VMTagReplicationPolicy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVMTagReplicationPolicy"
},
"properties": {
"VMTagReplicationPolicy": {
"$ref": "VMTagReplicationPolicy,
"description": "Contains the actual VMTagReplicationPolicy object",
"required": true,
"title": "VMTagReplicationPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VMTagReplicationPolicy",
"type": "object"
}
ChildVirtualEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VirtualEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVirtualEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVirtualEndpoint"
},
"properties": {
"VirtualEndpoint": {
"$ref": "VirtualEndpoint,
"description": "Contains reference to actual VirtualEndpoint.",
"required": true,
"title": "VirtualEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VirtualEndpoint",
"type": "object"
}
ChildVniPoolConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VniPoolConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVniPoolConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVniPoolConfig"
},
"properties": {
"VniPoolConfig": {
"$ref": "VniPoolConfig,
"description": "Contains the actual VniPoolConfig object.",
"required": true,
"title": "VniPoolConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VniPoolConfig",
"type": "object"
}
ChildVpc (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVpc",
"module_id": "PolicyVpc",
"properties": {
"Vpc": {
"$ref": "Vpc,
"description": "Contains the actual VPC object",
"required": true,
"title": "VPC"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC",
"type": "object"
}
ChildVpcIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVpcIpAddressAllocation",
"module_id": "PolicyVpcSubnetIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVpcIpAddressAllocation"
},
"properties": {
"VpcIpAddressAllocation": {
"$ref": "VpcIpAddressAllocation,
"description": "Contains the actual VpcIpAddressAllocation object",
"required": true,
"title": "VpcIpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VpcIpAddressAllocation",
"type": "object"
}
ChildVpcSubnet (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Subnet, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVpcSubnet",
"module_id": "PolicyVpcSubnet",
"properties": {
"VpcSubnet": {
"$ref": "VpcSubnet,
"description": "Contains the actual VPC Subnet object",
"required": true,
"title": "VPC Subnet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Subnet",
"type": "object"
}
ChildVpcSubnetPort (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VPC Subnet Port, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVpcSubnetPort",
"module_id": "PolicyVpcSubnet",
"properties": {
"VpcSubnetPort": {
"$ref": "VpcSubnetPort,
"description": "Contains the actual VPC Subnet Port object",
"required": true,
"title": "VPC Subnet Port"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VPC Subnet Port",
"type": "object"
}
CidrArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of CIDR values",
"extends": {
"$ref": "ConstraintValue
},
"id": "CidrArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "CidrArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\".",
"items": {
"$ref": "IPElement
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "Array of CIDR Values to perform operation",
"type": "object"
}
CipherSuite (type)
{
"additionalProperties": false,
"id": "CipherSuite",
"module_id": "ApiServiceConfig",
"properties": {
"enabled": {
"required": true,
"title": "Enable status for this cipher suite",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the TLS cipher suite",
"type": "string"
}
},
"title": "HTTP cipher suite",
"type": "object"
}
ClaimMap (type)
{
"description": "Information about how to map a single OIDC ID token claim to one or more NSX roles.",
"id": "ClaimMap",
"module_id": "CertificateManager",
"properties": {
"claim_name": {
"type": "string"
},
"value_to_role_map": {
"items": {
"$ref": "ClaimValueToRoleMap
},
"type": "array"
}
},
"title": "Claim map",
"type": "object"
}
ClaimValueToRoleMap (type)
{
"descrption": "Information about how to map one value of an OIDC ID token claim to one or more NSX roles.",
"id": "ClaimValueToRoleMap",
"module_id": "CertificateManager",
"properties": {
"claim_value": {
"description": "The value of the claim to map.",
"title": "Claim value",
"type": "string"
},
"roles": {
"description": "The NSX roles that this particular claim value should map to.",
"items": {
"type": "string"
},
"title": "Mapped roles",
"type": "array"
}
},
"title": "Claim value map",
"type": "object"
}
ClasslessStaticRoute (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP classless static route option.",
"id": "ClasslessStaticRoute",
"module_id": "Dhcp",
"properties": {
"network": {
"$ref": "IPElement,
"description": "Destination network in CIDR format.",
"required": true,
"title": "Destination in CIDR"
},
"next_hop": {
"$ref": "IPAddress,
"description": "IP address of next hop of the route.",
"required": true,
"title": "Router"
}
},
"title": "DHCP classless static route option",
"type": "object"
}
ClearPasswordActionParameters (type)
{
"id": "ClearPasswordActionParameters",
"module_id": "Routing",
"properties": {
"action": {
"enum": [
"clear_password"
],
"type": "string"
}
},
"type": "object"
}
ClientAuthType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored.",
"enum": [
"REQUIRED",
"IGNORE"
],
"id": "ClientAuthType",
"module_id": "LoadBalancer",
"title": "client authentication mode",
"type": "string"
}
ClientSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "ClientSslProfileBinding",
"module_id": "LoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "authentication depth is used to set the verification depth in the client certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the maximum traversal depth of client certificate chain",
"type": "integer"
},
"client_auth": {
"$ref": "ClientAuthType,
"default": "IGNORE",
"required": false,
"title": "client authentication mode"
},
"client_auth_ca_ids": {
"description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA identifier list to verify client certificate",
"type": "array"
},
"client_auth_crl_ids": {
"description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL identifier list to verify client certificate",
"type": "array"
},
"default_certificate_id": {
"description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.",
"required": true,
"title": "default service certificate identifier",
"type": "string"
},
"sni_certificate_ids": {
"description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.",
"items": {
"type": "string"
},
"required": false,
"title": "SNI certificate identifier list",
"type": "array"
},
"ssl_profile_id": {
"description": "Client SSL profile defines reusable, application-independent client side SSL properties.",
"required": false,
"title": "client SSL profile identifier",
"type": "string"
}
},
"type": "object"
}
ClientTypeCollectionConfiguration (type)
{
"id": "ClientTypeCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"client_type": {
"description": "The client type for which this data collection frequency setting applies",
"enum": [
"HYPERVISOR",
"EDGE",
"CONTROL_PLANE",
"CONTROL_PLANE_PLATFORM",
"MANAGEMENT_PLANE",
"MANAGEMENT_PLANE_PLATFORM"
],
"required": true,
"title": "Client Type",
"type": "string"
},
"data_type_configurations": {
"description": "The set of data collection type configurations, one for each data collection type",
"items": {
"$ref": "DataTypeCollectionConfiguration
},
"required": true,
"title": "Data type configurations",
"type": "array"
}
},
"title": "HPM client data collection configuration",
"type": "object"
}
CloudNativeDeploymentAction (type)
{
"additionalProperties": false,
"description": "Action to be perform on deployment.",
"id": "CloudNativeDeploymentAction",
"module_id": "PolicyCloudNative",
"properties": {
"action": {
"description": "Action can be deploy or undeploy. DEPLOY - Deploy NSX Application Platform charts. UNDEPLOY - Undeploy NSX Application Platform charts. REDEPLOY - Redeploy NSX Application Platform charts. UPDATE_FORMFACTOR - Upgrade NSX Application Platform charts. REDEPLOY_UPDATE_FORMFACTOR - Retry update NSX Application Platform charts. FORCE_UNDEPLOY - Undeploy forcefully. RESTART - Restart deployment. RESET - Reset deployment. RESET_BR_VERSION - Reset version during Backup/Restore.",
"enum": [
"DEPLOY",
"UNDEPLOY",
"REDEPLOY",
"UPDATE_FORMFACTOR",
"REDEPLOY_UPDATE_FORMFACTOR",
"FORCE_UNDEPLOY",
"RESTART",
"RESET",
"RESET_BR_VERSION"
],
"required": true,
"title": "Deployment action",
"type": "string"
}
},
"title": "Action",
"type": "object"
}
CloudNativeDeploymentConfig (type)
{
"additionalProperties": false,
"description": "Configuration for NSX Application Platform deployment.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CloudNativeDeploymentConfig",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_id": {
"description": "Unique id to identify kubernetes guest cluster.",
"required": false,
"title": "Kubernetes cluster id",
"type": "string"
},
"deployment_action": {
"$ref": "CloudNativeDeploymentAction,
"title": "Deployment action"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"kubeconf_info": {
"$ref": "KubeconfigInfo,
"description": "Information about kubeconfig file.",
"title": "Kubeconfig info"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"storage_class": {
"description": "Kubernetes cluster storage class",
"title": "Storage class",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Deployment version in use.",
"title": "Deployment version",
"type": "string"
}
},
"title": "Common configuration for NSX Application Platform deployments",
"type": "object"
}
CloudNativeServiceInstance (type)
{
"additionalProperties": false,
"description": "Stores the information about cloud native service instance.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "CloudNativeServiceInstance",
"module_id": "InventoryCloudObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Id of service instance fetched from public cloud.",
"readonly": true,
"required": true,
"title": "External id of cloud native service instance in the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_type": {
"description": "Type of cloud native service.",
"readonly": true,
"required": true,
"title": "Type of cloud native service; possible values are ELB, RDS",
"type": "string"
},
"source": {
"$ref": "ResourceReference,
"description": "Reference of the public cloud gateway that reported the service instance.",
"readonly": true,
"required": true,
"title": "Reference of the public cloud gateway"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CloudNativeServiceInstanceListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get list of cloud native service instances.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "CloudNativeServiceInstanceListRequestParameters",
"module_id": "InventoryCloudObj",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "Name of cloud native service instance.",
"required": false,
"title": "Display Name of the cloud native service instance",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"service_type": {
"description": "Type of cloud native service.",
"required": false,
"title": "Type of cloud native service; possible values are ELB, RDS",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"description": "NSX node id of the public cloud gateway that reported the service instance.",
"required": false,
"title": "NSX node id of the public cloud gateway that reported the service instance",
"type": "string"
}
},
"type": "object"
}
CloudNativeServiceInstanceListResult (type)
{
"additionalProperties": false,
"description": "Stores a list of cloud native service instances and information about them. NSX supported service instances are currently limited to Relational Database Service (RDS),Elastic Load Balancing (ELB).",
"extends": {
"$ref": "ListResult
},
"id": "CloudNativeServiceInstanceListResult",
"module_id": "InventoryCloudObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of cloud native service instances",
"items": {
"$ref": "CloudNativeServiceInstance
},
"required": true,
"title": "CloudNativeServiceInstance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterBackupInfo (type)
{
"additionalProperties": false,
"id": "ClusterBackupInfo",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"description": "IP address or FQDN of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address or FQDN v6 of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IPv6 address or FQDN v6 of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "ID of the node from which the backup was taken",
"type": "string"
},
"restore_type": {
"default": [],
"items": {
"enum": [
"REGULAR_RESTORE",
"POLICY_ONLY_RESTORE"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "Type of restore allowed",
"type": "array",
"uniqueItems": true
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": true,
"title": "timestamp of the cluster backup file"
}
},
"title": "Cluster backup details",
"type": "object"
}
ClusterBackupInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ClusterBackupInfoListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterCertificateId (type)
{
"additionalProperties": false,
"id": "ClusterCertificateId",
"properties": {
"certificate_id": {
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"title": "Cluster Certificate ID",
"type": "object"
}
ClusterConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource
},
"id": "ClusterConfig",
"module_id": "ClusterManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_id": {
"readonly": true,
"required": true,
"title": "Unique identifier of this cluster",
"type": "string"
},
"control_cluster_changes_allowed": {
"title": "True if control cluster nodes may be added or removed",
"type": "boolean"
},
"mgmt_cluster_changes_allowed": {
"title": "True if management cluster nodes may be added or removed",
"type": "boolean"
},
"nodes": {
"items": {
"$ref": "ClusterNodeInfo
},
"title": "Configuration of each node in cluster",
"type": "array"
}
},
"type": "object"
}
ClusterConfiguration (type)
{
"additionalProperties": false,
"description": "The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.",
"extends": {
"$ref": "ManagedResource
},
"id": "ClusterConfiguration",
"module_id": "ClusterBootManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_id": {
"description": "UUID of the cluster",
"readonly": true,
"title": "UUID of the cluster",
"type": "string"
},
"config_version": {
"description": "Cluster configuration version.",
"readonly": true,
"title": "Cluster configuration version",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip6_address": {
"title": "Virtual IPv6 address, :: if not configured",
"type": "string"
},
"ip_address": {
"description": "Virtual IP address, 0.0.0.0 if not configured.",
"title": "Virtual IP address",
"type": "string"
},
"nodes": {
"description": "Nodes in the cluster configuration.",
"items": {
"$ref": "CbmClusterNode
},
"readonly": true,
"title": "Nodes in the cluster configuration",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Cluster configuration",
"type": "object"
}
ClusterControlPlane (type)
{
"description": "Cluster control plane is a hierarchical extension of the NSX-T control plane. It allows NSX to manage multiple clusters. There is an instance of cluster control plane in each managed cluster. The cluster control plane is responsible for the traffic management, span calculation and it can work on its own. NSX-T central control plane distributes high-level network configurations like security policies and groups to cluster control planes, and each cluster control plane computes and realizes the configurations on the managed cluster.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ClusterControlPlane",
"module_id": "ClusterControlPlane",
"policy_hierarchical_children": [
"ChildAntreaClusterInfo",
"ChildAntreaHeartbeatConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate": {
"description": "This property should be afford in create process.",
"required": false,
"title": "certificate for this cluster control plane",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_id": {
"description": "This property is used to identify the cluster control plane in NSX-T. This id should assigned by NSX-T in create process.",
"required": false,
"title": "Unique Id of the cluster control plane",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vhc_path": {
"description": "This property should be afford in create process for VHC module requirement.",
"required": false,
"title": "vhc path for this cluster control plane",
"type": "string"
}
},
"title": "Cluster Control Plane",
"type": "object"
}
ClusterControlPlaneDeleteRequestParameters (type)
{
"description": "Cluster Control Plane delete request parameters.",
"id": "ClusterControlPlaneDeleteRequestParameters",
"module_id": "ClusterControlPlane",
"properties": {
"cascade": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate if force delete cluster references from the firewall security policies.",
"type": "boolean"
}
},
"title": "Cluster Control Plane Delete Request Parameters",
"type": "object"
}
ClusterControlPlaneListRequestParameters (type)
{
"additionalProperties": false,
"description": "Cluster Control Plane list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ClusterControlPlaneListRequestParameters",
"module_id": "ClusterControlPlane",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Control Plane List Request Parameters",
"type": "object"
}
ClusterControlPlaneListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ClusterControlPlaneListResult",
"module_id": "ClusterControlPlane",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "This property include all cluster control Plane in NSX-T.",
"items": {
"$ref": "ClusterControlPlane
},
"readonly": true,
"required": false,
"title": "Cluster Control Plane Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Control Plane queries result",
"type": "object"
}
ClusterDpuConfig (type)
{
"description": "Specifies configuration of a homogeneous cluster. If this property is set for a cluster, which indicate that this is a homogenous cluster consisting of hosts running ESXio on data processing unit (DPU) from a certain vendor.",
"id": "ClusterDpuConfig",
"module_id": "InventoryCmObj",
"properties": {
"vendor": {
"description": "Specifies the vendor of the data processing unit.",
"readonly": true,
"required": false,
"title": "Vendor of DPU",
"type": "string"
}
},
"title": "Configuration of homogeneous cluster",
"type": "object"
}
ClusterGroupMemberStatus (type)
{
"additionalProperties": false,
"description": "This type contains the attributes and status of a group member.",
"id": "ClusterGroupMemberStatus",
"module_id": "Cluster",
"properties": {
"member_fqdn": {
"format": "hostname",
"readonly": true,
"title": "FQDN of the group member",
"type": "string"
},
"member_ip": {
"format": "ip",
"readonly": true,
"title": "IP of the group member",
"type": "string"
},
"member_ipv6": {
"format": "ip",
"readonly": true,
"title": "IPv6 of the group member",
"type": "string"
},
"member_status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"readonly": true,
"title": "Status of the group member",
"type": "string"
},
"member_uuid": {
"readonly": true,
"title": "UUID of the group member",
"type": "string"
}
},
"title": "Status of a group member",
"type": "object"
}
ClusterGroupServiceLeader (type)
{
"additionalProperties": false,
"description": "Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.",
"id": "ClusterGroupServiceLeader",
"module_id": "Cluster",
"properties": {
"leader_uuid": {
"readonly": true,
"title": "Member UUID of the leader",
"type": "string"
},
"lease_version": {
"readonly": true,
"title": "Number of times the lease has been renewed",
"type": "integer"
},
"service_name": {
"readonly": true,
"title": "Name of the service",
"type": "string"
}
},
"title": "Leader for a service of the group",
"type": "object"
}
ClusterGroupStatus (type)
{
"additionalProperties": false,
"description": "This type contains the attributes and status of a group.",
"id": "ClusterGroupStatus",
"module_id": "Cluster",
"properties": {
"group_id": {
"readonly": true,
"title": "UUID of the group",
"type": "string"
},
"group_status": {
"enum": [
"STABLE",
"DEGRADED",
"UNSTABLE",
"UNAVAILABLE"
],
"readonly": true,
"title": "Group status",
"type": "string"
},
"group_type": {
"enum": [
"MANAGER",
"CONTROLLER",
"POLICY",
"HTTPS",
"DATASTORE",
"CLUSTER_BOOT_MANAGER",
"GLOBAL_MANAGER",
"ASYNC_REPLICATOR",
"MONITORING",
"IDPS_REPORTING",
"CORFU_NONCONFIG",
"CM-INVENTORY",
"MESSAGING-MANAGER"
],
"readonly": true,
"title": "Type of the group",
"type": "string"
},
"leaders": {
"items": {
"$ref": "ClusterGroupServiceLeader
},
"readonly": true,
"title": "Array of group leaders and their attributes",
"type": "array"
},
"members": {
"items": {
"$ref": "ClusterGroupMemberStatus
},
"readonly": true,
"title": "Array of group members and their statuses",
"type": "array"
}
},
"title": "Status of a group",
"type": "object"
}
ClusterInitializationNodeInfo (type)
{
"additionalProperties": false,
"description": "The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).",
"id": "ClusterInitializationNodeInfo",
"module_id": "ClusterManagement",
"properties": {
"disk_store_id": {
"readonly": true,
"required": false,
"title": "The (internal) disk-store ID of the member",
"type": "string"
},
"host_address": {
"readonly": true,
"title": "The IP address (or domain name) of the cluster node",
"type": "string"
}
},
"type": "object"
}
ClusterMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "ClusterMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"readonly": true,
"required": true,
"title": "The Antrea cluster id of the pod",
"type": "string"
},
"cluster_name": {
"readonly": true,
"required": true,
"title": "The Antrea cluster name of the pod",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "NamespaceMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
ClusterNodeConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "ClusterNodeConfig",
"module_id": "ClusterManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"appliance_mgmt_ipv6_listen_addr": {
"readonly": true,
"title": "The IPv6 address for the appliance management API service on this node",
"type": "string"
},
"appliance_mgmt_listen_addr": {
"readonly": true,
"title": "The IP and port for the appliance management API service on this node",
"type": "string"
},
"controller_role": {
"$ref": "ControllerClusterRoleConfig,
"required": false
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"title": "Internal identifier provided by the node",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"manager_role": {
"$ref": "ManagementClusterRoleConfig,
"required": false
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ClusterNodeConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ClusterNodeConfigListResult",
"module_id": "ClusterManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterNodeConfig
},
"required": true,
"title": "Cluster node configuration results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterNodeInfo (type)
{
"id": "ClusterNodeInfo",
"module_id": "ClusterManagement",
"properties": {
"api_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the public API service on this node"
},
"appliance_connection_info": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP, port and certificate for connecting to appliance."
},
"certificates": {
"items": {
"$ref": "NodeCertificateInfo
},
"title": "Certificate and thumbprint of all entities",
"type": "array"
},
"control_plane_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the control plane service on this node"
},
"display_name": {
"title": "The display name of this node",
"type": "string"
},
"entities": {
"items": {
"$ref": "NodeEntityInfo
},
"title": "Service endpoint of all entities",
"type": "array"
},
"fqdn": {
"title": "The fqdn of this node",
"type": "string"
},
"msg_clients": {
"items": {
"$ref": "NodeMessagingClientInfo
},
"title": "Messaging client of all entities",
"type": "array"
},
"node_uuid": {
"readonly": true,
"required": true,
"title": "Unique identifier of this node",
"type": "string"
},
"status": {
"enum": [
"JOINING",
"JOINED",
"REMOVING",
"REMOVED"
],
"readonly": true,
"required": true,
"title": "Node clustering status",
"type": "string"
}
},
"type": "object"
}
ClusterNodeRole (type)
{
"description": "Enumerates the roles that can be specified in VM auto-deployment.",
"enum": [
"CONTROLLER",
"MANAGER"
],
"id": "ClusterNodeRole",
"module_id": "ClusterNodeVMDeployment",
"title": "Cluster node role",
"type": "string"
}
ClusterNodeStatus (type)
{
"additionalProperties": false,
"id": "ClusterNodeStatus",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_status": {
"$ref": "ControlClusterNodeStatus,
"readonly": true,
"title": "Clustering status for control plane functions on this node"
},
"mgmt_cluster_status": {
"$ref": "ManagementClusterNodeStatus,
"readonly": true,
"title": "Clustering status for management plane functions on this node"
},
"system_status": {
"$ref": "NodeStatusProperties,
"readonly": true,
"title": "Node status properties"
},
"version": {
"readonly": true,
"title": "Software version running on node",
"type": "string"
}
},
"type": "object"
}
ClusterNodeVMDeletionParameters (type)
{
"description": "Parameters for deletion of a cluster node VM.",
"id": "ClusterNodeVMDeletionParameters",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"force_delete": {
"description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.",
"title": "Delete by force",
"type": "boolean"
}
},
"title": "Parameters for DeleteAutoDeployedClusterNodeVM",
"type": "object"
}
ClusterNodeVMDeploymentConfig (type)
{
"description": "Contains info used to configure the VM on deployment",
"id": "ClusterNodeVMDeploymentConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM",
"enum": [
"VsphereClusterNodeVMDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
}
},
"title": "Configuration for deploying cluster node VM",
"type": "object"
}
ClusterNodeVMDeploymentRequest (type)
{
"additionalProperties": false,
"description": "Contains the deployment information for a cluster node VM soon to be deployed or already deployed by the Manager",
"id": "ClusterNodeVMDeploymentRequest",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_config": {
"$ref": "ClusterNodeVMDeploymentConfig,
"description": "Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM.",
"required": true,
"title": "Deployment config for cluster node VM"
},
"form_factor": {
"$ref": "ClusterNodeVMFormFactor,
"default": "MEDIUM",
"description": "Specifies the desired \"size\" of the VM",
"required": false,
"title": "Form factor for cluster node VMs"
},
"roles": {
"description": "List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now.",
"items": {
"$ref": "ClusterNodeRole
},
"required": true,
"title": "Cluster node roles of the VM",
"type": "array"
},
"user_settings": {
"$ref": "NodeUserSettings,
"description": "Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect.",
"required": true,
"sensitive": true,
"title": "User settings for the VM"
},
"vm_id": {
"description": "ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"required": false,
"title": "ID of VM used to recognize it",
"type": "string"
}
},
"title": "Info for an auto-deployment request",
"type": "object"
}
ClusterNodeVMDeploymentRequestList (type)
{
"additionalProperties": false,
"description": "List of ClusterNodeVMDeploymentRequests",
"extends": {
"$ref": "ListResult
},
"id": "ClusterNodeVMDeploymentRequestList",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing ClusterNodeVMDeploymentRequests",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ClusterNodeVMDeploymentRequest list",
"type": "object"
}
ClusterNodeVMDeploymentStatusReport (type)
{
"description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.",
"id": "ClusterNodeVMDeploymentStatusReport",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_progress_state": {
"$ref": "VMDeploymentProgressState,
"description": "Detailed progress state of node VM deployment realization",
"readonly": true,
"required": false,
"title": "Deployment progress state of node VM"
},
"failure_code": {
"description": "In case of auto-deployment-related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case of auto-deployment-related failure, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the addition or deletion of an auto-deployed cluster node VM.",
"enum": [
"UNKNOWN_STATE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"WAITING_TO_REGISTER_VM",
"VM_REGISTRATION_FAILED",
"VM_WAITING_TO_CLUSTER",
"VM_WAITING_TO_COME_ONLINE",
"VM_ONLINE_FAILED",
"VM_CLUSTERING_IN_PROGRESS",
"VM_CLUSTERING_FAILED",
"VM_CLUSTERING_SUCCESSFUL",
"WAITING_TO_UNDEPLOY_VM",
"VM_DECLUSTER_IN_PROGRESS",
"VM_DECLUSTER_FAILED",
"VM_DECLUSTER_SUCCESSFUL",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL"
],
"required": true,
"title": "Auto-deployed VM's deployment status",
"type": "string"
}
},
"title": "Report of a VM's deployment status",
"type": "object"
}
ClusterNodeVMFormFactor (type)
{
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE"
],
"id": "ClusterNodeVMFormFactor",
"module_id": "ClusterNodeVMDeployment",
"title": "Supported VM form factor for cluster nodes",
"type": "string"
}
ClusterProfile (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource
},
"id": "ClusterProfile",
"module_id": "ClusterProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType,
"help_summary": "The cluster profile type.",
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ClusterProfileListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ClusterProfileListParameters",
"module_id": "ClusterProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_system_owned": {
"default": true,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"$ref": "ClusterProfileType,
"required": false,
"title": "Type of cluster profile"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ClusterProfile List Parameters",
"type": "object"
}
ClusterProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ClusterProfileListResult",
"module_id": "ClusterProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterProfile
},
"readonly": true,
"required": false,
"title": "Cluster Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Cluster Profile queries result",
"type": "object"
}
ClusterProfileType (type)
{
"enum": [
"EdgeHighAvailabilityProfile",
"BridgeHighAvailabilityClusterProfile"
],
"id": "ClusterProfileType",
"module_id": "ClusterProfile",
"title": "Supported cluster profiles.",
"type": "string"
}
ClusterProfileTypeIdEntry (type) (Deprecated)
{
"deprecated": true,
"id": "ClusterProfileTypeIdEntry",
"module_id": "ClusterProfile",
"properties": {
"profile_id": {
"description": "key value",
"readonly": false,
"required": true,
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType
}
},
"type": "object"
}
ClusterRestoreStatus (type)
{
"id": "ClusterRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"allowed_actions": {
"default": [],
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of actions that are allowed.",
"type": "array",
"uniqueItems": true
},
"backup_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when backup was initiated in epoch millisecond"
},
"endpoints": {
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"required": true,
"title": "The list of allowed endpoints, based on the current state of\nthe restore process\n",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "Unique id for backup request",
"type": "string"
},
"instructions": {
"items": {
"$ref": "InstructionInfo
},
"readonly": true,
"required": false,
"title": "Instructions for users to reconcile Restore operations",
"type": "array"
},
"not_allowed_actions": {
"default": [],
"items": {
"enum": [
"VC_UPDATES"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of actions that are not allowed",
"type": "array",
"uniqueItems": true
},
"restore_end_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when restore was completed in epoch millisecond"
},
"restore_start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when restore was started in epoch millisecond"
},
"status": {
"$ref": "GlobalRestoreStatus
},
"step": {
"$ref": "RestoreStep
},
"total_steps": {
"readonly": true,
"required": false,
"title": "Total number of steps in the entire restore process",
"type": "integer"
}
},
"title": "Cluster restore status",
"type": "object"
}
ClusterRestoreStatusRequestParameters (type)
{
"id": "ClusterRestoreStatusRequestParameters",
"properties": {
"restore_component": {
"default": "LOCAL_MANAGER",
"enum": [
"LOCAL_MANAGER",
"GLOBAL_MANAGER"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
ClusterRoleConfig (type)
{
"additionalProperties": false,
"id": "ClusterRoleConfig",
"module_id": "ClusterManagement",
"properties": {
"type": {
"enum": [
"ManagementClusterRoleConfig",
"ControllerClusterRoleConfig"
],
"readonly": true,
"required": true,
"title": "Type of this role configuration",
"type": "string"
}
},
"type": "object"
}
ClusterStatus (type)
{
"additionalProperties": false,
"id": "ClusterStatus",
"module_id": "ClusterManagement",
"properties": {
"cluster_id": {
"readonly": true,
"title": "Unique identifier of this cluster",
"type": "string"
},
"control_cluster_status": {
"$ref": "ControllerClusterStatus,
"deprecated": true,
"readonly": true,
"title": "The current status of the control cluster"
},
"detailed_cluster_status": {
"$ref": "AllClusterGroupStatus,
"readonly": true,
"title": "Status of all the cluster groups"
},
"mgmt_cluster_status": {
"$ref": "ManagementClusterStatus,
"deprecated": true,
"readonly": true,
"title": "The current status of the management cluster"
}
},
"type": "object"
}
ClusterVirtualIpProperties (type)
{
"additionalProperties": false,
"id": "ClusterVirtualIpProperties",
"properties": {
"force": {
"default": "false",
"enum": [
"true",
"false"
],
"title": "On enable it ignores duplicate address detection and DNS lookup validation check",
"type": "string"
},
"ip6_address": {
"title": "Virtual IPv6 address, :: if not configured",
"type": "string"
},
"ip_address": {
"title": "Virtual IP address, 0.0.0.0 if not configured",
"type": "string"
}
},
"title": "Cluster virtual IP properties",
"type": "object"
}
ClusteringConfig (type)
{
"description": "Configuration for automatically joining a cluster node to the cluster after it is deployed. ClusteringConfig is required if any of the deployment nodes has CONTROLLER role.",
"id": "ClusteringConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "clustering_type"
},
"properties": {
"clustering_type": {
"description": "Specifies the type of clustering config to be used.",
"enum": [
"ControlClusteringConfig"
],
"required": true,
"title": "Type for the clustering config",
"type": "string"
}
},
"title": "Configuration for VM's clustering",
"type": "object"
}
ClusteringInfo (type)
{
"description": "Clustering parameters for the controller cluster",
"id": "ClusteringInfo",
"module_id": "ClusterManagement",
"properties": {
"join_to_existing_cluster": {
"description": "Property to indicate if the node must join an existing cluster.",
"required": true,
"title": "True If the controller node should join an existing cluster",
"type": "boolean"
},
"shared_secret": {
"description": "Shared secret of the cluster.",
"required": true,
"sensitive": true,
"title": "Shared Secret of the cluster",
"type": "secure_string"
}
},
"type": "object"
}
ClusteringStatus (type)
{
"enum": [
"CONNECTED",
"DISCONNECTED",
"UNKNOWN"
],
"id": "ClusteringStatus",
"module_id": "ClusterManagement",
"type": "string"
}
ClustersAggregateInfo (type)
{
"additionalProperties": false,
"id": "ClustersAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"cluster_status": {
"$ref": "AllClusterGroupStatus,
"title": "Status of all the cluster groups"
},
"controller_cluster": {
"items": {
"$ref": "ControllerNodeAggregateInfo
},
"required": true,
"title": "Array of Controller Nodes",
"type": "array"
},
"management_cluster": {
"items": {
"$ref": "ManagementNodeAggregateInfo
},
"required": true,
"title": "Array of Management Nodes",
"type": "array"
}
},
"type": "object"
}
CmThumbprintHashingConfig (type)
{
"additionalProperties": false,
"id": "CmThumbprintHashingConfig",
"module_id": "InventoryCmObj",
"properties": {
"hashing_algorithm_type": {
"description": "This specifies the hashing algorithm to be used for stamping NSX manager thumbprint in compute manager extension. e.g. When a vCenter is registered as compute manager, thumbprint of NSX manager certificate is stamped in NSXT extension on vCenter. If algorithm type is SHA1, then SHA1 thumbprint of NSX manager API certificate is stamped. If algorithm type is SHA256, then SHA256 thumbprint of NSX manager certificate is stamped. Changing this setting to SHA256 will result in communication issues between WCP component in VC and NSX manager. Hence it is recommended not to use SHA256 if VC WCP feature is being used with NSX.",
"enum": [
"SHA1",
"SHA256"
],
"readonly": false,
"required": true,
"title": "Algorithm type for thumbprint hashing",
"type": "string"
}
},
"type": "object"
}
CollectConfigWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Collect config for the requested workflow spec.",
"extends": {
"$ref": "WorkflowSpec
},
"id": "CollectConfigWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "CollectConfigWorkflowSpec"
},
"properties": {
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
},
"workflow_resource": {
"$ref": "WorkflowResource,
"readonly": false,
"required": true
}
},
"title": "Collect Config Workflow spec",
"type": "object"
}
ColorCode (type)
{
"description": "Color code.",
"enum": [
"GREEN",
"YELLOW",
"RED"
],
"id": "ColorCode",
"module_id": "OverlayAdoption",
"title": "Color code",
"type": "string"
}
ColoredMessage (type)
{
"description": "A message with a color that shows the message's severity or priority.",
"id": "ColoredMessage",
"module_id": "OverlayAdoption",
"properties": {
"color": {
"$ref": "ColorCode,
"default": "YELLOW",
"description": "The message color that shows the message's severity or priority.",
"readonly": true,
"required": false,
"title": "The message color that shows the message's severity or priority"
},
"message": {
"description": "A string message.",
"readonly": true,
"required": false,
"title": "A string message",
"type": "string"
}
},
"title": "A message with a color",
"type": "object"
}
ColumnItem (type)
{
"additionalProperties": false,
"description": "Represents a column of the Grid",
"id": "ColumnItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"column_identifier": {
"description": "Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns.",
"title": "Identifier for this column",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "Field from which values of the column will be derived.",
"maxLength": 1024,
"required": true,
"title": "Column Field",
"type": "string"
},
"hidden": {
"default": false,
"description": "If set to true, hides the column",
"title": "Hide the column",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Label of the column.",
"readonly": false,
"required": true,
"title": "Column Label"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Render configuration to be applied, if any.",
"items": {
"$ref": "RenderConfiguration
},
"title": "Render Configuration",
"type": "array"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_key": {
"description": "Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested.",
"maxLength": 255,
"title": "Key for sorting on this column",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over a cell in the grid.",
"items": {
"$ref": "Tooltip
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"default": "String",
"description": "Data type of the field.",
"enum": [
"String",
"Number",
"Date"
],
"maxLength": 255,
"required": true,
"title": "Field data type",
"type": "string"
}
},
"title": "Grid Column",
"type": "object"
}
CommonAgentEndpointInfo (type)
{
"description": "An endpoint to connect to Kafka/ingress of the NSX Application Platform. Either FQDN or IP address can be used in the endpoint info.",
"id": "CommonAgentEndpointInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"address": {
"description": "The IP address or the full qualified domain name of Kafka broker/ingress.",
"format": "hostname-or-ip",
"required": true,
"title": "address",
"type": "string"
},
"port": {
"description": "The port number where the broker is listening to.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "port number",
"type": "integer"
}
},
"title": "NSX Application Platform Kafka/ingress endpoints",
"type": "object"
}
CommonAgentHostConfigurationInfo (type)
{
"description": "NSX Application Platform Common Agent configuration that can be applied to host nodes.",
"extends": {
"$ref": "ManagedResource
},
"id": "CommonAgentHostConfigurationInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ingress_certificate": {
"description": "A ingress certificate to verify the identity of brokers.",
"required": false,
"title": "Broker certificate",
"type": "string"
},
"ingress_endpoint": {
"description": "List of NSX Application Platform ingress endpoints that host nodes contact initially.",
"items": {
"$ref": "CommonAgentEndpointInfo
},
"required": false,
"title": "List of NSX Application Platform ingress endpoints",
"type": "array"
},
"kafka_certificate": {
"description": "A Kafka broker certificate to verify the identity of brokers.",
"required": false,
"title": "Broker certificate",
"type": "string"
},
"kafka_endpoint": {
"description": "List of NSX Application Platform broker endpoints that host nodes contact initially.",
"items": {
"$ref": "CommonAgentEndpointInfo
},
"required": false,
"title": "List of NSX Application Platform Kafka broker endpoints",
"type": "array"
},
"nsx_cluster_id": {
"description": "Cluster id of the NSX Manager cluster.",
"required": false,
"title": "Cluster id of the NSX Manager cluster",
"type": "string"
},
"private_ip_range": {
"description": "List of private IP prefix that NSX Application Platform Common Agent network flow is collected from.",
"items": {
"$ref": "CommonAgentPrivateIpRangeInfo
},
"required": false,
"title": "List of private IP prefix",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "Site id of the local manager.",
"required": false,
"title": "Site id of the local manager",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"truststore": {
"description": "A truststore to establish the trust between NSX and NSX Application Platform.",
"required": false,
"title": "truststore",
"type": "string"
}
},
"title": "NSX Application Platform Common Agent host configuration",
"type": "object"
}
CommonAgentPrivateIpRangeInfo (type)
{
"description": "An IP prefix to mark the private network that NSX Application Platform Common Agent network flow is collected from.",
"id": "CommonAgentPrivateIpRangeInfo",
"module_id": "PolicyCloudNativeCommonAgent",
"properties": {
"address": {
"$ref": "IPAddress,
"description": "The prefix of IP address that marks the range of private network.",
"required": true,
"title": "IP address"
},
"address_type": {
"description": "The type of IP address.",
"enum": [
"IPV4",
"IPV6"
],
"required": true,
"title": "IP address type",
"type": "string"
},
"prefix_length": {
"description": "The length of IP address prefix that marks the range of private network.",
"maximum": 128,
"minimum": 1,
"required": true,
"title": "IP prefix length",
"type": "integer"
}
},
"title": "NSX Application Platform Common Agent private IP prefix",
"type": "object"
}
CommonUploadFile (type)
{
"additionalProperties": false,
"description": "To upload file content example kubeconfig or Kubernetes tools.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "CommonUploadFile",
"module_id": "PolicyCloudNative",
"properties": {
"file": {
"description": "Kubeconfig or Kubernetes tools file to be imported.",
"required": true,
"title": "File to upload",
"type": "multipart_file"
}
},
"title": "To upload kubeconfig or Kubernetes tools",
"type": "object"
}
CommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunicationEntry",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services.",
"enum": [
"ALLOW",
"DROP",
"REJECT"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array"
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number",
"required": false,
"title": "Sequence number of the this CommunicationEntry",
"type": "int"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array"
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"required": false,
"title": "Tag applied on the communication entry",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A communication entry specifies the security policy between the workload groups",
"type": "object"
}
CommunicationEntryInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication entry w.r.t to another one in the same communication map. If the communication entry specified in the anchor_path belongs to another communication map an error will be thrown This type is deprecated. Use the type RuleInsertParameters instead.",
"extends": {
"$ref": "CommunicationInsertParameters
},
"id": "CommunicationEntryInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication entry needs to be placed",
"type": "object"
}
CommunicationEntryListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type RuleListRequestParameters instead.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "CommunicationEntryListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CommunicationEntry list request parameters",
"type": "object"
}
CommunicationEntryListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type RuleListResult instead.",
"extends": {
"$ref": "ListResult
},
"id": "CommunicationEntryListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunicationEntry
},
"required": true,
"title": "CommunicationEntry list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of CommunicationEntries",
"type": "object"
}
CommunicationInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication map or communication entry w.r.t to another one. This type is deprecated. Use the type RuleInsertParameters instead.",
"id": "CommunicationInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication map/communication entry\nneeds to be placed\n",
"type": "object"
}
CommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Ordered list of CommunicationEntries. This object is created by default along with the Domain. This type is deprecated. Use the type SecurityPolicy instead.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunicationMap",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildCommunicationEntry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are \"Emergency\", \"Infrastructure\", \"Environment\" and \"Application\". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories.",
"required": false,
"title": "A way to classify a communication map, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"communication_entries": {
"items": {
"$ref": "CommunicationEntry
},
"required": false,
"title": "CommunicationEntries that are a part of this CommunicationMap",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"precedence": {
"description": "This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence",
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of CommunicationEntries",
"type": "object"
}
CommunicationMapInsertParameters (type) (Deprecated)
{
"deprecated": true,
"description": "Parameters to let the admin specify a relative position of a communication map w.r.t to another one. This type is deprecated. Use the type SecurityPolicyInsertParameters instead.",
"extends": {
"$ref": "CommunicationInsertParameters
},
"id": "CommunicationMapInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where communication map needs to be placed",
"type": "object"
}
CommunicationMapListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "CommunicationMapListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CommunicationMap list request parameters",
"type": "object"
}
CommunicationMapListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This type is deprecated. Use the type SecurityPolicyListResult instead.",
"extends": {
"$ref": "ListResult
},
"id": "CommunicationMapListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunicationMap
},
"required": true,
"title": "CommunicationMap list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Communication map",
"type": "object"
}
CommunityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunityList",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"communities": {
"description": "List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "List of BGP community entries",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Community list for BGP routing configuration",
"type": "object"
}
CommunityListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CommunityListListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunityList
},
"required": true,
"title": "CommunityList results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of CommunityLists",
"type": "object"
}
CommunityMatchCriteria (type)
{
"additionalProperties": false,
"id": "CommunityMatchCriteria",
"module_id": "PolicyConnectivity",
"properties": {
"criteria": {
"description": "Match criteria specified as a community list path or a regular expression.",
"required": true,
"title": "Match criteria based on community list path or a regular expression",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0RouteMap"
],
"relationshipType": "ROUTEMAP_COMMUNITY_LIST_RELATIONSHIP",
"rightType": [
"CommunityList"
]
}
]
},
"match_operator": {
"description": "Match operator for community list entries. Not valid when a regular expression is specified for criteria.",
"enum": [
"MATCH_ANY",
"MATCH_ALL",
"MATCH_EXACT",
"MATCH_COMMUNITY_REGEX",
"MATCH_LARGE_COMMUNITY_REGEX"
],
"required": false,
"title": "Match operator for community list entries",
"type": "string"
}
},
"title": "Match criteria based on a community list",
"type": "object"
}
CommunityMatchExpression (type)
{
"additionalProperties": false,
"id": "CommunityMatchExpression",
"module_id": "Routing",
"properties": {
"expression": {
"items": {
"$ref": "CommunityMatchOperation
},
"required": true,
"title": "Array of community match operations",
"type": "array"
},
"operator": {
"description": "Operator for evaluating community match expressions. AND logical AND operator",
"enum": [
"AND"
],
"readonly": true,
"title": "Operator",
"type": "string"
}
},
"title": "Community match expression",
"type": "object"
}
CommunityMatchOperation (type)
{
"additionalProperties": false,
"id": "CommunityMatchOperation",
"module_id": "Routing",
"properties": {
"community_list_id": {
"description": "ID of BGP community list. This value is not required when match_operator is MATCH_REGEX otherwise required.",
"title": "Community list id",
"type": "string"
},
"match_operator": {
"default": "MATCH_ANY",
"description": "Match operator for communities from provided community list id. MATCH_ANY will match any community MATCH_ALL will match all communities MATCH_EXACT will do exact match on community MATCH_NONE [operator not supported] will not match any community MATCH_REGEX will match normal communities by evaluating regular expression MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating regular expression",
"enum": [
"MATCH_ANY",
"MATCH_ALL",
"MATCH_EXACT",
"MATCH_NONE",
"MATCH_REGEX",
"MATCH_LARGE_COMMUNITY_REGEX"
],
"title": "Match operator",
"type": "string"
},
"regular_expression": {
"description": "Regular expression to match BGP communities. If match_operator is MATCH_REGEX then this value must be specified.",
"title": "Regular expression",
"type": "string"
}
},
"title": "Community match operation",
"type": "object"
}
ComponentConditionItem (type)
{
"additionalProperties": false,
"description": "This indicate component health condition and the reason why not healthy.",
"id": "ComponentConditionItem",
"module_id": "PolicyAntreaMonitoring",
"properties": {
"condition_type": {
"$ref": "ComponentConditionType,
"description": "Indicate which component condition it is.",
"readonly": true,
"title": "Antrea Component condition type"
},
"last_heartbeat_time": {
"$ref": "EpochMsTimestamp,
"description": "Time unit is millisecond.",
"title": "Last heartbeat time"
},
"message": {
"description": "Additional condition information.",
"title": "Antrea Component condition message",
"type": "string"
},
"reason": {
"description": "Indicate why not healthy.",
"title": "Reason of unhealthy status",
"type": "string"
},
"status": {
"$ref": "ConditionStatus,
"description": "Indicate healthy or unhealthy.",
"title": "Component condition status"
}
},
"title": "Antrea Component condition",
"type": "object"
}
ComponentConditionType (type)
{
"description": "Antrea Component condition names collection.",
"enum": [
"CONTROLLER_HEALTHY",
"MP_ADAPTER_HEALTHY",
"MP_CONNECTED",
"CCP_ADAPTER_HEALTHY",
"CCP_SESSION_STATE_UP"
],
"id": "ComponentConditionType",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component condition",
"type": "string"
}
ComponentMigrationStatus (type)
{
"additionalProperties": false,
"id": "ComponentMigrationStatus",
"module_id": "Migration",
"properties": {
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the migration of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the migration status",
"type": "string"
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the migration status",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Migration status of component",
"type": "string"
}
},
"type": "object"
}
ComponentStatus (type)
{
"description": "Antrea Component status enum. If lose connection, status will be UNKNOWN",
"enum": [
"HEALTHY",
"DEGRADED",
"FAILED",
"UNKNOWN"
],
"id": "ComponentStatus",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component status",
"type": "string"
}
ComponentTargetVersion (type)
{
"id": "ComponentTargetVersion",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": true,
"required": true,
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
ComponentTypeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ComponentTypeListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type on which the action is performed or on which the results are filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeChecksInfo (type)
{
"additionalProperties": false,
"description": "Meta-data of pre/post-upgrade checks for a component",
"id": "ComponentUpgradeChecksInfo",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the pre/post-upgrade checks",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"post_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo
},
"required": false,
"title": "Collection of post-upgrade checks",
"type": "array"
},
"pre_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo
},
"required": false,
"title": "Collection of pre-upgrade checks",
"type": "array"
}
},
"title": "Meta-data of pre/post-upgrade checks for a component",
"type": "object"
}
ComponentUpgradeChecksInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ComponentUpgradeChecksInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComponentUpgradeChecksInfo
},
"required": true,
"title": "Collection of info of pre/post-upgrade checks for components",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeStatus (type)
{
"additionalProperties": false,
"id": "ComponentUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"type": "object"
}
ComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"description": "Idfw configuration for activate/deactivate idfw on cluster level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_idfw_enabled": {
"description": "If set to true, idfw is enabled for this cluster",
"readonly": false,
"required": true,
"title": "Idfw enabled flag",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_stale": {
"description": "If set to true, this cluster has been deleted from NSX.",
"readonly": true,
"title": "Cluster stale flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member": {
"$ref": "PolicyResourceReference,
"description": "Contains actual policy resource reference object",
"required": true,
"title": "PolicyResourceReference"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Compute cluster idfw configuration",
"type": "object"
}
ComputeClusterIdfwConfigurationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ComputeClusterIdfwConfigurationListRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute cluster idfw configuration request parameters",
"type": "object"
}
ComputeClusterIdfwConfigurationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ComputeClusterIdfwConfigurationListResult",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeClusterIdfwConfiguration
},
"required": true,
"title": "Compute cluster wise identity firewall configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of compute cluster idfw configuration",
"type": "object"
}
ComputeCollection (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "ComputeCollection",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the compute collection in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu_config": {
"$ref": "ClusterDpuConfig,
"description": "Specifies property related to cluster homogeneity for SmartNic",
"readonly": true,
"required": false,
"title": "Configuration of homogeneous cluster"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n",
"type": "string"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this Compute Collection was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of\ncompute collection in the Compute Manager\n",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": true,
"title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n",
"type": "string"
},
"owner_id": {
"readonly": true,
"required": false,
"title": "Id of the owner of compute collection in the Compute Manager",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the compute collection. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when compute collection prepared by that nsx. OTHER applies to when compute collection prepared by other nsx. MULTIPLE applies to when compute collection tried to prepare by multiple nsx at a time. NONE applies to when compute collection is not prepared by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the compute collection",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ComputeCollectionAction (type)
{
"additionalProperties": false,
"id": "ComputeCollectionAction",
"module_id": "ComputeCollectionDeployment",
"properties": {
"action": {
"description": "For Compute collection, the supported actions are: - remove_nsx: removes NSX from the cluster",
"enum": [
"remove_nsx"
],
"title": "Supported actions on compute-collection",
"type": "string"
}
},
"title": "Compute collection action parameters",
"type": "object"
}
ComputeCollectionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ComputeCollectionListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cm_local_id": {
"required": false,
"title": "Local Id of the compute collection in the Compute Manager",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_node_id": {
"required": false,
"title": "Id of the discovered node which belongs to this Compute Collection\n",
"type": "string"
},
"display_name": {
"required": false,
"title": "Name of the ComputeCollection in source compute manager",
"type": "string"
},
"external_id": {
"required": false,
"title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_id": {
"required": false,
"title": "Id of the fabric node created from a discovered node belonging to\nthis Compute Collection\n",
"type": "string"
},
"origin_id": {
"required": false,
"title": "Id of the compute manager from where this Compute Collection was discovered",
"type": "string"
},
"origin_type": {
"required": false,
"title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n",
"type": "string"
},
"owner_id": {
"required": false,
"title": "Id of the owner of compute collection in the Compute Manager",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute Collection list parameters",
"type": "object"
}
ComputeCollectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ComputeCollectionListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeCollection
},
"required": true,
"title": "Compute Collection list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute Collection list result",
"type": "object"
}
ComputeCollectionNetworkInterfacesListResult (type)
{
"description": "List of network interfaces for all discovered nodes in compute collection",
"extends": {
"$ref": "ListResult
},
"id": "ComputeCollectionNetworkInterfacesListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of discovered node with network interfaces",
"items": {
"$ref": "DiscoveredNodeNetworkInterfaces
},
"required": true,
"title": "Discovered node network interfaces",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ComputeCollection Interfaces List Result",
"type": "object"
}
ComputeManager (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "ComputeManager",
"module_id": "InventoryCmObj",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_level_for_oidc": {
"default": "FULL",
"description": "Specifies the maximum access level allowed for calls from compute manager to NSX using the OIDC provider.",
"enum": [
"FULL",
"LIMITED"
],
"readonly": false,
"required": false,
"title": "Specifies access level to NSX from the compute manager",
"type": "string"
},
"create_service_account": {
"default": false,
"description": "Enable this flag to create service account user on compute manager. This is required by features such as vSphere Lifecycle Manager for authentication with vAPIs from nsx.",
"readonly": false,
"required": false,
"title": "Specifies whether service account is created or not on compute manager",
"type": "boolean"
},
"credential": {
"$ref": "LoginCredential,
"description": "Supported credential types are 'UsernamePasswordLoginCredential', 'SamlTokenLoginCredential', 'SessionLoginCredential'. VerifiableAsymmetricLoginCredential is used for internal purpose only.",
"readonly": false,
"required": false,
"title": "Login credentials for the compute manager"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extension_certificate": {
"$ref": "CertificateData,
"description": "Specifies certificate for compute manager extension registered on vCenter.",
"readonly": false,
"required": false,
"title": "Specifies certificate for compute manager extension"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"multi_nsx": {
"default": false,
"description": "Enable this flag to manage same compute manager by multiple nsx.",
"readonly": false,
"required": false,
"title": "Specifies whether multi nsx feature is enabled for compute manager",
"type": "boolean"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of compute manager",
"type": "array"
},
"origin_type": {
"readonly": false,
"required": true,
"title": "Compute manager type like vCenter",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"reverse_proxy_https_port": {
"default": 443,
"description": "Specifies https port of the reverse proxy to connect to compute manager. For e.g. In case of VC, this port can be retrieved from this config file /etc/vmware-rhttpproxy/config.xml.",
"maximum": 65535,
"minimum": 1,
"readonly": false,
"required": false,
"title": "Proxy https port of compute manager",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "IP address or hostname of compute manager",
"type": "string"
},
"set_as_oidc_provider": {
"default": false,
"description": "If the compute manager is VC and need to set set as OIDC provider for NSX then this flag should be set as true. This is specific to wcp feature, should be enabled when this feature is being used.",
"readonly": false,
"required": false,
"title": "Specifies whether compute manager has been set as OIDC provider",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ComputeManagerListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ComputeManagerListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"origin_type": {
"readonly": false,
"required": false,
"title": "Compute manager type like vCenter",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"readonly": false,
"required": false,
"title": "IP address or hostname of compute manager",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Compute manager list parameters",
"type": "object"
}
ComputeManagerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ComputeManagerListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComputeManager
},
"required": true,
"title": "List of compute managers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of compute managers",
"type": "object"
}
ComputeManagerStatus (type)
{
"additionalProperties": false,
"id": "ComputeManagerStatus",
"module_id": "InventoryCmObj",
"properties": {
"connection_errors": {
"help_detail": "Errors will be cleared after successful connection",
"items": {
"$ref": "ErrorInfo
},
"readonly": true,
"required": false,
"title": "Errors when connecting with compute manager",
"type": "array"
},
"connection_status": {
"enum": [
"UP",
"DOWN",
"CONNECTING"
],
"readonly": true,
"required": false,
"title": "Status of connection with the compute manager",
"type": "string"
},
"connection_status_details": {
"help_detail": "Details, if any, about the current status of the connection with the compute manager",
"readonly": true,
"required": false,
"title": "Details about connection status",
"type": "string"
},
"last_sync_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp of the last successful update of Inventory, in epoch milliseconds."
},
"oidc_end_point_id": {
"description": "If Compute manager is trusted as authorization server, then this Id will be Id of corresponding oidc end point.",
"readonly": true,
"required": false,
"title": "Specifies Id of corresponding OidcEndPoint",
"type": "string"
},
"registration_errors": {
"help_detail": "Errors will be cleared after successful registration",
"items": {
"$ref": "ErrorInfo
},
"readonly": true,
"required": false,
"title": "Errors when registering with compute manager",
"type": "array"
},
"registration_status": {
"enum": [
"REGISTERED",
"UNREGISTERED",
"REGISTERING",
"REGISTERED_WITH_ERRORS"
],
"readonly": true,
"required": false,
"title": "Registration status of compute manager",
"type": "string"
},
"version": {
"readonly": true,
"required": false,
"title": "Version of the compute manager",
"type": "string"
}
},
"title": "Runtime status information of the compute manager",
"type": "object"
}
ComputeManagerTopology (type)
{
"id": "ComputeManagerTopology",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"compute_manager_id": {
"required": true,
"title": "Identifier of vcenter where VDS will be created",
"type": "string"
},
"dvswitch": {
"items": {
"$ref": "VdsTopology
},
"required": true,
"title": "Datacenter, VDS mapping",
"type": "array"
}
},
"title": "Details where NVDS will be migrated to",
"type": "object"
}
Condition (type)
{
"additionalProperties": false,
"description": "Represents the leaf level condition. Evaluation of the condition expression will be case insensitive.",
"extends": {
"$ref": "Expression
},
"id": "Condition",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "Condition"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exclude": {
"$ref": "ExcludedMembersList,
"description": "List of members to be excluded from the condition. This field is applicable only for condition representing the list of malicious IPs. Only IPAddressExpression and PathExpression are supported. The PathExpression should have paths of Groups that of the group_type IPAddress. Multiple PathExpressions are not supported here.",
"required": false,
"title": "Members to be excluded from the condition"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"enum": [
"Tag",
"Name",
"OSName",
"ComputerName",
"NodeType",
"GroupType",
"ALL",
"IPAddress",
"PodCidr"
],
"required": true,
"title": "Key",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"description": "For global groups (groups created from Global Manager), the supported Member Types are - VirtualMachine, Segment, SegmentPort, Group, DVPG and DVPort. For local groups (groups created on the local policy manager), the supported member types are IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort, Pod, Service, Namespace, TransportNode, Group, DVPG, DVPort, KubernetesCluster, KubernetesNamespace, AntreaEgress, AntreaIPPool, KubernetesIngress, KubernetesGateway, KubernetesService and KubernetesNode.",
"enum": [
"IPSet",
"VirtualMachine",
"LogicalPort",
"LogicalSwitch",
"Segment",
"SegmentPort",
"Pod",
"Service",
"Namespace",
"TransportNode",
"Group",
"DVPG",
"DVPort",
"IPAddress",
"VpcSubnet",
"KubernetesCluster",
"KubernetesNamespace",
"AntreaEgress",
"AntreaIPPool",
"KubernetesIngress",
"KubernetesGateway",
"KubernetesService",
"KubernetesNode",
"VpcSubnetPort"
],
"required": true,
"title": "Group member type",
"type": "string"
},
"operator": {
"description": "Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided.",
"enum": [
"EQUALS",
"CONTAINS",
"STARTSWITH",
"ENDSWITH",
"NOTEQUALS",
"NOTIN",
"MATCHES",
"IN"
],
"required": false,
"title": "operator",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"scope_operator": {
"description": "Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as \"|tag\" would be evaluated for tag value not for empty scope value.",
"enum": [
"EQUALS",
"NOTEQUALS"
],
"required": false,
"title": "operator",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"value": {
"minLength": 1,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Represents the leaf level condition",
"type": "object"
}
ConditionStatus (type)
{
"description": "Antrea Component condition status shared by all component condition.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"id": "ConditionStatus",
"module_id": "PolicyAntreaMonitoring",
"title": "Antrea Component condition status",
"type": "string"
}
ConditionalForwarderZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ForwarderZone
},
"id": "ConditionalForwarderZone",
"module_id": "DnsForwarder",
"properties": {
"domain_names": {
"description": "A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet.",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Domain names of a forwarder zone",
"type": "array"
},
"source_ip": {
"$ref": "IPv4Address,
"description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.",
"required": false,
"title": "Source ip of the forwarder"
},
"upstream_servers": {
"description": "Ip address of the upstream DNS servers the DNS forwarder accesses.",
"items": {
"$ref": "IPv4Address
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Ips of upsteam DNS servers",
"type": "array"
}
},
"type": "object"
}
ConditionalValueConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level expression to restrict the target attribute value based on the set of existing values. Generally, used in combination with RelatedAttributeConditionalExpression to constraint the values related to another attribute on the same resource. This object is always used in conjunction with some exression. Example - { \"condition\" : { \"operator\":\"INCLUDES\", \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"], \"value_constraint\": { \"resource_type\": \"ValueConstraintExpression\", \"operator\":\"EXCLUDES\", \"values\":[\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"] } }",
"id": "ConditionalValueConstraintExpression",
"module_id": "PolicyConstraints",
"properties": {
"operator": {
"description": "INCLUDES_ANY operator supported only for StringArrayConstraintValue",
"enum": [
"INCLUDES",
"INCLUDES_ANY",
"EXCLUDES",
"EQUALS"
],
"required": true,
"title": "Set operation to constraint values.",
"type": "string"
},
"rhs_value": {
"description": "List of values.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of values to perform operation.",
"type": "array"
},
"rhs_value_with_type": {
"$ref": "ConstraintValue,
"description": "List of values.",
"required": false,
"title": "Array of values to perform operation."
},
"value_constraint": {
"$ref": "ValueConstraintExpression,
"description": "Values to apply the conditional constraint on target.",
"required": true,
"title": "Value Constraint"
}
},
"title": "Represents the leaf level conditional value constraint.",
"type": "object"
}
ConfigState (type)
{
"additionalProperties": false,
"description": "Configuration State. | SANDBOXED_REALIZATION_PENDING - This is applicable to only Global intent in the NSX+ platform. The intent in this state indicates that the Global intent is having a conflict with local intent in the corresponding site and it is sandboxed in an intent logical store. Also the realization is pending until the conflict is resolved. Policy Alarm will be genereated and notified to the NSX+ admin to alert the user to take action to resolve the conflicts.",
"enum": [
"SUCCESS",
"IN_PROGRESS",
"ERROR",
"UNKNOWN",
"UNINITIALIZED",
"SANDBOXED_REALIZATION_PENDING"
],
"id": "ConfigState",
"module_id": "PolicyRealizedState",
"title": "Config State",
"type": "string"
}
ConfigType (type)
{
"enum": [
"nsxa-state",
"nsxa-edge-cluster",
"nsxa-lrouter",
"nsxa-service-router",
"nestdb",
"edge-agent",
"dataplane",
"nsd",
"manager",
"controller",
"core"
],
"id": "ConfigType",
"title": "Config Type",
"type": "string"
}
ConfigurationState (type)
{
"id": "ConfigurationState",
"module_id": "Common",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConfigurationStateElement (type)
{
"id": "ConfigurationStateElement",
"module_id": "Common",
"properties": {
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"enum": [
"in_progress",
"success",
"failed",
"partial_success",
"in_sync",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_FAILED",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_FAILED",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"EDGE_CONFIG_ERROR",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_NETWORK_EDIT_PENDING",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"NOT_AVAILABLE",
"REGISTRATION_TIMEDOUT",
"ADVANCED_CONFIG_EDIT_FAILED",
"VM_RESOURCE_RESERVATION_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"pending",
"orphaned",
"unknown",
"error",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_POWER_ON_IN_PROGRESS",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_SUCCESSFUL",
"VM_DEPLOYMENT_RESTARTED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_READY",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"ADVANCED_CONFIG_EDIT_PENDING",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_IN_PROGRESS",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "State of configuration on this sub system",
"type": "string"
},
"sub_system_address": {
"readonly": true,
"required": false,
"title": "URI of backing resource on sub system",
"type": "string"
},
"sub_system_id": {
"readonly": true,
"required": false,
"title": "Identifier of backing resource on sub system",
"type": "string"
},
"sub_system_name": {
"readonly": true,
"required": false,
"title": "Name of backing resource on sub system",
"type": "string"
},
"sub_system_type": {
"readonly": true,
"required": false,
"title": "Type of backing resource on sub system",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operators AND or OR.",
"extends": {
"$ref": "Expression
},
"id": "ConjunctionOperator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ConjunctionOperator"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"conjunction_operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "Conjunction Operator Node",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents the operators AND or OR",
"type": "object"
}
ConnectivityAdvancedConfig (type)
{
"additionalProperties": false,
"id": "ConnectivityAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
}
},
"title": "Advanced configuration for Policy connectivity",
"type": "object"
}
ConsolidatedAPIListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ConsolidatedAPIListRequestParameters",
"module_id": "GroupingObjectsProviders",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement,
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated effective IP addresses API list request parameters",
"type": "object"
}
ConsolidatedEffectiveIPAddressMemberListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ConsolidatedEffectiveIPAddressMemberListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EffectiveIPInfo
},
"required": true,
"title": "Paged Collection of site wise consolidated effective ip addresses for the given NSGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ConsolidatedEffectiveIPListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Enforcement point. Enforcement point is mandatory for this request.",
"extends": {
"$ref": "ConsolidatedAPIListRequestParameters
},
"id": "ConsolidatedEffectiveIPListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point on which the API needs to be executed. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement,
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated API Realization list request params",
"type": "object"
}
ConsolidatedRealizedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status of an intent object across enforcement points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "ConsolidatedRealizedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status across enforcement points.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"consolidated_status_per_enforcement_point": {
"description": "List of Consolidated Realized Status per enforcement point.",
"items": {
"$ref": "ConsolidatedStatusPerEnforcementPoint
},
"readonly": true,
"title": "List of Consolidated Realized Status per Enforcement Point",
"type": "array"
},
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"intent_version": {
"description": "Represent highest intent version across all realized objects",
"readonly": true,
"title": "Intent version for the status",
"type": "string"
},
"publish_status": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Aggregated Realization state of this object",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"site_uuid": {
"description": "Site UUID supplied for realized site.",
"title": "id of Site",
"type": "string"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization.",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
}
},
"title": "Consolidated Realized Status for an Intent Object",
"type": "object"
}
ConsolidatedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Status of an intent object. Status Consolidation of an intent happens at multiple levels: - Per Enforcement Point: calculation of the consolidated status is performed using all realized entities that the intent objet maps to on a specific enforcement point. - Across Enforcement Points: calculation of the consolidated status is performend aggregating the consolidated status from each enforcement point.",
"id": "ConsolidatedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConfigState,
"description": "Consolidated Realized Status of an intent object.",
"readonly": true,
"title": "Consolidated Realized Status"
}
},
"title": "Consolidated Status",
"type": "object"
}
ConsolidatedStatusNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point.",
"extends": {
"$ref": "ConsolidatedStatusPerEnforcementPoint
},
"id": "ConsolidatedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforced_status": {
"$ref": "EnforcedStatusDetailsNsxT,
"description": "Detailed Realized Status inherent to an NSX-T Enforcement Point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "NSX-T Consolidated Status",
"type": "object"
}
ConsolidatedStatusPerEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "BaseConsolidatedStatusPerEnforcementPoint
},
"id": "ConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusPerEnforcementPoint"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Consolidated Realized Status Per Enforcement Point",
"type": "object"
}
ConstantFieldValue (type)
{
"additionalProperties": false,
"description": "Constant Field Value.",
"extends": {
"$ref": "FieldSettingValue
},
"id": "ConstantFieldValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ConstantFieldValue"
},
"properties": {
"constant": {
"description": "Constant Value that the field must be set to.",
"title": "Constant Value",
"type": "object"
},
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Constant Field Value",
"type": "object"
}
Constraint (type)
{
"additionalProperties": false,
"description": "Constraint object to constraint any attribute on a resource based on specified expression. Example- Restrict the allowed services in Edge Communication Entry to list of services, if the destinationGroups contain vCenter. { \"target\":{ \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"services\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" } \"constraint_expression\":{ \"related_attribute\":{ \"attribute\":\"destinationGroups\" } \"condition\":{ \"operator\":\"INCLUDES\", \"rhs_value\":{\"vCenter\"} \"value_constraint\":{ \"operator\":\"ALLOW\", \"values\":{\"/ref/services/HTTPS\", \"/ref/services/HTTOP\", ...} } } } }",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Constraint",
"module_id": "PolicyConstraints",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"constraint_expression": {
"$ref": "ConstraintExpression,
"deprecated": true,
"description": "This property is deprecated. Please use the \"constraint_expressions\" property instead to specify one or more constraint expressions. If this property is populated, then the \"constraint_expressions\" value is ignored.",
"required": false,
"title": "Expression to constrain the target attribute value."
},
"constraint_expressions": {
"descripiton": "An array of expressions. Note that if the deprecated property\n\"constraint_expression\" has a value then this property is\nignored. Please empty out the value of \"constraint_expression\"\nbefore using this property.\n",
"items": {
"$ref": "ConstraintExpression
},
"required": false,
"title": "Expressions to constrain the target attribute value.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"message": {
"required": false,
"title": "User friendly message to be shown to users upon violation.",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target": {
"$ref": "ConstraintTarget,
"deprecated": true,
"description": "This property is deprecated. Please use the \"targets\" property instead to specify one or more targets. If this property is populated, then the \"targets\" value is ignored.",
"required": false,
"title": "Target resource attribute details."
},
"target_owner_type": {
"descripiton": "Every target resource in the policy tree is owned by either local LM or remote GM/LM.\nThis target_owner_type property helps to apply constraints exclusively to only targets which are managed\nby Gloal policy manager Or local policy manager.\nGM: Target's owner type GM indicates that apply constraints to targets that are owned by GM\n this is supported on both GM/NSX+ and LM.\n On LM , Setting this owner type is not support for EntityInstanceCount Expression.\nLM: Target's owner type LM indicates that apply constraints to targets that are owned by\n local policy manager. With owner_type as LM, Constraint will not be applied to targets owned by\n GM. This owner_type is not allowed on GM/NSX+. User can configure this type only on local SDDC/LM.\n On LM , Setting this owner type is not support for EntityInstanceCount Expression.\nALL: Default type. This indicates that constraints will be applied to all\n targets either local or remote. This is supported only on LM.\nDefault owner type is \"GM\" on NSX+/GM, whereas on LM, default is \"ALL\".\n",
"enum": [
"GM",
"LM",
"ALL"
],
"required": false,
"title": "Constraint target's owner type",
"type": "string"
},
"targets": {
"descripiton": "An array of targets to apply constraints. Note that if the\ndeprecated property \"target\" has a value then this property\nis ignored. Please empty out the value of \"target\" before using\nthis property.\n",
"items": {
"$ref": "ConstraintTarget
},
"required": false,
"title": "Collection of target resources attribute details.",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Constraint definition.",
"type": "object"
}
ConstraintExpression (type)
{
"abstract": true,
"description": "All the types of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "ManagedResource
},
"id": "ConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for constraint expression",
"type": "object"
}
ConstraintGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global Constraint configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ConstraintGlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_system_resources": {
"default": false,
"description": "If true, resources that are created by the system (i.e create_user set to SYSTEM_USER) will be included as part of counting the created entity instances while evaulating the EntityInstanceCountConstraintExpression type constraint. By default, these resources are not included as part of evaluating the count expression",
"required": false,
"title": "Include policy resources that are created by system in EntityInstanceCountConstraintExpression constraint",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Constraint configuration",
"type": "object"
}
ConstraintListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ConstraintListResult",
"module_id": "PolicyConstraints",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Constraint
},
"required": true,
"title": "Constraint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Constraints",
"type": "object"
}
ConstraintTarget (type)
{
"additionalProperties": false,
"description": "Resource attribute on which constraint should be applied. Example - sourceGroups attribute of Edge CommunicationEntry to be restricted, is given as: { \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"sourceGroups\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" }",
"id": "ConstraintTarget",
"module_id": "PolicyConstraints",
"properties": {
"attribute": {
"required": false,
"title": "Attribute name of the target entity.",
"type": "string"
},
"path_prefix": {
"description": "Path prefix of the entity to apply constraint. It should be a valid string prefix for policy path. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. For multi-tenancy path-prefixes (i.e. path starting with /orgs) following values are supported: 1. When constraint is created under '/infra/constraints/' OR under '/orgs/<org-id>/projects/<default-project>/infra/constraints/' then '/orgs/<org-id>/projects/<project-id>/' value is supported. 2. When constraint is created under custom project i.e. '/orgs/<org-id>/projects/<project-id>/infra/constraints/' then '/orgs/<org-id>/projects/<project-id>/vpcs/<vpc-id>/' value is supported.",
"required": false,
"title": "Path prefix of the entity to apply constraint.\n",
"type": "string"
},
"target_resource_type": {
"description": "Target resource type accepts input as DTO Type and or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type as SecurityPolicy.Rule.",
"required": false,
"title": "Resource type of the target entity. This is required in case the\nconstraint expressions do not specify target resource type.\n",
"type": "string"
}
},
"title": "Resource attribute on which constraint should be applied.",
"type": "object"
}
ConstraintValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the types of value extend from this abstract class. This is present for extensibility.",
"id": "ConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
}
},
"title": "Base class for each value configuration",
"type": "object"
}
ContainerApplication (type)
{
"description": "Container application within a project.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerApplication",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_ips": {
"description": "The IPv4 and IPv6 clusterIPs of the container application.",
"items": {
"$ref": "IPAddress
},
"readonly": false,
"required": false,
"title": "List of cluster IPs",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this container application belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container application belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application on container cluster e.g. PCF app id, k8s service id.",
"readonly": false,
"required": true,
"title": "External identifier of the container application",
"type": "string"
},
"load_balancer_ingress": {
"description": "Specifies list of load-balancer ingress points",
"items": {
"$ref": "ContainerLoadBalancerIngress
},
"readonly": false,
"required": false,
"title": "List of load-balancer ingress points",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container application.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application",
"type": "string"
},
"node_port_local_endpoints": {
"description": "Specifies list of local endpoint, when service is NodePortLocal.",
"items": {
"$ref": "NodePortLocalEndpoint
},
"readonly": false,
"required": false,
"title": "List of NodePortLocalEndpoint",
"type": "array"
},
"origin_properties": {
"description": "Array of additional specific properties of container application in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_ports": {
"description": "Specifies list of service port.",
"items": {
"$ref": "ContainerServicePort
},
"readonly": false,
"required": false,
"title": "List of service port",
"type": "array"
},
"status": {
"description": "Status of the container application.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"descrption": "Specifies the type of container application. e.g. In case of Kubernetes\ncontainer cluster, it specifies type of service like ClusterIP, NodePort,\nLoadBalancer or ExternalName.\n",
"enum": [
"CLUSTER_IP",
"NODE_PORT",
"LOAD_BALANCER",
"EXTERNAL_NAME"
],
"readonly": false,
"required": false,
"title": "Type of container application",
"type": "string"
}
},
"title": "Container application within a project",
"type": "object"
}
ContainerApplicationInstance (type)
{
"description": "Container application instance within a project.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerApplicationInstance",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_node_id": {
"description": "Cluster node id where application instance is running.",
"readonly": false,
"required": false,
"title": "Cluster node id",
"type": "string"
},
"container_application_ids": {
"description": "List of identifiers of the container application.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this application instance belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project which this container application instance belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application instance on container cluster.",
"readonly": false,
"required": true,
"title": "External identifier of the container application instance",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container application instance.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application instance.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application instance",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container application instance in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"status": {
"description": "Status of the container application instance.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application instance",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Application Instance",
"type": "object"
}
ContainerApplicationInstanceGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ContainerApplicationInstanceGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"pod_id": {
"required": true,
"title": "ContainerApplicationInstance",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"type": "object"
}
ContainerApplicationInstanceListRequestParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ContainerObjectsListRequestParameters
},
"id": "ContainerApplicationInstanceListRequestParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_application_id": {
"description": "Identifier of the container application.",
"readonly": false,
"required": false,
"title": "Identifier of the container application",
"type": "string"
},
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container application instance list parameters",
"type": "object"
}
ContainerApplicationInstanceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerApplicationInstanceListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerApplicationInstance
},
"required": true,
"title": "List of Container Applications",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerApplicationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerApplicationListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerApplication
},
"required": true,
"title": "List of Container Applications",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerCluster (type)
{
"description": "Details of container cluster.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerCluster",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_ip_ranges": {
"description": "In case of Kubernetes container cluster, it specifies CIDRs that will be assigned to services created on Kubernetes.",
"items": {
"$ref": "IPCIDRBlock
},
"maxItems": 2,
"readonly": false,
"required": false,
"title": "List of cluster IP range",
"type": "array"
},
"cluster_type": {
"description": "Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"WCP_Guest",
"AKS",
"EKS",
"TKGm",
"TKGi",
"GKE",
"Gardener",
"Rancher",
"TAS",
"SupervisorCluster",
"WorkloadCluster",
"Other"
],
"readonly": false,
"required": false,
"title": "Type of the container cluster",
"type": "string"
},
"cni_type": {
"default": "Other",
"description": "Specifies Container Network Interface type for container cluster.",
"enum": [
"NCP",
"Antrea",
"Other"
],
"readonly": false,
"required": false,
"title": "CNI type for container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"infrastructure": {
"$ref": "ContainerInfrastructureInfo,
"description": "Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"readonly": false,
"required": false,
"title": "Details of infrastructure for the container cluster"
},
"network_errors": {
"description": "List of network errors related to container cluster.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster",
"type": "string"
},
"node_port_local_range": {
"description": "Specifies the port range to be used for NodePortLocal services.",
"format": "port-or-range",
"readonly": false,
"required": false,
"title": "Node port local range",
"type": "string"
},
"node_port_range": {
"description": "In case of Kubernetes container cluster, it specifies port range to be used for Kubernetes services created with the type NodePort.",
"format": "port-or-range",
"readonly": false,
"required": false,
"title": "Node port range",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"supervisor_project_id": {
"description": "Specifies supervisor container project identifier for cluster.",
"readonly": false,
"required": false,
"title": "Supervisor ContainerProject identifier for cluster",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster",
"type": "object"
}
ContainerClusterFilterParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "ContainerClusterFilterParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container cluster filter parameter",
"type": "object"
}
ContainerClusterListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ContainerClusterListRequestParameters",
"module_id": "TnContainerStatus",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"status": {
"$ref": "TnContainerStatusType,
"title": "Container cluster status"
}
},
"type": "object"
}
ContainerClusterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerClusterListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerCluster
},
"required": true,
"title": "List of Container Clusters",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerClusterNode (type)
{
"description": "Details of container cluster node i.e. container host.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerClusterNode",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cni_agent_status": {
"description": "Specifies Container Network Interface agent status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "CNI agent status of container cluster node",
"type": "string"
},
"container_cluster_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster node in K8S/PAS.",
"readonly": false,
"required": true,
"title": "External identifier of the container cluster node",
"type": "string"
},
"external_ip_addresses": {
"description": "Specifies list of external ip address of Node.",
"items": {
"$ref": "IPAddress
},
"readonly": false,
"required": false,
"title": "List of external ip address of Node",
"type": "array"
},
"ip_addresses": {
"description": "List of IP addresses of container cluster node.",
"items": {
"$ref": "IPAddress
},
"readonly": false,
"required": false,
"title": "IP Addresses of Node",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container cluster node.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster node",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster node in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"pod_cidrs": {
"description": "In case of Kubernetes container cluster, it represents the IP ranges assigned to the node for usage by Pod on that node.",
"items": {
"$ref": "IPCIDRBlock
},
"readonly": false,
"required": false,
"title": "List of CIDR of container application instance",
"type": "array"
},
"provider_id": {
"description": "Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine.",
"readonly": false,
"required": false,
"title": "Provider id of container node",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster node",
"type": "object"
}
ContainerClusterNodeListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerClusterNodeListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerClusterNode
},
"required": true,
"title": "List of container cluster nodes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerClusterPropertiesFilterParameters (type)
{
"description": "Request object, containing multiple cluster properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "ContainerClusterPropertiesFilterParameters",
"module_id": "InventoryContainerObj",
"properties": {
"cluster_type": {
"description": "This is the type of container cluster.",
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"WCP_Guest",
"AKS",
"EKS",
"TKGm",
"TKGi",
"GKE",
"Gardener",
"Rancher",
"TAS",
"Other"
],
"readonly": false,
"required": false,
"title": "Type of container cluster",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"infra_type": {
"description": "This is the type of container's infrastructure.",
"enum": [
"vSphere",
"AWS",
"Azure",
"Google",
"VMC",
"KVM",
"Baremetal"
],
"readonly": false,
"required": false,
"title": "Type of infrastructure",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container cluster filter parameter by cluster properties",
"type": "object"
}
ContainerClusterStatus (type)
{
"id": "ContainerClusterStatus",
"module_id": "TnContainerStatus",
"properties": {
"cluster_id": {
"description": "Identifier of the container cluster.",
"title": "Identifier of the container cluster",
"type": "string"
},
"detail": {
"description": "Detail information on status.",
"title": "Detail information on status",
"type": "string"
},
"interval": {
"description": "Display the cluster check interval in seconds.",
"maximum": 600,
"minimum": 60,
"readonly": true,
"title": "Container cluster status check interval",
"type": "int"
},
"status": {
"$ref": "TnContainerStatusType,
"description": "Display the container cluster status.",
"title": "Container cluster status"
}
},
"type": "object"
}
ContainerClusterStatusList (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ContainerClusterStatusList",
"module_id": "TnContainerStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Container cluster list.",
"items": {
"$ref": "ContainerClusterSummary
},
"readonly": true,
"required": false,
"title": "Container cluster list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of the Container cluster",
"type": "object"
}
ContainerClusterSummary (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "ContainerClusterSummary",
"module_id": "TnContainerStatus",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": true,
"required": true,
"title": "Identifier of the container cluster",
"type": "string"
},
"cluster_name": {
"description": "Display the container cluster name",
"required": true,
"title": "Container cluster name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"detail": {
"description": "Detail information on status.",
"readonly": true,
"required": false,
"title": "Detail information on status",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "TnContainerStatusType,
"description": "Display the container cluster status.",
"required": true,
"title": "Container cluster status"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ContainerClusterType,
"description": "Container cluster type.",
"title": "Container cluster type"
}
},
"type": "object"
}
ContainerClusterType (type)
{
"additionalProperties": false,
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"Other"
],
"id": "ContainerClusterType",
"module_id": "TnContainerStatus",
"title": "Container cluster type",
"type": "string"
}
ContainerConfiguration (type)
{
"additionalProperties": false,
"description": "Represents a container to group widgets that belong to a common category or have a common purpose.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "ContainerConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "ContainerConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"header": {
"$ref": "Header
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"labels": {
"description": "Labels for the container.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "Labels",
"type": "array"
},
"layout": {
"$ref": "Layout,
"deprecated": true,
"description": "Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied. This property is deprecated. Now the layout inside the container can be taken care with the help of 'rowspan' and 'colspan' property.",
"title": "Layout of widgets inside container"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widgets": {
"description": "If not specified, creates an empty container.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"title": "Widgets held by the container",
"type": "array"
}
},
"title": "Container that holds widgets",
"type": "object"
}
ContainerEgress (type)
{
"description": "Details of Container Egress.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerEgress",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this egress belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"egress_ip": {
"description": "Container egress IP.",
"format": "ip",
"readonly": false,
"required": false,
"title": "Container egress IP",
"type": "string"
},
"external_id": {
"description": "Identifier of the container egress.",
"readonly": false,
"required": true,
"title": "External identifier of the container egress",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container egress in key-value format. e.g. key can be externalIPPool, value is a string",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerEgress resource. e.g. yaml definition of kubernetes egress resource.",
"readonly": false,
"required": false,
"title": "Container egress specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Egress",
"type": "object"
}
ContainerEgressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerEgressListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Specifies list of container egress.",
"items": {
"$ref": "ContainerEgress
},
"required": true,
"title": "List of ContainerEgress",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerGateway (type)
{
"description": "A Gateway describes how traffic can be translated to Services within the container cluster.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerGateway",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"addresses": {
"description": "Specifies addresses which lists the IP addresses that have actually been bound to the gateway.",
"items": {
"$ref": "ContainerGatewayAddress
},
"readonly": false,
"required": false,
"title": "List of addresses bound to gateway",
"type": "array"
},
"container_cluster_id": {
"description": "Specifies identifier of the container cluster of this container gateway.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Specifies identifier of the container project of this container gateway.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Specifies identifier of the container gateway.",
"readonly": false,
"required": true,
"title": "External identifier of the container gateway",
"type": "string"
},
"listeners": {
"description": "Specifies list of listeners which defines logical endpoints that are bound on this Gateway's addresses.",
"items": {
"$ref": "ContainerGatewayListener
},
"readonly": false,
"required": false,
"title": "List of listener",
"type": "array"
},
"origin_properties": {
"description": "Array of additional specific properties of container ip pool in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerGateway resource.",
"readonly": false,
"required": false,
"title": "Container gateway specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container gateway",
"type": "object"
}
ContainerGatewayAddress (type)
{
"description": "Specifies an address that can be bound to a container gateway.",
"id": "ContainerGatewayAddress",
"module_id": "InventoryContainerObj",
"properties": {
"address": {
"description": "Specifies address of container gateway.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Address of container gateway",
"type": "string"
},
"type": {
"description": "Specifies type of gateway address. e.g. Hostname, IPAddress, NamedAddress.",
"enum": [
"HOST_NAME",
"IP_ADDRESS",
"NAMED_ADDRESS"
],
"readonly": false,
"required": false,
"title": "Type of gateway address",
"type": "string"
}
},
"title": "Container gateway address",
"type": "object"
}
ContainerGatewayListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerGatewayListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerGateway
},
"required": true,
"title": "List of Container Gateway",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerGatewayListener (type)
{
"description": "Listener embodies the concept of a logical endpoint where a Gateway accepts network connections.",
"id": "ContainerGatewayListener",
"module_id": "InventoryContainerObj",
"properties": {
"hostname": {
"description": "Specifies the virtual hostname to match for protocol type.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Hostname of gateway listener",
"type": "string"
},
"name": {
"description": "Specifies name of gateway listener",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Name of gateway listener",
"type": "string"
},
"port": {
"description": "Specifies network port of gateway.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port of gateway listener",
"type": "integer"
},
"protocol": {
"description": "Specifies the network protocol this listener expects to receive. e.g. HTTP\uff0cHTTPS\uff0cTCP, TLS, UDP.",
"enum": [
"HTTP",
"HTTPS",
"TCP",
"TLS",
"UDP"
],
"readonly": false,
"required": false,
"title": "Protocol of gateway listener",
"type": "string"
}
},
"title": "Container gateway listener",
"type": "object"
}
ContainerInfrastructureInfo (type)
{
"description": "Details of infrastructure hosting the container cluster e.g. vSphere, AWS, VMC etc..",
"id": "ContainerInfrastructureInfo",
"module_id": "InventoryContainerObj",
"properties": {
"infra_type": {
"description": "Type of the infrastructure.",
"enum": [
"vSphere",
"AWS",
"Azure",
"Google",
"VMC",
"KVM",
"Baremetal"
],
"readonly": false,
"required": true,
"title": "Type of the infrastructure",
"type": "string"
}
},
"title": "Details of container infrastructure",
"type": "object"
}
ContainerIngressPolicy (type)
{
"description": "Details of Container Ingress Policy.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerIngressPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_application_ids": {
"description": "List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this ingress policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container ingress belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container ingress policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container ingress policy",
"type": "string"
},
"load_balance_ingress": {
"description": "Specifies list for ingress points for the load balancer.",
"items": {
"$ref": "ContainerLoadBalancerIngress
},
"readonly": false,
"required": false,
"title": "List of container loadbalancer ingress",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container ingress.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container ingress.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container ingress",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container ingress in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container ingress policy specification.",
"readonly": false,
"required": false,
"title": "Container ingress policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Ingress Policy",
"type": "object"
}
ContainerIngressPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerIngressPolicyListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerIngressPolicy
},
"required": true,
"title": "List of Container Ingress Policy specs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerIpPool (type)
{
"description": "Details of Container Ip Pool.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerIpPool",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Specifies identifier of the container cluster this container ip pool belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Specifies identifier of the container ip pool.",
"readonly": false,
"required": true,
"title": "External identifier of the container ip pool",
"type": "string"
},
"ip_ranges": {
"description": "Specifies list of SubnetIpRange, which is a set of contiguous IP addresses, represented by a CIDR or a pair of start and end IPs, along with subnet definition.",
"items": {
"$ref": "SubnetIpRange
},
"readonly": false,
"required": false,
"title": "List of IP ranges with subnet details",
"type": "array"
},
"ip_version": {
"description": "Specifies IP version of container IP pool.",
"enum": [
4,
6
],
"readonly": false,
"required": false,
"title": "IP version of ContainerIpPool",
"type": "integer"
},
"origin_properties": {
"description": "Array of additional specific properties of container ip pool in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "This specifies yaml definition of ContainerIpPool resource.",
"readonly": false,
"required": false,
"title": "Container ip pool specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Ip Pool",
"type": "object"
}
ContainerIpPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerIpPoolListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerIpPool
},
"required": true,
"title": "List of Container IP Pool",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Antrea Cluster.",
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "ContainerListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"description": "ID of the cluster to query",
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realization list request params",
"type": "object"
}
ContainerLoadBalancerIngress (type)
{
"description": "It represents the status of a load-balancer ingress point.",
"id": "ContainerLoadBalancerIngress",
"module_id": "InventoryContainerObj",
"properties": {
"hostname": {
"description": "Hostname is set for load-balancer ingress points that are DNS based.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Hostname of load-balance ingress point",
"type": "string"
},
"ip": {
"description": "IP is set for load-balancer ingress points that are IP based.",
"format": "ip",
"readonly": false,
"required": false,
"title": "IP of load-balancer ingress point",
"type": "string"
},
"ports": {
"description": "Ports is a list of records of service points.",
"items": {
"$ref": "PortStatus
},
"readonly": false,
"required": false,
"title": "List of PortStatus",
"type": "array"
}
},
"title": "Ingress point for load balancer",
"type": "object"
}
ContainerNetworkPolicy (type)
{
"description": "Network policy applied to container.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerNetworkPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container network policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container network policy",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container network policy.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container network policy.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container network policy",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container network policy in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"policy_type": {
"description": "Type e.g. Network Policy, ASG.",
"enum": [
"NETWORK_POLICY",
"ASG",
"ACNP",
"ANP"
],
"readonly": false,
"required": false,
"title": "Type",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container network policy specification.",
"readonly": false,
"required": false,
"title": "Container network policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Network Policy",
"type": "object"
}
ContainerNetworkPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerNetworkPolicyListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerNetworkPolicy
},
"required": true,
"title": "List of Container Network Policy specs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerObjectsListRequestParameters (type)
{
"description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.",
"extends": {
"$ref": "ContainerClusterFilterParameters
},
"id": "ContainerObjectsListRequestParameters",
"module_id": "InventoryContainerObj",
"properties": {
"container_cluster_id": {
"description": "Identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project.",
"readonly": false,
"required": false,
"title": "Identifier of the container project",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Specifies scope id for container cluster. Default value is same as identifier of the cluster.",
"readonly": false,
"required": false,
"title": "Scope id for container cluster",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container objects list parameters",
"type": "object"
}
ContainerProject (type)
{
"description": "Details of org/namespace within a container cluster.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerProject",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster to which this project/namespace belongs.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container project.",
"readonly": false,
"required": true,
"title": "External identifier of the container project",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container project.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container project.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container project",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container project in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container project within a container cluster",
"type": "object"
}
ContainerProjectListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ContainerProjectListResult",
"module_id": "InventoryContainerObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ContainerProject
},
"required": true,
"title": "List of projects",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ContainerServicePort (type)
{
"description": "Specifices details of port exposed by service.",
"id": "ContainerServicePort",
"module_id": "InventoryContainerObj",
"properties": {
"name": {
"description": "Specifies name of port within the service.",
"readonly": false,
"required": false,
"title": "Name of port",
"type": "string"
},
"node_port": {
"description": "In case of Kubernetes container cluster, it is port on each node on which the service is exposed, when type of service is NodePort or LoadBalancer.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Node port of container application",
"type": "integer"
},
"port": {
"description": "Specifies port exposed by the service",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port of service",
"type": "integer"
},
"protocol": {
"description": "Specifies IP protocol of the port. e.g. TCP, UDP, SCTP.",
"enum": [
"TCP",
"UDP",
"SCTP"
],
"readonly": false,
"required": false,
"title": "IP protocol of port",
"type": "string"
},
"target_port": {
"description": "Specifies the number or name of port to access on container application instance by the container application. e.g. It is number or name of port to access of pod by service.",
"maxLength": 15,
"readony": false,
"required": false,
"title": "Target port of service",
"type": "string"
}
},
"title": "Details of service port",
"type": "object"
}
ContentFilterValue (type)
{
"enum": [
"ALL",
"DEFAULT",
"REMOVE_CORE_FILES",
"EAL4_AUDIT"
],
"id": "ContentFilterValue",
"title": "Support bundle content filter allowed values",
"type": "string"
}
ContextProfileAttributesMetadata (type)
{
"additionalProperties": false,
"id": "ContextProfileAttributesMetadata",
"module_id": "PolicyContextProfile",
"properties": {
"key": {
"required": true,
"title": "Key for metadata",
"type": "string"
},
"value": {
"required": true,
"title": "Value for metadata key",
"type": "string"
}
},
"title": "Key value structure for holding metadata of context profile attributes",
"type": "object"
}
ContinueMigrationRequestParameters (type)
{
"additionalProperties": false,
"id": "ContinueMigrationRequestParameters",
"module_id": "Migration",
"properties": {
"skip": {
"default": false,
"readonly": false,
"required": false,
"title": "Skip to migration of next component.",
"type": "boolean"
}
},
"type": "object"
}
ContinueRequestParameters (type)
{
"additionalProperties": false,
"id": "ContinueRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Hints NSX to upgrade a specific component.",
"readonly": false,
"required": false,
"title": "Component to upgrade.",
"type": "string"
},
"skip": {
"default": false,
"readonly": false,
"required": false,
"title": "Skip to upgrade of next component.",
"type": "boolean"
}
},
"type": "object"
}
ControlClusterNodeStatus (type)
{
"additionalProperties": false,
"id": "ControlClusterNodeStatus",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_status": {
"$ref": "ClusteringStatus,
"readonly": true,
"title": "Status of this node's connection to the control cluster"
},
"mgmt_connection_status": {
"$ref": "MgmtConnStatus,
"readonly": true,
"title": "Status of this node's management plane connection"
}
},
"type": "object"
}
ControlConnStatus (type)
{
"id": "ControlConnStatus",
"module_id": "FabricNode",
"properties": {
"control_node_ip": {
"readonly": true,
"required": true,
"title": "IP address of the control Node.",
"type": "string"
},
"failure_status": {
"enum": [
"CONNECTION_REFUSED",
"INCOMPLETE_HOST_CERT",
"INCOMPLETE_CONTROLLER_CERT",
"CONTROLLER_REJECTED_HOST_CERT",
"HOST_REJECTED_CONTROLLER_CERT",
"KEEP_ALIVE_TIMEOUT",
"OTHER_SSL_ERROR",
"OTHER_ERROR"
],
"help_detail": "CONNECTION_REFUSED \"Connection refused by control node\"\nINCOMPLETE_HOST_CERT \"Incomplete host certificate\"\nINCOMPLETE_CONTROLLER_CERT \"Incomplete controller certificate\"\nCONTROLLER_REJECTED_HOST_CERT \"Controller rejected host certificate\"\nHOST_REJECTED_CONTROLLER_CERT \"Host rejected controller certificate\"\nKEEP_ALIVE_TIMEOUT \"Keep alive timeout\"\nOTHER_SSL_ERROR \"Other ssl error\"\nOTHER_ERROR \"Other error\".\n",
"readonly": true,
"required": false,
"title": "Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT.",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN"
],
"help_detail": "UP \"Control node is up\"\nDown \"Control node is down\".\n",
"readonly": true,
"required": true,
"title": "Status of the control Node for e.g UP, DOWN.",
"type": "string"
}
},
"type": "object"
}
ControllerClusterRoleConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ClusterRoleConfig
},
"id": "ControllerClusterRoleConfig",
"module_id": "ClusterManagement",
"properties": {
"control_cluster_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the control cluster service on this node"
},
"control_plane_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the control plane service on this node"
},
"host_msg_client_info": {
"$ref": "MsgClientInfo
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo
},
"type": {
"enum": [
"ManagementClusterRoleConfig",
"ControllerClusterRoleConfig"
],
"readonly": true,
"required": true,
"title": "Type of this role configuration",
"type": "string"
}
},
"type": "object"
}
ControllerClusterStatus (type)
{
"additionalProperties": false,
"id": "ControllerClusterStatus",
"module_id": "ClusterManagement",
"properties": {
"status": {
"enum": [
"NO_CONTROLLERS",
"UNSTABLE",
"DEGRADED",
"STABLE",
"UNKNOWN"
],
"readonly": true,
"title": "The current status of the controller cluster",
"type": "string"
}
},
"type": "object"
}
ControllerNodeAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseNodeAggregateInfo
},
"id": "ControllerNodeAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"display_name": {
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_interface_properties": {
"items": {
"$ref": "NodeInterfaceProperties
},
"readonly": true,
"title": "Array of Node interface statistic properties",
"type": "array"
},
"node_interface_statistics": {
"items": {
"$ref": "NodeInterfaceStatisticsProperties
},
"readonly": true,
"title": "Array of Node network interface statistic properties",
"type": "array"
},
"node_status": {
"$ref": "ClusterNodeStatus,
"readonly": true
},
"node_status_properties": {
"items": {
"$ref": "NodeStatusProperties
},
"title": "Time series of the node's system properties",
"type": "array"
},
"role_config": {
"$ref": "ControllerClusterRoleConfig,
"readonly": true
}
},
"type": "object"
}
ControllerProfilerProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ControllerProfilerProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"enabled": {
"description": "True for enabling controller profiler, False for disabling controller profiler.",
"type": "boolean"
}
},
"title": "Controller profiler properties",
"type": "object"
}
CookiePersistenceModeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client.",
"enum": [
"INSERT",
"PREFIX",
"REWRITE"
],
"id": "CookiePersistenceModeType",
"module_id": "LoadBalancer",
"title": "cookie persistence mode",
"type": "string"
}
CookieTimeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting",
"enum": [
"LbSessionCookieTime",
"LbPersistenceCookieTime"
],
"id": "CookieTimeType",
"module_id": "LoadBalancer",
"title": "Snat translation type",
"type": "string"
}
CopyFromRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CopyFromRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "Protocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyRemoteFileProperties (type)
{
"additionalProperties": {},
"id": "CopyRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyToRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CopyToRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "Protocol,
"description": "Only scp and sftp may be used.",
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CoreCountByEdition (type)
{
"additionalProperties": false,
"id": "CoreCountByEdition",
"module_id": "SecurityLicenseUsage",
"properties": {
"features_in_use": {
"description": "Feature in use within product family. If there is ATP feature found on any host/edge, all features on it will be listed in ATP product family.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Feature in use within product family",
"type": "array"
},
"product_family": {
"description": "Product Family",
"enum": [
"VMware vDefend Firewall",
"VMware vDefend Firewall with Advanced Threat Prevention"
],
"readonly": true,
"required": false,
"title": "Product Family",
"type": "string"
},
"raw_core_count_by_type": {
"$ref": "RawCoreCount,
"description": "Raw cores counts by type of cores used in license edition.",
"readonly": true,
"required": false,
"title": "Raw Core Counts by core type"
},
"total_licensed_core_count": {
"description": "Total Licensed core count across features.",
"readonly": true,
"title": "Total Licensed core count across features",
"type": "string"
},
"total_raw_core": {
"description": "Total raw raw core count across features.",
"readonly": true,
"title": "Total raw raw core count across features",
"type": "string"
}
},
"type": "object"
}
CoreCountByFeature (type)
{
"additionalProperties": false,
"id": "CoreCountByFeature",
"module_id": "SecurityLicenseUsage",
"properties": {
"licensed_core_count": {
"$ref": "FeatureUsages,
"description": "Licensed Core Counts.",
"readonly": true,
"required": false,
"title": "Licensed Core Counts"
},
"raw_core_counts": {
"$ref": "FeatureUsages,
"description": "Feature Usage.",
"readonly": true,
"required": false,
"title": "Feature Usage"
}
},
"type": "object"
}
CoreDumpConfig (type)
{
"additionalProperties": false,
"description": "Node core dump config",
"id": "CoreDumpConfig",
"properties": {
"global_file_limit": {
"default": 2,
"minimum": 0,
"title": "Core dump file persistence config global limit",
"type": "integer"
},
"global_frequency_threshold": {
"default": 600,
"minimum": 0,
"title": "Core dump files frequency threshold config in seconds, set 0 to disable\n",
"type": "integer"
},
"process_config": {
"items": {
"$ref": "CoreDumpProcessConfig
},
"title": "Core dump config per process limit",
"type": "array"
}
},
"title": "Node core dump config",
"type": "object"
}
CoreDumpProcessConfig (type)
{
"id": "CoreDumpProcessConfig",
"properties": {
"limit": {
"required": true,
"title": "Core dump process limit",
"type": "integer"
},
"process_name": {
"required": true,
"title": "Core dump process name",
"type": "string"
}
},
"title": "Core dump process config",
"type": "object"
}
CorfuCertificateExpiryCheckProperties (type)
{
"additionalProperties": false,
"id": "CorfuCertificateExpiryCheckProperties",
"module_id": "ComplianceReporter",
"properties": {
"status": {
"required": true,
"title": "Current Status of Corfu Certificate Expiry Check (enabled/disabled)",
"type": "string"
}
},
"title": "Corfu Certificate Expiry Check Properties",
"type": "object"
}
CountActionArgument (type)
{
"id": "CountActionArgument",
"module_id": "LiveTrace",
"properties": {
"count_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Type of count",
"type": "string"
},
"dest_lport": {
"description": "It is required only when the type of count is bidirectional. Please keep this field aligned with the destination logical port of trace action and packet capture action config when the type of trace action and packet capture action are bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional count",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "It takes effect only when the type of count is bidirectional. Please keep this aligned with the packet filter of reverse direction of trace action and packet capture action config when the type of count action and packet capture action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
}
},
"type": "object"
}
CountActionConfig (type)
{
"id": "CountActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "CountActionArgument,
"required": true,
"title": "The count action argument"
}
},
"type": "object"
}
CountObservation (type)
{
"abstract": true,
"id": "CountObservation",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"required": true,
"title": "Type of count observation",
"type": "string"
}
},
"type": "object"
}
CounterResult (type)
{
"id": "CounterResult",
"module_id": "LiveTrace",
"properties": {
"backward_results": {
"description": "The count action results from the checkpoints traversed by packets from the destination port.",
"items": {
"$ref": "CountObservation
},
"required": false,
"title": "Count action list results",
"type": "array"
},
"forward_results": {
"description": "The count action results from the checkpoints traversed by packets from the source port.",
"items": {
"$ref": "CountObservation
},
"required": false,
"title": "Count action list results",
"type": "array"
}
},
"type": "object"
}
CounterTypesParameter (type)
{
"id": "CounterTypesParameter",
"module_id": "ObservabilityCounters",
"properties": {
"type": {
"description": "Counter type query parameters.",
"required": false,
"title": "type",
"type": "string"
}
},
"title": "Parameters to define returned counter types",
"type": "object"
}
CpuCoreConfigForEnhancedNetworkingStackSwitch (type) (Deprecated)
{
"deprecated": true,
"description": "Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.",
"id": "CpuCoreConfigForEnhancedNetworkingStackSwitch",
"module_id": "TransportNode",
"properties": {
"num_lcores": {
"minimum": 1,
"readonly": false,
"required": true,
"title": "Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node",
"type": "int"
},
"numa_node_index": {
"minimum": 0,
"readonly": false,
"required": true,
"title": "Unique index of the Non Uniform Memory Access (NUMA) node",
"type": "int"
}
},
"title": "Enhanced Networking Stack CPU configuration",
"type": "object"
}
CpuStats (type)
{
"additionalProperties": false,
"id": "CpuStats",
"properties": {
"core": {
"description": "CPU id",
"readonly": true,
"title": "core id",
"type": "string"
},
"cpu_type": {
"default": "controlpath_core",
"description": "cpu type, one of datapath_core, controlpath_core and service_core",
"enum": [
"datapath_core",
"controlpath_core",
"service_core"
],
"readonly": true,
"title": "cpu type",
"type": "string"
},
"crypto": {
"description": "CPU crypto usage(pps)",
"readonly": true,
"title": "CPU crypto usage",
"type": "string"
},
"intercore": {
"description": "CPU intercore usage(pps)",
"readonly": true,
"title": "CPU intercore usage",
"type": "string"
},
"kni": {
"description": "CPU kni usage(pps)",
"readonly": true,
"title": "CPU kni usage",
"type": "string"
},
"mega_flowcachestats": {
"$ref": "FlowCacheStatistics,
"description": "Mega Flow cache statistics. All flow cache stats would be reset on Datapath restart.",
"readonly": true,
"title": "Flow cache stats",
"type": "object"
},
"micro_flowcachestats": {
"$ref": "FlowCacheStatistics,
"description": "Micro Flow cache statistics. All flow cache stats would be reset on Datapath restart.",
"readonly": true,
"title": "Flow cache stats",
"type": "object"
},
"packet_processing_usage": {
"description": "Datapath CPU packet processing usage(%)",
"readonly": true,
"title": "Datapath CPU packet processing usage",
"type": "string"
},
"rx": {
"description": "CPU rx usage(pps)",
"readonly": true,
"title": "CPU rx usage",
"type": "string"
},
"slowpath": {
"description": "CPU slowpath usage(pps)",
"readonly": true,
"title": "CPU slowpath usage",
"type": "string"
},
"tx": {
"description": "CPU tx usage(pps)",
"readonly": true,
"title": "CPU tx usage",
"type": "string"
},
"usage": {
"description": "CPU usage(%)",
"readonly": true,
"title": "CPU usage",
"type": "string"
}
},
"type": "object"
}
CpuUsage (type)
{
"additionalProperties": false,
"id": "CpuUsage",
"module_id": "ApplianceStats",
"properties": {
"avg_cpu_core_usage_dpdk": {
"description": "Indicates the average usage of all DPDK cores in percentage.",
"readonly": true,
"title": "Average utilization of all DPDK cores",
"type": "number"
},
"avg_cpu_core_usage_non_dpdk": {
"description": "Indicates the average usage of all non-DPDK cores in percentage.",
"readonly": true,
"title": "Average usage of all non-DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_dpdk": {
"description": "Indicates the highest CPU utilization value among DPDK cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_non_dpdk": {
"description": "Indicates the highest cpu utilization value among non_dpdk cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among non-DPDK cores",
"type": "number"
}
},
"title": "CPU usage of DPDK and non-DPDK cores",
"type": "object"
}
CreateRemoteDirectoryProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CreateRemoteDirectoryProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "SftpProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
Criterion (type)
{
"additionalProperties": false,
"description": "Event Criterion is the logical evaluations by which the event may be deemed fulfilled. All the evaluations must be met in order for the criterion to be met (implicit AND).",
"id": "Criterion",
"module_id": "PolicyReaction",
"properties": {
"evaluations": {
"description": "Criterion Evaluations.",
"items": {
"$ref": "Evaluation
},
"minItems": 1,
"required": true,
"title": "Criterion Evaluations",
"type": "array"
}
},
"title": "Event Criterion",
"type": "object"
}
Crl (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Crl",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"$ref": "X509Crl,
"description": "Details of the X509Crl object.",
"readonly": true,
"required": false
},
"details_revoked_by_issuer_and_serial_number": {
"items": {
"$ref": "IssuerSerialNumber
},
"readonly": true,
"required": false,
"title": "Certificates revoked by issuer and serial number",
"type": "array"
},
"details_revoked_by_subject_and_public_key_hash": {
"items": {
"$ref": "SubjectPublicKeyHash
},
"readonly": true,
"required": false,
"title": "Certificates revoked by subject and public key hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlDistributionPoint (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CrlDistributionPoint",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"issuer": {
"description": "Issuer of the CRL, referring to the CA.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Issuer",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlDistributionPointList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CrlDistributionPointList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CrlDistributionPoint list.",
"items": {
"$ref": "CrlDistributionPoint
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CrlDistributionPoint query result",
"type": "object"
}
CrlDistributionPointStatus (type)
{
"additionalProperties": false,
"id": "CrlDistributionPointStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when fetching the CRL failed.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CdpStatusType,
"description": "Status of the fetched CRL for this CrlDistributionPoint",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CrlList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CRL list.",
"items": {
"$ref": "Crl
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Crl queries result",
"type": "object"
}
CrlObjectData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CrlObjectData",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlPemRequestType (type)
{
"additionalProperties": false,
"id": "CrlPemRequestType",
"module_id": "CertificateManager",
"properties": {
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
}
},
"title": "Request Type to get a CRL's PEM file.",
"type": "object"
}
CrossSiteFlowInfo (type)
{
"description": "Represents details of the config flow between sites. Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "CrossSiteFlowInfo",
"module_id": "FederationObservability",
"properties": {
"from_site_id": {
"read_only": true,
"title": "Site id of the source",
"type": "string"
},
"from_site_path": {
"read_only": true,
"title": "Source site policy path",
"type": "string"
},
"full_sync_info": {
"$ref": "FullSyncInfo,
"read_only": true,
"title": "Full sync information for the flow"
},
"latency_measured_ts": {
"read_only": true,
"title": "Timestamp of latency measurement",
"type": "integer"
},
"latency_millis": {
"read_only": true,
"title": "Latency from source to destination site in milli seconds",
"type": "integer"
},
"leader_node_id": {
"read_only": true,
"title": "Local leader node id sharded for this remote site.",
"type": "string"
},
"status": {
"enum": [
"GOOD",
"DISCONNECTED",
"RECOVERY",
"ERROR",
"UNKNOWN",
"NOT_READY"
],
"read_only": true,
"title": "Overall status of the flow",
"type": "string"
},
"to_site_id": {
"read_only": true,
"title": "Site id of the destination",
"type": "string"
},
"to_site_path": {
"read_only": true,
"title": "Destination site policy path",
"type": "string"
}
},
"title": "Information about config flow in federation",
"type": "object"
}
CryptoAlgorithm (type)
{
"additionalProperties": false,
"id": "CryptoAlgorithm",
"module_id": "CertificateManager",
"properties": {
"key_size": {
"description": "Supported key sizes for the algorithm.",
"items": {
"$ref": "KeySize
},
"readonly": true,
"required": true,
"type": "array"
},
"name": {
"description": "Crypto algorithm name.",
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
CryptoEnforcement (type)
{
"additionalProperties": false,
"description": "If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated.",
"enum": [
"ENFORCE",
"TRANSPARENT"
],
"help_summary": "Use of 'ENFORCE' will terminate connection if TLS protocol Client/Server Hello has\nnone of the permitted TLS versions or ciphers.\nUse of 'TRANSPARENT' will let client's and server's own choices use for TLS\nversions and ciphers to successfully intercept the connection.\n",
"id": "CryptoEnforcement",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "Action for crypto enforcement",
"type": "string"
}
CspConfig (type)
{
"description": "Extra OIDC configuration relevant only for CSP endpoints.",
"id": "CspConfig",
"module_id": "CertificateManager",
"properties": {
"additional_org_ids": {
"description": "A list of organization IDs. CSP tokens must be associated with one of these organizations, or the customer_org_id, in order to be considered valid.",
"items": {
"type": "string"
},
"title": "Additional orginzation IDs",
"type": "array"
},
"customer_org_id": {
"descrpition": "The ID of the customer organization.",
"title": "Customer organization ID",
"type": "string"
}
},
"title": "CSP authentication configuration",
"type": "object"
}
Csr (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Csr",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions,
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CsrExtensions (type)
{
"additionalProperties": false,
"id": "CsrExtensions",
"module_id": "CertificateManager",
"properties": {
"subject_alt_names": {
"$ref": "SubjectAltNames,
"description": "Subject alternative names of the CSR",
"readonly": true,
"required": false,
"title": "Subject alternative names"
}
},
"title": "Collection of various x509 v3 extensions to be added to a CSR",
"type": "object"
}
CsrList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CsrList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CSR list.",
"items": {
"$ref": "Csr
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Csr queries result",
"type": "object"
}
CsrWithDaysValid (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Csr
},
"id": "CsrWithDaysValid",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"days_valid": {
"default": 825,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions,
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "CSR data with days valid",
"type": "object"
}
CsvListResult (type)
{
"abstract": true,
"description": "Base type for CSV result.",
"id": "CsvListResult",
"module_id": "CsvTypes",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
}
},
"type": "object"
}
CsvRecord (type)
{
"abstract": true,
"description": "Base type for CSV records.",
"id": "CsvRecord",
"module_id": "CsvTypes",
"type": "object"
}
CurrentBackupOperationStatus (type)
{
"additionalProperties": false,
"id": "CurrentBackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": false,
"title": "Unique identifier of current backup",
"type": "string"
},
"current_step": {
"enum": [
"BACKUP_CREATING_CLUSTER_BACKUP",
"BACKUP_CREATING_NODE_BACKUP"
],
"required": false,
"title": "Current step of operation",
"type": "string"
},
"current_step_message": {
"required": false,
"title": "Additional human-readable status information about current step",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation is expected to end"
},
"operation_type": {
"enum": [
"NONE",
"BACKUP"
],
"required": false,
"title": "Type of operation that is in progress. Returns none if no operation is in progress, in which case\nnone of the other fields will be set.\n",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was started"
}
},
"title": "Current backup operation status",
"type": "object"
}
CurrentRealizationStateBarrier (type)
{
"description": "The current global barrier number of the realized state",
"id": "CurrentRealizationStateBarrier",
"module_id": "RealizationStateBarrier",
"properties": {
"current_barrier_number": {
"description": "Gives the current global barrier number for NSX",
"readonly": true,
"required": true,
"type": "integer"
}
},
"type": "object"
}
CustomAttributeAction (type)
{
"additionalProperties": false,
"description": "Request Parameter which specify action to either add or remove the custom values.",
"id": "CustomAttributeAction",
"module_id": "PolicyContextProfile",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove Custom Context Profile Attribute values.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove Custom Context Profile Attribute values.",
"type": "string"
}
},
"title": "Request Parameters for Custom Context Profile Attributes",
"type": "object"
}
CustomFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom filter widget. For this widget the data source is not applicable. It defines ui identifer for filter UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "FilterWidgetConfiguration
},
"id": "CustomFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined filter component selector to be rendered inside view/container.",
"required": true,
"title": "UI identifier for filter component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom Filter widget Configuration",
"type": "object"
}
CustomSignatureModification (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CustomSignatureModification",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"overridden_signature": {
"$ref": "OverriddenSignature,
"description": "Overridden custom signature.",
"required": false,
"title": "overridden custom signature"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"raw_signature": {
"description": "IDS raw signature.",
"required": false,
"title": "IDS raw signature",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "IDS custom signature ID.",
"required": true,
"title": "IDS custom signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
CustomSignatureValidationPayload (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CustomSignatureValidationPayload",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deleted_signatures": {
"description": "List of deleted custom signature paths. Paths should be of type IdsCustomSignaturePreview. As the Validate action is only supported on Preview Signatures.",
"items": {
"type": "string"
},
"required": false,
"title": "List of deleted custom signature paths",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"modified_signatures": {
"description": "IDS custom signature modification collection.",
"items": {
"$ref": "CustomSignatureModification
},
"required": false,
"title": "IDS custom signature modification collection",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"revert_overridden_signatures": {
"description": "List of custom signature ids that need to be reverted to default action/state.",
"items": {
"type": "string"
},
"required": false,
"title": "List of custom signature ids that need to be reverted to default action/state",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
CustomWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom widget. For this widget the data source is not applicable. It defines ui identifer to identify UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "CustomWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined component selector to be rendered inside view/container.",
"title": "UI identifier for component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom widget Configuration",
"type": "object"
}
CvxConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a CVX type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "CvxConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "CvxConnectionInfo"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
}
},
"title": "CVX Connection Info",
"type": "object"
}
DADMode (type)
{
"additionalProperties": false,
"description": "Duplicate address detection modes.",
"enum": [
"LOOSE",
"STRICT"
],
"id": "DADMode",
"module_id": "Routing",
"title": "DAD Mode",
"type": "string"
}
DADProfile (type)
{
"additionalProperties": false,
"description": "Duplicate address detection profile.",
"extends": {
"$ref": "ManagedResource
},
"id": "DADProfile",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"dad_mode": {
"$ref": "DADMode,
"default": "LOOSE",
"required": false,
"title": "DAD Mode"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ns_retries": {
"default": 3,
"description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.",
"maximum": 10,
"minimum": 0,
"required": false,
"title": "NS retries count",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"wait_time": {
"default": 1,
"description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.",
"maximum": 60,
"minimum": 0,
"required": false,
"title": "Wait time",
"type": "integer"
}
},
"type": "object"
}
DADProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DADProfileListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DADProfile
},
"required": true,
"title": "Paginated list of DADProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DADStatus (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status for IP address on port.",
"enum": [
"DUPLICATED",
"TENTATIVE",
"ASSIGNED",
"NOT_APPLICABLE",
"UNKNOWN"
],
"id": "DADStatus",
"module_id": "LogicalRouterPorts",
"title": "DAD Status",
"type": "string"
}
DHGroup (type)
{
"additionalProperties": false,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit random Elliptic Curve (ECP) group. GROUP20 uses 384-bit random ECP group. GROUP21 uses 521-bit random ECP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16",
"GROUP19",
"GROUP20",
"GROUP21"
],
"id": "DHGroup",
"module_id": "IPSecVPN",
"title": "Diffie-Hellman groups",
"type": "string"
}
DNSForwarderStatisticsPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder statistics per enforcement point.",
"id": "DNSForwarderStatisticsPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the statistics are fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatistics"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder statistics per enforcement point",
"type": "object"
}
DNSForwarderStatusPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder status per enforcement point.",
"id": "DNSForwarderStatusPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the status is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatus"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder status per enforcement point",
"type": "object"
}
DSAppliedToType (type)
{
"enum": [
"NSGroup",
"LogicalSwitch",
"LogicalRouter",
"LogicalPort"
],
"id": "DSAppliedToType",
"module_id": "DistributedServices",
"title": "Resource type valid for use as AppliedTo filter in section API",
"type": "string"
}
DSExcludeList (type)
{
"abstract": true,
"description": "List of entities excluded for enforcing a service or a feature.",
"extends": {
"$ref": "ManagedResource
},
"id": "DSExcludeList",
"module_id": "DistributedServices",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"description": "Total number of members present in Exclude List.",
"readonly": true,
"required": false,
"title": "Total Member Count",
"type": "integer"
},
"members": {
"description": "List of members in Exclusion List",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "Member list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Exclusion List",
"type": "object"
}
DSInsertParameters (type)
{
"abstract": true,
"id": "DSInsertParameters",
"module_id": "DistributedServices",
"properties": {
"id": {
"maxLength": 64,
"required": false,
"title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.",
"type": "object"
}
DSListRequestParameters (type)
{
"abstract": true,
"description": "Pagination and Filtering parameters to get only a subset of sections/rules.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "DSListRequestParameters",
"module_id": "DistributedServices",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
}
},
"title": "Parameters to filter list of sections/rules.",
"type": "object"
}
DSRule (type)
{
"abstract": true,
"extends": {
"$ref": "EmbeddedResource
},
"id": "DSRule",
"module_id": "DistributedServices",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink,
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"action": {
"description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"REDIRECT",
"DO_NOT_REDIRECT",
"DETECT",
"ALLOW_CONTINUE",
"DETECT_PREVENT"
],
"readonly": false,
"required": true,
"title": "Action",
"type": "string"
},
"applied_tos": {
"description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Destination List",
"type": "array"
},
"destinations_excluded": {
"default": false,
"description": "Negation of the destination.",
"readonly": false,
"required": false,
"title": "Negation of destination",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": false,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": false,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"ip_protocol": {
"default": "IPV4_IPV6",
"description": "Type of IP packet that should be matched while enforcing the rule.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "Flag to indicate whether rule is default.",
"readonly": true,
"required": false,
"title": "Default rule",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"notes": {
"description": "User notes specific to the rule.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Notes",
"type": "string"
},
"priority": {
"description": "Priority of the rule.",
"readonly": true,
"required": false,
"title": "Rule priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"readonly": false,
"required": false,
"title": "Tag",
"type": "string"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Source List",
"type": "array"
},
"sources_excluded": {
"default": false,
"description": "Negation of the source.",
"readonly": false,
"required": false,
"title": "Negation of source",
"type": "boolean"
}
},
"type": "object"
}
DSRuleState (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Rule Realization State",
"extends": {
"$ref": "ConfigurationState
},
"id": "DSRuleState",
"module_id": "DistributedServices",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"revision_desired": {
"description": "This attribute represents revision number of rule's desired state.",
"readonly": true,
"required": false,
"title": "Desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Rule Realization State",
"type": "object"
}
DSSection (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource
},
"id": "DSSection",
"module_id": "DistributedServices",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DSSectionListResult (type)
{
"abstract": true,
"extends": {
"$ref": "ListResult
},
"id": "DSSectionListResult",
"module_id": "DistributedServices",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DSSectionQueryParameters (type)
{
"abstract": true,
"id": "DSSectionQueryParameters",
"module_id": "DistributedServices",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete of this object to all it's child objects.",
"type": "boolean"
}
},
"title": "Section query parameters",
"type": "object"
}
DSSectionState (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Section Realization Status",
"extends": {
"$ref": "ConfigurationState
},
"id": "DSSectionState",
"module_id": "DistributedServices",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"revision_desired": {
"description": "This attribute represents revision number of section's desired state.",
"readonly": true,
"required": false,
"title": "Section's desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Section Realization State",
"type": "object"
}
DSService (type)
{
"abstract": true,
"extends": {
"$ref": "ResourceReference
},
"id": "DSService",
"module_id": "DistributedServices",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"service": {
"$ref": "NSServiceElement,
"description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.",
"readonly": false,
"required": false,
"title": "Distributed Service Network and Security Service element"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
DVSConfig (type) (Deprecated)
{
"deprecated": true,
"id": "DVSConfig",
"module_id": "DistributedVirtualSwitch",
"properties": {
"host_infra_traffic_res": {
"description": "host_infra_traffic_res specifies bandwidth allocation for various traffic resources.",
"items": {
"$ref": "ResourceAllocation
},
"readonly": false,
"required": false,
"title": "Resource allocation associated with NiocProfile",
"type": "array"
},
"lacp_group_configs": {
"description": "It contains information about VMware specific multiple dynamic LACP groups.",
"items": {
"$ref": "LacpGroupConfigInfo
},
"readonly": false,
"required": false,
"title": "Array of Link Aggregation Control Protocol (LACP) configuration",
"type": "array"
},
"lldp_send_enabled": {
"default": false,
"required": false,
"title": "Enabled or disabled sending LLDP packets",
"type": "boolean"
},
"mtu": {
"minimum": 1600,
"required": false,
"title": "Maximum Transmission Unit used for uplinks",
"type": "int"
},
"name": {
"readonly": false,
"required": true,
"title": "The DVS name",
"type": "string"
},
"uplink_port_names": {
"description": "Names of uplink ports for this DVS.",
"items": {
"type": "string"
},
"minItems": 1,
"readonly": false,
"required": true,
"title": "Uplink port names",
"type": "array"
},
"uuid": {
"readonly": false,
"required": false,
"title": "The DVS uuid",
"type": "string"
}
},
"title": "The DVS Configuration",
"type": "object"
}
DailyTelemetrySchedule (type)
{
"extends": {
"$ref": "TelemetrySchedule
},
"id": "DailyTelemetrySchedule",
"module_id": "TelemetryConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DailyTelemetrySchedule"
},
"properties": {
"frequency_type": {
"description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.",
"required": true,
"title": "Frequency at which data will be collected",
"type": "string"
},
"hour_of_day": {
"description": "Hour at which data will be collected. Specify a value between 0 through 23.",
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Hour at which data will be collected",
"type": "integer"
},
"minutes": {
"default": 0,
"description": "Minute at which data will be collected. Specify a value between 0 through 59.",
"maximum": 59,
"minimum": 0,
"required": false,
"title": "Minute at which data will be collected",
"type": "integer"
}
},
"type": "object"
}
DashboardSummaryListRequestQueryParameters (type)
{
"description": "Represents the query parameters, such as the tenancy context and the pagination properties, that the dashboard APIs (ids-summary, affected-vms) accept.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "DashboardSummaryListRequestQueryParameters",
"module_id": "PolicyIDSMetrics",
"properties": {
"context": {
"$ref": "TenancyContextQueryParameter
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Query parameters passed to the dashboard APIs",
"type": "object"
}
DataCounter (type)
{
"id": "DataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"dropped": {
"required": false,
"title": "The dropped packets or bytes",
"type": "integer"
},
"multicast_broadcast": {
"required": false,
"title": "The multicast and broadcast packets or bytes",
"type": "integer"
},
"total": {
"required": true,
"title": "The total packets or bytes",
"type": "integer"
}
},
"type": "object"
}
DataPathL3 (type)
{
"id": "DataPathL3",
"module_id": "ObservabilityCounters",
"properties": {
"arp_hold_pkt_drops": {
"description": "The drops of packet(IPv4) pending on ARP resolution.",
"required": false,
"type": "integer"
},
"drop_route_ipv4_drops": {
"description": "Packet(IPv4) matching drop routes.",
"required": false,
"type": "integer"
},
"drop_route_ipv6_drops": {
"description": "Packet(IPv6) matching drop routes.",
"required": false,
"type": "integer"
},
"no_route_ipv4_drops": {
"description": "No IPv4 routes.",
"required": false,
"type": "integer"
},
"no_route_ipv6_drops": {
"description": "No IPv6 routes.",
"required": false,
"type": "integer"
},
"ns_hold_pkt_drops": {
"description": "The drops of packet(IPv6) pending on neighbor resolution.",
"required": false,
"type": "integer"
},
"pkt_attr_error_drops": {
"description": "Packets which failed attribute operation.",
"required": false,
"type": "integer"
},
"rpf_ipv4_drops": {
"description": "Reverse path forwarding drops of packet(IPv4).",
"required": false,
"type": "integer"
},
"rpf_ipv6_drops": {
"description": "Reverse path forwarding drops of packet(IPv6).",
"required": false,
"type": "integer"
},
"rx_pkt_parsing_error_drops": {
"description": "Packets failed to be parsed.",
"required": false,
"type": "integer"
},
"ttl_ipv4_drops": {
"description": "Packet(IPv4) drops due to low TTL.",
"required": false,
"type": "integer"
},
"ttl_ipv6_drops": {
"description": "Packet(IPv6) drops due to low TTL.",
"required": false,
"type": "integer"
},
"tx_dispatch_queue_too_long_drops": {
"description": "Packets being tail dropped in the txDispatchQueue.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DataSourceParameters (type)
{
"id": "DataSourceParameters",
"module_id": "Types",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
DataSourceType (type)
{
"enum": [
"realtime",
"cached"
],
"id": "DataSourceType",
"module_id": "Types",
"title": "Data source type.",
"type": "string"
}
DataTypeCollectionConfiguration (type)
{
"id": "DataTypeCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"collection_frequency": {
"description": "The frequency in seconds at which data is collected",
"maximum": 86400,
"minimum": 15,
"required": true,
"title": "Data Collection Frequency In Seconds",
"type": "integer"
},
"data_type": {
"description": "Defines the type of data being collected",
"enum": [
"STATUS",
"STATISTICS"
],
"required": true,
"title": "Data type",
"type": "string"
}
},
"title": "Data type collection configuration",
"type": "object"
}
DatapathCounterResult (type)
{
"description": "The datapath counter result.",
"id": "DatapathCounterResult",
"module_id": "LiveTrace",
"properties": {
"module_counters": {
"description": "The data of the datapath module counters.",
"items": {
"$ref": "DatapathModuleCounter
},
"readonly": true,
"required": true,
"title": "The counters of the datapath module",
"type": "array"
},
"module_name": {
"description": "The name of the datapath module (e.g., VDL2, VDR).",
"readonly": true,
"required": true,
"title": "The name of the datapath module",
"type": "string"
}
},
"title": "Datapath counter result",
"type": "object"
}
DatapathModuleCounter (type)
{
"description": "The counter of the datapath module.",
"id": "DatapathModuleCounter",
"module_id": "LiveTrace",
"properties": {
"counter_name": {
"description": "The name of the counter.",
"readonly": true,
"required": true,
"title": "The name of the counter",
"type": "string"
},
"counter_value": {
"description": "The value of the counter.",
"readonly": true,
"required": true,
"title": "The value of the counter",
"type": "integer"
}
},
"title": "The counter of the datapath module",
"type": "object"
}
DatapathPacketDrops (type)
{
"id": "DatapathPacketDrops",
"module_id": "ObservabilityCounters",
"properties": {
"broadcast_rate_limiting_packet_drops": {
"description": "Drops due to broadcast rate limiting.",
"required": false,
"type": "integer"
},
"fastpath_packet_drops": {
"description": "Drops by the Fastpath.",
"required": false,
"type": "integer"
},
"firewall_flood_limit_packet_drops": {
"description": "Firewall flood limit drops.",
"required": false,
"type": "integer"
},
"firewall_internal_error_packet_drops": {
"description": "Drops due to Firewall detected internal error.",
"required": false,
"type": "integer"
},
"firewall_malformed_packet_drops": {
"description": "Drop due to Firewall detected malformed packet.",
"required": false,
"type": "integer"
},
"firewall_packet_rejects": {
"description": "Drops due to Firewall packet rejects.",
"required": false,
"type": "integer"
},
"firewall_rule_received_packet_drops": {
"description": "Firewall rule drops at RX.",
"required": false,
"type": "integer"
},
"firewall_rule_transmitted_packet_drops": {
"description": "Firewall rule drops at TX.",
"required": false,
"type": "integer"
},
"firewall_state_check_packet_drops": {
"description": "Firewall state check drops.",
"required": false,
"type": "integer"
},
"firewall_state_table_full_packet_drops": {
"description": "Drops due to Firewall state table full.",
"required": false,
"type": "integer"
},
"firewall_total_packet_drops": {
"description": "Firewall total packet drops.",
"required": false,
"type": "integer"
},
"hostswitch_network_mismatch_packet_drops": {
"description": "RX Drops at vswitch due to network mismatch.",
"required": false,
"type": "integer"
},
"hostswitch_received_forged_mac_packet_drops": {
"description": "RX drops at vswtich due to forged mac.",
"required": false,
"type": "integer"
},
"l3_hop_limit_packet_drops": {
"description": "L3 Drops due to hop limit (TTL).",
"required": false,
"type": "integer"
},
"l3_neighbor_unreachable_packet_drops": {
"description": "L3 Drops due to unreachable neighbor.",
"required": false,
"type": "integer"
},
"l3_no_route_packet_drops": {
"description": "L3 Drops due to no route.",
"required": false,
"type": "integer"
},
"l3_reverse_path_forwarding_packet_drops": {
"description": "L3 drops due to reverse path forwarding.",
"required": false,
"type": "integer"
},
"overlay_received_packet_drops": {
"description": "Overlay RX drops.",
"required": false,
"type": "integer"
},
"overlay_transmitted_packet_drops": {
"description": "Overlay TX drops.",
"required": false,
"type": "integer"
},
"overlay_uplink_received_packet_drops": {
"description": "Overlay uplink RX drops.",
"required": false,
"type": "integer"
},
"overlay_uplink_transmitted_packet_drops": {
"description": "Overlay uplink TX drops.",
"required": false,
"type": "integer"
},
"packet_parsing_error_drops": {
"description": "Drops due to parsing errors.",
"required": false,
"type": "integer"
},
"spoof_guard_packet_drops": {
"description": "Drops due to spoofguard.",
"required": false,
"type": "integer"
},
"workload_bpdu_filter_packet_drops": {
"description": "Drops due to BPDU filtering.",
"required": false,
"type": "integer"
},
"workload_dhcp_not_allowed_packet_drops": {
"description": "Drops due to workload DHCP not allowed.",
"required": false,
"type": "integer"
},
"workload_ipv6_ra_guard_packet_drops": {
"description": "Drops due to workload ipv6 router advertisement guard.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DatapathStatsActionArgument (type)
{
"id": "DatapathStatsActionArgument",
"module_id": "LiveTrace",
"properties": {
"datapath_stats_type": {
"description": "Type of datapath statistics action. UNI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port. BI_DIRECTIONAL - Perform the datapath statistics action for the traffic ingressed from the source logical port and the destination logical port, respectively.",
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"readonly": true,
"required": true,
"title": "Type of datapath statistics action",
"type": "string"
},
"dest_lport": {
"description": "It is required only when the type of datapath statistics action is bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional datapath statistics action",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "It takes effect only when the type of datapath statistics action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
}
},
"type": "object"
}
DatapathStatsActionConfig (type)
{
"id": "DatapathStatsActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "DatapathStatsActionArgument,
"description": "Action argument for datapath statistics.",
"readonly": true,
"required": true,
"title": "Action argument for datapath statistics"
},
"sampling_argument": {
"$ref": "SamplingArgument,
"description": "Only first-N sampling is supported and the maximum sampling number is 65535.",
"readonly": true,
"required": false,
"title": "Sample argument for datapath statistics"
}
},
"type": "object"
}
DatapathStatsResult (type)
{
"description": "The datapath statistics action result.",
"id": "DatapathStatsResult",
"module_id": "LiveTrace",
"properties": {
"direction": {
"enum": [
"FORWARD",
"REVERSE"
],
"readonly": true,
"required": false,
"title": "Direction of datapath statistics action result",
"type": "string"
},
"transport_node_datapath_stats": {
"description": "The datapath statistics for transport nodes.",
"items": {
"$ref": "TransportNodeDatapathStats
},
"readonly": true,
"required": false,
"title": "Datapath statistics for transport nodes",
"type": "array"
}
},
"title": "Datapath statistics action result",
"type": "object"
}
Datasource (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "Datasource",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"display_name": {
"description": "Name of a datasource instance.",
"maxLength": 255,
"required": true,
"title": "Datasource instance's display name",
"type": "string"
},
"keystore_info": {
"$ref": "KeyStoreInfo,
"description": "Key Store information for all the url aliases defined in datasource. Use this property if key store information is same for each url aliases in the datasource.",
"title": "Key Store Info"
},
"urls": {
"description": "Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance.",
"items": {
"$ref": "UrlAlias
},
"required": true,
"title": "Array of relative urls and their aliases",
"type": "array"
}
},
"title": "Datasource Instance",
"type": "object"
}
DatetimeUTC (type)
{
"description": "Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'",
"id": "DatetimeUTC",
"title": "Datetime string in UTC",
"type": "string"
}
DecryptionFailAction (type)
{
"additionalProperties": false,
"description": "Action to take when TLS handshake fails.",
"enum": [
"BLOCK",
"BYPASS"
],
"help_summary": "Use of 'BLOCK' will terminate subsequent connections.\nUse of 'BYPASS' will remember handshake failure and not intercept subsequent.\nconnections.\n",
"id": "DecryptionFailAction",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "TLS handshake fail action",
"type": "string"
}
DedicatedResources (type)
{
"additionalProperties": false,
"description": "To assign dedicated resources from default project to custom project for logging. Resources dedicated to this project for logging cannot be dedicated to other projects.",
"id": "DedicatedResources",
"module_id": "PolicyProject",
"properties": {
"tier_0s": {
"description": "Logs for Tier0s mentioned will have this project's context. Tier0s or labels mentioned under dedicated_resources should also be part of tier_0s under project payload. Label should have reference of Tier0 path.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of Tier0s paths or label path dedicated to this Project for logging.",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_TIER0_DEDICATED_RESOURCES_RELATIONSHIP",
"rightType": [
"Tier0",
"Label"
]
}
]
}
},
"title": "Dedicated Resources to Project for Logging",
"type": "object"
}
DefaultFilterValue (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "DefaultFilterValue",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Filter alias.",
"required": true,
"title": "Filter alias",
"type": "string"
},
"value": {
"description": "Filter default value.",
"required": true,
"title": "Filter default value",
"type": "string"
}
},
"title": "Default filter values",
"type": "object"
}
DeleteMigrationDataFileSpec (type)
{
"additionalProperties": false,
"id": "DeleteMigrationDataFileSpec",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file_type": {
"enum": [
"VRA_INPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING"
],
"readonly": false,
"required": true,
"title": "Type of the Migration data file that needs to be deleted.",
"type": "string"
}
},
"type": "object"
}
DeleteRemoteDirectoryProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "DeleteRemoteDirectoryProperties",
"properties": {
"directory_path": {
"description": "Directory Path which needs to be retained",
"required": false,
"title": "Directory Path",
"type": "string"
},
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "SftpProtocol,
"description": "Protocol to use to delete directory",
"required": true,
"title": "Protocol to use to delete directory"
},
"server": {
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
DeleteRequestParameters (type)
{
"additionalProperties": {},
"id": "DeleteRequestParameters",
"module_id": "Common",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Parameters that affect how delete operations are processed",
"type": "object"
}
DependentServices (type)
{
"additionalProperties": false,
"id": "DependentServices",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"dependent_services": {
"description": "List of firewall dependent services.",
"items": {
"type": "string"
},
"title": "List of firewall dependent services",
"type": "array"
}
},
"type": "object"
}
DeploymentChecksAction (type)
{
"additionalProperties": false,
"description": "Pre/Post deployment checks.",
"id": "DeploymentChecksAction",
"module_id": "PolicyCloudNative",
"properties": {
"action": {
"description": "Run pre/post deployment checks. PRE_CHECKS - Run pre-check before deployment. POST_CHECKS - Run post-check after deployment. ABORT_CHECKS - Abort running pre/post deployement checks.",
"enum": [
"PRE_CHECKS",
"POST_CHECKS",
"ABORT_CHECKS"
],
"required": true,
"title": "Pre/post deployment checks",
"type": "string"
}
},
"title": "Deployment checks",
"type": "object"
}
DeploymentChecksExecutionRequired (type)
{
"additionalProperties": false,
"description": "Request for pre/post checks execution required or not.",
"id": "DeploymentChecksExecutionRequired",
"module_id": "PolicyCloudNative",
"properties": {
"form_factor": {
"$ref": "FormFactorType,
"description": "Form factor in use for deployment.",
"required": true,
"title": "Deployment form factor"
}
},
"title": "Request for pre/post checks execution required or not",
"type": "object"
}
DeploymentChecksExecutionRequiredResult (type)
{
"additionalProperties": false,
"description": "Result for pre/post checks execution required or not.",
"id": "DeploymentChecksExecutionRequiredResult",
"module_id": "PolicyCloudNative",
"properties": {
"is_required": {
"default": true,
"description": "Flag for pre/post checks execution required or not.",
"title": "Flag for pre/post checks required",
"type": "boolean"
}
},
"title": "Result for pre/post checks execution required or not",
"type": "object"
}
DeploymentChecksStatus (type)
{
"additionalProperties": false,
"description": "Pre/Post deployment status.",
"id": "DeploymentChecksStatus",
"module_id": "PolicyCloudNative",
"properties": {
"description": {
"description": "Show more information about pre/post check performed.",
"title": "More detail about check",
"type": "string"
},
"name": {
"title": "Name of pre/post check",
"type": "string"
},
"reason": {
"description": "Reason for failure of pre/post check. Otherwise empty.",
"title": "Reason in case of pre/post check failure",
"type": "string"
},
"status": {
"description": "Status pre/post check. SUCCESS - Successfully completed pre/post check. FAILED - Failed pre/post check. WARNING - Warning in pre/post check. SKIPPED - Pre/post check skipped. IN_PROGRESS - Pre/post check in progress. STOPPING - Stopping pre/post check. STOPPED - Pre/post check stopped. NOT_STARTED - Pre/post check not started",
"enum": [
"SUCCESS",
"FAILED",
"WARNING",
"SKIPPED",
"IN_PROGRESS",
"STOPPING",
"STOPPED",
"NOT_STARTED"
],
"title": "Status of pre/post checks",
"type": "string"
}
},
"title": "Pre/Post deployment status",
"type": "object"
}
DeploymentChecksStatusResult (type)
{
"additionalProperties": false,
"description": "List of pre/post checks status.",
"id": "DeploymentChecksStatusResult",
"module_id": "PolicyCloudNative",
"properties": {
"results": {
"description": "Array of pre/post deployment checks.",
"items": {
"$ref": "DeploymentChecksStatus
},
"title": "Array of pre/post deployment checks",
"type": "array"
}
},
"title": "Status of pre/post checks",
"type": "object"
}
DeploymentConfig (type)
{
"additionalProperties": false,
"id": "DeploymentConfig",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"enum": [
"VsphereDeploymentConfig"
],
"required": true,
"type": "string"
}
},
"type": "object"
}
DeploymentProgressStatus (type)
{
"additionalProperties": false,
"description": "Progress status of deployment.",
"id": "DeploymentProgressStatus",
"module_id": "PolicyCloudNative",
"properties": {
"error_message": {
"description": "Errors during deployment.",
"items": {
"type": "string"
},
"title": "Error message",
"type": "array"
},
"overall_status": {
"description": "Progress status of deployment. DEPLOYMENT_IN_PROGRESS - Deployment in progress. UNDEPLOYMENT_IN_PROGRESS - Undeployment in progress. UPGRADE_IN_PROGRESS - Upgrade in progress. UPDATE_IN_PROGRESS - Update in progress. DEPLOYMENT_QUEUED - Deployment queued. UNDEPLOYMENT_QUEUED - Undeployment queued. UPDATE_QUEUED - Update queued. DEPLOYMENT_SUCCESSFUL - Deployment successful. UNDEPLOYMENT_SUCCESSFUL - Undeployment successful. UPGRADE_SUCCESSFUL - Upgrade successful. UPDATE_SUCCESSFUL - Update successful. DEPLOYMENT_FAILED - Deployment failed. UNDEPLOYMENT_FAILED - Undeployment failed. UPGRADE_FAILED - Upgrade failed. UPDATE_FAILED - Update failed. NOT_DEPLOYED - Deployment pending.",
"enum": [
"DEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_IN_PROGRESS",
"UPGRADE_IN_PROGRESS",
"UPDATE_IN_PROGRESS",
"DEPLOYMENT_QUEUED",
"UNDEPLOYMENT_QUEUED",
"UPDATE_QUEUED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_SUCCESSFUL",
"UPDATE_SUCCESSFUL",
"DEPLOYMENT_FAILED",
"UNDEPLOYMENT_FAILED",
"UPGRADE_FAILED",
"UPDATE_FAILED",
"NOT_DEPLOYED"
],
"required": true,
"title": "Progress status of deployment",
"type": "string"
},
"percentage": {
"description": "Percentage completed for deployment.",
"title": "Percentage completed",
"type": "integer"
},
"progress_message": {
"description": "More information about progress.",
"title": "Progress message",
"type": "string"
}
},
"title": "Progress status of deployment/undeployment/upgrade",
"type": "object"
}
DeploymentRegistry (type)
{
"additionalProperties": false,
"description": "Template for storing docker registry and helm url.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DeploymentRegistry",
"module_id": "PolicyCloudNative",
"policy_hierarchical_children": [
"ChildDeploymentRegistry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Helm repo certificate to access locally hosted helm repository",
"required": false,
"title": "Private CA or Self Signed Certificate ID.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"docker_registry": {
"description": "Docker registry url to access docker images.",
"required": true,
"title": "Docker registry url",
"type": "string"
},
"helm_repo": {
"description": "Helm repo url to access helm charts.",
"required": true,
"title": "Helm repo url",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NSX Application Platform registry template",
"type": "object"
}
DeploymentSpecName (type)
{
"description": "Used to provide the deployment spec for Upgrade.",
"id": "DeploymentSpecName",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"deployment_spec_name": {
"description": "This indicates the deployment spec.",
"readonly": true,
"required": true,
"title": "Deployment Spec Name",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC.",
"readonly": true,
"required": false,
"title": "Storage Id",
"type": "string"
}
},
"title": "Deployment spec to be used in upgrade",
"type": "object"
}
DeploymentTemplate (type)
{
"description": "Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX.",
"id": "DeploymentTemplate",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Deployment Template attributes",
"type": "array"
},
"name": {
"description": "Deployment Template name.",
"readonly": false,
"required": false,
"title": "name",
"type": "string"
}
},
"title": "Service Deployment Template",
"type": "object"
}
DeploymentVersionSpec (type)
{
"additionalProperties": false,
"description": "Deployment version with chart name",
"id": "DeploymentVersionSpec",
"module_id": "PolicyCloudNative",
"properties": {
"chart_name": {
"description": "Deployment chart name.",
"title": "Chart name",
"type": "string"
},
"versions": {
"description": "List of deployment versions.",
"title": "Deployment versions",
"type": "string"
}
},
"title": "Deployment version",
"type": "object"
}
DeploymentVersions (type)
{
"additionalProperties": false,
"description": "Different NSX Application Platform deployment versions.",
"id": "DeploymentVersions",
"module_id": "PolicyCloudNative",
"properties": {
"versions": {
"description": "List of deployment versions.",
"items": {
"$ref": "DeploymentVersionSpec
},
"title": "Deployment versions",
"type": "array"
}
},
"title": "List of deployment versions",
"type": "object"
}
DeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Logical grouping of enforcement points. This is a deprecated type. DeploymentZone has been renamed to Site. Use Site.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildEnforcementPoint"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_points": {
"items": {
"$ref": "EnforcementPoint
},
"required": false,
"title": "Logical grouping of enforcement points",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Deployment zone",
"type": "object"
}
DeploymentZoneListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DeploymentZone list request parameters. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListRequestParameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DeploymentZoneListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DeploymentZone list request parameters",
"type": "object"
}
DeploymentZoneListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Paged Collection of Deployment Zones. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListResult.",
"extends": {
"$ref": "ListResult
},
"id": "DeploymentZoneListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DeploymentZone
},
"required": true,
"title": "Deployment Zones",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Deployment Zones",
"type": "object"
}
DestinationNsxApiEndpoint (type)
{
"additionalProperties": false,
"description": "Details about the destination NSX manager for the migration",
"id": "DestinationNsxApiEndpoint",
"module_id": "Migration",
"properties": {
"destination_nsx_ip": {
"description": "IP address or host name of the destination NSX manager to which the config will be migrated.",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "Destination NSX IP ddress or host name",
"type": "string"
},
"destination_nsx_password": {
"description": "Valid password for connecting to the destination NSX manager.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Password for destination NSX manager",
"type": "secure_string"
},
"destination_nsx_port": {
"default": 443,
"description": "Destination NSX manager port that will be used to apply details.",
"readonly": false,
"required": false,
"title": "Destination NSX manager port",
"type": "int"
},
"destination_nsx_username": {
"description": "Valid username for connecting to the destination NSX manager.",
"readonly": false,
"required": false,
"title": "Username for destination NSX manager",
"type": "string"
}
},
"title": "Destination NSX manager details",
"type": "object"
}
DetachClusterParameters (type)
{
"id": "DetachClusterParameters",
"module_id": "ClusterBootManager",
"properties": {
"force": {
"enum": [
"true",
"false"
],
"type": "string"
},
"graceful-shutdown": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
},
"ignore-repository-ip-check": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
}
},
"type": "object"
}
DfwDropCounters (type)
{
"id": "DfwDropCounters",
"module_id": "AggSvcL2Types",
"properties": {
"rx_dropped": {
"description": "The number of received packets dropped by distributed firewall rules due to rule actions.",
"required": false,
"title": "Number of received packets dropped by firewall.",
"type": "integer"
},
"tx_dropped": {
"description": "The number of sent packets dropped by distributed firewall rules due to rule actions.",
"required": false,
"title": "Number of sent packets dropped by firewall.",
"type": "integer"
}
},
"type": "object"
}
DfwFirewallConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FirewallConfiguration
},
"id": "DfwFirewallConfiguration",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildIdsSettings",
"ChildPolicyExcludeList"
],
"polymorphic-type-descriptor": {
"type-identifier": "DfwFirewallConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To deactivate auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft deactivate flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_macset_optimization_mode_enabled": {
"default": false,
"description": "MACSet optimization is turned on when this flag is set to true. By default it is set to false.",
"title": "Global MACSet Optimization Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idfw_enabled": {
"default": false,
"description": "If set to true, identity firewall is enabled.",
"title": "Identity firewall enable flag",
"type": "boolean"
},
"idfw_event_log_scraper_enabled": {
"default": false,
"description": "Enables event log scraping for Identity firewall.",
"title": "Enable event log scraping",
"type": "boolean"
},
"idfw_loginsight_enabled": {
"default": false,
"description": "If set to true, collection of login/logout events from Loginsight server is enabled.",
"title": "Enable Loginsight server for Identity Firewall",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DFW Firewall related configurations",
"type": "object"
}
DfwHeapMemoryUsage (type)
{
"additionalProperties": false,
"description": "Distributed Firewall heap memory utilization.",
"id": "DfwHeapMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"description": {
"description": "Description of the DFW module.",
"readonly": true,
"title": "Description of the DFW module",
"type": "string"
},
"name": {
"description": "Name of the DFW heap on specified host.",
"readonly": true,
"title": "Name of the DFW module",
"type": "string"
},
"total_mb": {
"description": "Total size of heap for the specified heap in mb units.",
"readonly": true,
"title": "Total size of heap for the specified heap in mb units",
"type": "integer"
},
"usage_pct": {
"description": "Percentage of heap utilized for specific heap.",
"readonly": true,
"title": "Percentage of heap utilized for specific heap",
"type": "number"
},
"used_mb": {
"description": "Utilized size of heap for the specified heap in mb units.",
"readonly": true,
"title": "Utilized size of heap for the specified heap in mb units",
"type": "integer"
}
},
"title": "DFW heap memory usage",
"type": "object"
}
DhGroup (type)
{
"additionalProperties": false,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16",
"GROUP19",
"GROUP20",
"GROUP21"
],
"id": "DhGroup",
"module_id": "PolicyVpnIPSecVpn",
"title": "Diffie-Hellman groups",
"type": "string"
}
DhcpConfig (type)
{
"description": "DHCP config. This dhcp configuration can be overriden per subnet.",
"id": "DhcpConfig",
"module_id": "PolicyVpc",
"properties": {
"dhcp_relay_config_path": {
"description": "Policy path of DHCP-relay-config. If configured then all the subnets will be configured with the DHCP relay server. If not specified, then the local DHCP server will be configured for all connected subnets.",
"required": false,
"title": "DHCP relay config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"dns_client_config": {
"$ref": "DnsClientConfig,
"description": "Dns configuration",
"required": false,
"title": "Dns client configuration"
},
"enable_dhcp": {
"description": "If activated, the DHCP server will be configured based on IP address type. If deactivated then neither DHCP server nor relay shall be configured.",
"required": false,
"title": "Activate or Deactivate DHCP",
"type": "boolean"
}
},
"title": "DHCP configuration",
"type": "object"
}
DhcpDeleteLeaseRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "DhcpDeleteLeaseRequestParameters",
"module_id": "Dhcp",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true
},
"mac": {
"$ref": "MACAddress,
"required": true
}
},
"type": "object"
}
DhcpDeleteLeases (type)
{
"additionalProperties": false,
"id": "DhcpDeleteLeases",
"module_id": "PolicyConnectivity",
"properties": {
"leases": {
"items": {
"$ref": "DhcpDeleteLeaseRequestParameters
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "List of DHCP leases",
"type": "array"
}
},
"title": "List of DHCP leases to be deleted",
"type": "object"
}
DhcpFilter (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpFilter",
"module_id": "SwitchSecuritySwitchingProfile",
"properties": {
"client_block_enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether DHCP client blocking is enabled",
"type": "boolean"
},
"server_block_enabled": {
"readonly": false,
"required": true,
"title": "Indicates whether DHCP server blocking is enabled",
"type": "boolean"
},
"v6_client_block_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indiactes whether DHCP v6 client blocking is enabled",
"type": "boolean"
},
"v6_server_block_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indiactes whether DHCP V6 server blocking is enabled",
"type": "boolean"
}
},
"title": "DHCP filtering configuration",
"type": "object"
}
DhcpHeader (type)
{
"additionalProperties": false,
"id": "DhcpHeader",
"module_id": "Traceflow",
"properties": {
"op_code": {
"default": "BOOTREQUEST",
"description": "This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY.",
"enum": [
"BOOTREQUEST",
"BOOTREPLY"
],
"required": false,
"title": "Message op code / message type",
"type": "string"
}
},
"type": "object"
}
DhcpIpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP ip-pool to define dynamic ip allocation ranges.",
"extends": {
"$ref": "IpAllocationBase
},
"id": "DhcpIpPool",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ranges": {
"description": "Ip-ranges to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange
},
"required": true,
"title": "Ip-ranges",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_threshold": {
"default": 100,
"description": "Error threshold. Alert will be raised if the pool usage reaches the given threshold.",
"maximum": 100,
"minimum": 80,
"required": false,
"title": "Error threshold, valid [80-100], default 100",
"type": "integer"
},
"gateway_ip": {
"$ref": "IPAddress,
"description": "Gateway ip address of the allocation.",
"required": false,
"title": "Gateway ip"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"options": {
"$ref": "DhcpOptions,
"description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"warning_threshold": {
"default": 80,
"description": "Warning threshold. Alert will be raised if the pool usage reaches the given threshold.",
"maximum": 80,
"minimum": 50,
"required": false,
"title": "Warning threshold, valid [50-80], default 80",
"type": "integer"
}
},
"title": "DHCP ip-pool",
"type": "object"
}
DhcpIpPoolListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP ip pools.",
"extends": {
"$ref": "ListResult
},
"id": "DhcpIpPoolListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP ip pools.",
"items": {
"$ref": "DhcpIpPool
},
"required": true,
"title": "Paginated list of DHCP ip pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP ip pools",
"type": "object"
}
DhcpIpPoolUsage (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpIpPoolUsage",
"module_id": "AggSvcDhcp",
"properties": {
"allocated_number": {
"required": true,
"title": "allocated number. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"allocated_percentage": {
"required": true,
"title": "allocated percentage. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"dhcp_ip_pool_id": {
"required": true,
"title": "uuid of dhcp ip pool",
"type": "string"
},
"pool_size": {
"required": true,
"title": "pool size",
"type": "integer"
}
},
"type": "object"
}
DhcpLeasePerIP (type)
{
"id": "DhcpLeasePerIP",
"module_id": "AggSvcDhcp",
"properties": {
"expire_time": {
"required": false,
"title": "expire time of the lease",
"type": "string"
},
"ip_address": {
"required": true,
"title": "ip address of client",
"type": "string"
},
"lease_time": {
"required": false,
"title": "lease time of the ip address, in seconds",
"type": "string"
},
"mac_address": {
"required": true,
"title": "mac address of client",
"type": "string"
},
"start_time": {
"required": true,
"title": "start time of lease",
"type": "string"
},
"subnet": {
"required": false,
"title": "subnet of client network",
"type": "string"
}
},
"type": "object"
}
DhcpLeaseRequestParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "DataSourceParameters
},
"id": "DhcpLeaseRequestParameters",
"module_id": "AggSvcDhcp",
"properties": {
"address": {
"required": false,
"title": "can be an ip address, or an ip range, or a mac address",
"type": "string"
},
"pool_id": {
"required": false,
"title": "The uuid of dhcp ip pool",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
DhcpLeases (type)
{
"extends": {
"$ref": "ListResult
},
"id": "DhcpLeases",
"module_id": "AggSvcDhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"ipv6_leases": {
"items": {
"$ref": "DhcpV6Lease
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The ipv6 lease info list of the server",
"type": "array"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpLeasesResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpLeases
},
"id": "DhcpLeasesResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"connectivity_path": {
"description": "Policy path to Segment, Tier0 or Tier1 gateway where DHCP server is attached.",
"required": false,
"title": "Policy path to Segment, Tier0 or Tier1 gateway",
"type": "string"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"ipv6_leases": {
"items": {
"$ref": "DhcpV6Lease
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The ipv6 lease info list of the server",
"type": "array"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpOption121 (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP option 121 to define classless static route.",
"id": "DhcpOption121",
"module_id": "Dhcp",
"properties": {
"static_routes": {
"description": "Classless static route of DHCP option 121.",
"items": {
"$ref": "ClasslessStaticRoute
},
"maxItems": 27,
"minItems": 1,
"required": true,
"title": "DHCP classless static routes",
"type": "array"
}
},
"title": "DHCP option 121",
"type": "object"
}
DhcpOptions (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Define DHCP options of the DHCP service.",
"id": "DhcpOptions",
"module_id": "Dhcp",
"properties": {
"option121": {
"$ref": "DhcpOption121,
"description": "DHCP option 121 to define classless static routes. Once Option 121 was defined, Option 249 will be auto-generated because they are equivalent.",
"required": false,
"title": "Option 121"
},
"others": {
"customValidation": {
"OPTION_117_NAME_SERVICE_SEARCH": {
"allowedValues": [
0,
6,
41,
44,
65
],
"code": 117,
"maxItems": 5,
"validator": "exact_match"
},
"OPTION_13_BOOT_FILE_SIZE": {
"code": 13,
"maxItems": 1,
"maximum": 65535,
"minimum": 1,
"validator": "range"
},
"OPTION_150_TFTP_SERVER_ADDRESSES": {
"code": 150,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_19_IP_FORWARDING_ENABLED": {
"allowedValues": [
0,
1
],
"code": 19,
"maxItems": 1,
"validator": "exact_match"
},
"OPTION_209_PXE_CONFIG_FILE": {
"code": 209,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_210_PATH_PREFIX": {
"code": 210,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_211_REBOOT_TIME": {
"code": 211,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_26_MTU": {
"code": 26,
"maxItems": 1,
"maximum": 65535,
"minimum": 68,
"validator": "range"
},
"OPTION_28_BROADCAST_ADDRESS": {
"code": 28,
"maxItems": 1,
"validator": "ip_address"
},
"OPTION_2_TIME_OFFSET": {
"code": 2,
"maxItems": 1,
"maximum": 43200,
"minimum": -43200,
"validator": "range"
},
"OPTION_35_ARP_CACHE_TIMEOUT": {
"code": 35,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_40_NIS_DOMAIN_NAME": {
"code": 40,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_41_NIS_SERVERS": {
"code": 41,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_42_NTP_SERVERS": {
"code": 42,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_44_NETBIOS_SERVERS": {
"code": 44,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_45_NETBIOS_DIST_SERVERS": {
"code": 45,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_46_NETBIOS_NODE_TYPE": {
"allowedValues": [
1,
2,
4,
8
],
"code": 46,
"maxItems": 4,
"validator": "exact_match"
},
"OPTION_47_NETBIOS_SCOPE": {
"code": 47,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_58_RENEW_TIME": {
"code": 58,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_59_REBINDING_TIME": {
"code": 59,
"maxItems": 1,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"OPTION_65_NIS_SERVER_ADDRESSES": {
"code": 65,
"maxItems": 63,
"validator": "ip_address"
},
"OPTION_66_TFTFP_SERVER_NAME": {
"code": 66,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_67_PXE_BOOT_FILE": {
"code": 67,
"maxItems": 1,
"maximum": 255,
"validator": "length"
},
"OPTION_6_DNS_SERVERS": {
"code": 6,
"maxItems": 2,
"validator": "ip_address"
},
"key": "code",
"keyType": "int",
"namespace": "GenericDhcpOptionOther"
},
"description": "To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time",
"items": {
"$ref": "GenericDhcpOption
},
"maxItems": 255,
"minItems": 0,
"required": false,
"title": "Generic DHCP options other than option 121",
"type": "array"
}
},
"title": "DHCP options",
"type": "object"
}
DhcpProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP profile to specify edge cluster and members on which the dhcp server will run. A DhcpProfile can be referenced by different logical DHCP servers.",
"extends": {
"$ref": "ManagedResource
},
"id": "DhcpProfile",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"description": "Edge cluster uuid on which the referencing logical DHCP server runs.",
"required": true,
"title": "Edge cluster uuid",
"type": "string"
},
"edge_cluster_member_indexes": {
"description": "The Edge nodes on which the DHCP servers run. If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If only one edge node is provided, the DHCP servers will run without HA support.",
"items": {
"type": "integer"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "Edge node indexes",
"type": "array",
"uniqueItems": true
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable the auto-relocation of standby DHCP Service in case of edge node failure. Only tier 1 and auto placed DHCP servers are considered for the relocation.",
"required": false,
"title": "Flag to enable standby DHCP server relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP profile to specify edge cluster and members",
"type": "object"
}
DhcpProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP profiles.",
"extends": {
"$ref": "ListResult
},
"id": "DhcpProfileListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of logical DHCP profiles.",
"items": {
"$ref": "DhcpProfile
},
"required": true,
"title": "Paginated list of DHCP profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP profiles",
"type": "object"
}
DhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "DHCP relay configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-relay-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpRelayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_addresses": {
"description": "DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": true,
"title": "DHCP relay addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP relay configuration",
"type": "object"
}
DhcpRelayConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpRelayConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayConfig
},
"required": true,
"title": "DhcpRelayConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpRelayConfigs",
"type": "object"
}
DhcpRelayProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "DhcpRelayProfile",
"module_id": "DhcpRelay",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_addresses": {
"items": {
"$ref": "IPAddress
},
"required": true,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DhcpRelayProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "DhcpRelayProfileListResult",
"module_id": "DhcpRelay",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayProfile
},
"required": true,
"title": "Dhcp relay profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpRelayService (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "DhcpRelayService",
"module_id": "DhcpRelay",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_profile_id": {
"required": true,
"title": "dhcp relay profile referenced by the dhcp relay service",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DhcpRelayServiceListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "DhcpRelayServiceListResult",
"module_id": "DhcpRelay",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayService
},
"required": true,
"title": "Dhcp relay service list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpServerConfig (type)
{
"additionalProperties": false,
"description": "DHCP server configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-server-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpServerConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "The reference to the edge cluster using the policy path of the edge cluster or label of type PolicyEdgeCluster. Auto assigned if only one edge cluster is configured on enforcement-point. Modifying edge cluster will reallocate DHCP server to the new edge cluster. Please note that re-allocating edge-cluster will result in losing of all exisitng DHCP lease information. Change edge cluster only when losing DHCP leases is not a real problem, e.g. cross-site migration or failover and all client hosts will be reboot and get new IP addresses.",
"required": false,
"title": "Edge cluster path or label of type PolicyEdgeCluster",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"DhcpServerConfig"
],
"relationshipType": "_UNOPTIMIZED_RELATIONSHIP_",
"rightType": [
"PolicyEdgeCluster"
]
},
{
"leftType": [
"DhcpServerConfig"
],
"relationshipType": "DHCP_SERVER_EDGE_CLUSTER_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"enable_standby_relocation": {
"default": false,
"description": "If no \"preferred-edge-paths\" were defined, and the \"enable-standby-relocation\"=true, once a new edge-node was added to the edge-cluster, the stand-by node of the DHCP could possibly be moved to another edge-node. But there is no guarantee that the stand-by will be moved. Please note, if the dhcp-server-config was applied to a gateway, and this gateway has defined its own edge-cluster and preferred edge-nodes, then the edge-cluster and nodes defined in dhcp-server-config will be ignored.",
"required": false,
"title": "Stand-By Relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"deprecated": true,
"description": "IP address lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "IP address lease time in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Policy paths to edge nodes on which the DHCP servers run. The first edge node is assigned as active edge, and second one as stanby edge. If only one edge node is specified, the DHCP servers will run without HA support. When this property is not specified, edge nodes are auto-assigned during realization of the DHCP server.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "Edge node path",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_address": {
"deprecated": true,
"description": "DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. This property is deprecated, use server_addresses instead. Both properties cannot be specified together with different new values.",
"format": "ip-cidr-block",
"required": false,
"title": "DHCP server address in CIDR format",
"type": "string"
},
"server_addresses": {
"description": "DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. Prefix length should be less than or equal to 30 for IPv4 address family and less than or equal to 126 for IPv6. When not specified, IPv4 value is auto-assigned to 100.96.0.1/30. Ignored when this object is configured at a Segment.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "DHCP server address in CIDR format",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP server configuration",
"type": "object"
}
DhcpServerConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpServerConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpServerConfig
},
"required": true,
"title": "DhcpServerConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpServerConfigs",
"type": "object"
}
DhcpServerLeaseRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpServerRequestParameters
},
"id": "DhcpServerLeaseRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"address": {
"description": "IP address, IP range or MAC address to retrieve specific lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "IP or MAC address",
"type": "string"
},
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_path": {
"description": "Segment path to retrieve lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "Segment path to retrieve lease information",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"description": "The data source, either realtime or cached. If not provided, cached data is returned.",
"required": false,
"title": "The data source"
}
},
"title": "DHCP server lease request parameters",
"type": "object"
}
DhcpServerRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DhcpServerRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DHCP server list request parameters",
"type": "object"
}
DhcpServerState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState
},
"id": "DhcpServerState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpServerStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpStatistics
},
"id": "DhcpServerStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"acks": {
"required": true,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": true,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": true,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": true,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": true,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": true,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": true,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": true,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": true,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": true,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpServerStatus (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpServerStatus",
"module_id": "AggSvcDhcp",
"properties": {
"active_node": {
"required": true,
"title": "uuid of active transport node",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"service_status": {
"description": "UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_STANDBY"
],
"required": true,
"type": "string"
},
"stand_by_node": {
"required": false,
"title": "uuid of stand_by transport node. null if non-HA mode",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP static binding to define a static ip allocation.",
"extends": {
"$ref": "IpAllocationBase
},
"id": "DhcpStaticBinding",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress,
"description": "Gateway ip address of the allocation.",
"required": false,
"title": "Gateway ip"
},
"host_name": {
"description": "The host name to be assigned to the host.",
"format": "hostname",
"required": false,
"title": "Host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "The ip address to be assigned to the host.",
"required": true,
"title": "Ip address"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "The MAC address of the host.",
"required": true,
"title": "MAC address"
},
"options": {
"$ref": "DhcpOptions,
"description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpStaticBindingConfig (type)
{
"abstract": true,
"additionalProperties": false,
"description": "DHCP IPv4 and IPv6 static bindings are extended from this abstract class.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for DHCP options",
"type": "object"
}
DhcpStaticBindingConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpStaticBindingConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpStaticBindingConfig
},
"required": true,
"title": "Paginated list of DhcpStaticBindingConfig",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBindingListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP static bindings.",
"extends": {
"$ref": "ListResult
},
"id": "DhcpStaticBindingListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP static bindings.",
"items": {
"$ref": "DhcpStaticBinding
},
"required": true,
"title": "Paginated list of DHCP static bindings",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP static bindings",
"type": "object"
}
DhcpStaticBindingState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState
},
"id": "DhcpStaticBindingState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpStatistics (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpStatistics",
"module_id": "AggSvcDhcp",
"properties": {
"acks": {
"required": true,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": true,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": true,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": true,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": true,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": true,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": true,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": true,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": true,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": true,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpV4Options (type)
{
"additionalProperties": false,
"description": "DHCP options for IPv4 server.",
"id": "DhcpV4Options",
"module_id": "PolicyConnectivity",
"properties": {
"option121": {
"$ref": "DhcpOption121,
"description": "DHCP option 121 to define classless static routes.",
"required": false,
"title": "DHCP option 121"
},
"others": {
"description": "To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time",
"items": {
"$ref": "GenericDhcpOption
},
"maxItems": 255,
"minItems": 0,
"required": false,
"title": "Other DHCP options",
"type": "array"
}
},
"title": "DHCP options for IPv4 address family",
"type": "object"
}
DhcpV4StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv4 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig
},
"id": "DhcpV4StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV4StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_address": {
"$ref": "IPv4Address,
"description": "When not specified, gateway address is auto-assigned from segment configuration.",
"title": "Gateway IP address"
},
"host_name": {
"description": "Hostname to assign to the host.",
"maxLength": 63,
"title": "Host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPv4Address,
"description": "IP assigned to host. The IP address must belong to the subnet, if any, configured on Segment.",
"required": true,
"title": "IP assigned to host"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "MAC address of the host.",
"required": true,
"title": "MAC address of host"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"options": {
"$ref": "DhcpV4Options,
"description": "IPv4 DHCP options.",
"required": false,
"title": "DHCP options"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpV6InfoBase (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Base type of IPv6 ip-allocation extended by ip-pool and static-binding.",
"extends": {
"$ref": "ManagedResource
},
"id": "DhcpV6InfoBase",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base type of IPv6 ip-allocation",
"type": "object"
}
DhcpV6IpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP IPv6 ip pool to define dynamic ip allocation ranges. The DhcpV6IpPool would only provide stateless DHCP (domain search list, DNS servers, SNTP servers) to client if both the ranges and excluded_ranges are not specified.",
"extends": {
"$ref": "DhcpV6InfoBase
},
"id": "DhcpV6IpPool",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"excluded_ranges": {
"description": "Excluded addresses to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Excluded range of IPv6 addresses",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"ranges": {
"description": "Ip address ranges to define dynamic ip allocation ranges.",
"items": {
"$ref": "IpPoolRange
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Ip address ranges",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP IPv6 ip pool",
"type": "object"
}
DhcpV6IpPoolListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP IPv6 ip pools.",
"extends": {
"$ref": "ListResult
},
"id": "DhcpV6IpPoolListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP IPv6 ip pools.",
"items": {
"$ref": "DhcpV6IpPool
},
"required": false,
"title": "Paginated list of DHCP IPv6 ip pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP IPv6 ip pools",
"type": "object"
}
DhcpV6Lease (type)
{
"id": "DhcpV6Lease",
"module_id": "AggSvcDhcp",
"properties": {
"duid": {
"required": true,
"title": "DHCP unique identifier",
"type": "string"
},
"expire_time": {
"required": false,
"title": "expire time of the lease",
"type": "string"
},
"ia_type": {
"enum": [
"IA_INVALID",
"IA_NA",
"IA_TA",
"IA_PD"
],
"required": true,
"title": "identity association type",
"type": "string"
},
"iaid": {
"required": true,
"title": "An identifier for an IA",
"type": "integer"
},
"ip_addresses": {
"items": {
"type": "string"
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "ip addresses of client",
"type": "array"
},
"lease_time": {
"required": false,
"title": "lease time of the ip address, in seconds",
"type": "string"
},
"start_time": {
"required": true,
"title": "start time of lease",
"type": "string"
}
},
"type": "object"
}
DhcpV6StaticBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP IPv6 static binding to define a static ip allocation.",
"extends": {
"$ref": "DhcpV6InfoBase
},
"id": "DhcpV6StaticBinding",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "When not specified, no ip address will be assigned to client host.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "Ip address list",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "The MAC address of the host. Either client-duid or mac-address, but not both.",
"required": false,
"title": "MAC address"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "DHCP IPv6 static binding",
"type": "object"
}
DhcpV6StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv6 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig
},
"id": "DhcpV6StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV6StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "When not specified, no DNS nameserver will be set to client host.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS nameservers to be set to client host",
"type": "array"
},
"domain_names": {
"description": "When not specified, no domain name will be assigned to client host.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names to be assigned to client host",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "When not specified, no ip address will be assigned to client host.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IP addresses to be assigned to client host",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "The MAC address of the client host. Either client-duid or mac-address, but not both.",
"required": true,
"title": "MAC address"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DhcpStaticBindingConfig",
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server IP addresses.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpV6StaticBindingListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of DHCP IPv6 static bindings.",
"extends": {
"$ref": "ListResult
},
"id": "DhcpV6StaticBindingListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DHCP IPv6 static bindings.",
"items": {
"$ref": "DhcpV6StaticBinding
},
"required": false,
"title": "Paginated list of DHCP IPv6 static bindings",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of DHCP IPv6 static bindings",
"type": "object"
}
Dhcpv6Header (type)
{
"additionalProperties": false,
"id": "Dhcpv6Header",
"module_id": "Traceflow",
"properties": {
"msg_type": {
"default": "SOLICIT",
"description": "This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters.",
"enum": [
"SOLICIT",
"ADVERTISE",
"REQUEST",
"REPLY"
],
"required": false,
"title": "DHCP message type",
"type": "string"
}
},
"type": "object"
}
DirectionType (type) (Deprecated)
{
"default": "BIDIRECTIONAL",
"deprecated": true,
"enum": [
"INGRESS",
"EGRESS",
"BIDIRECTIONAL"
],
"id": "DirectionType",
"module_id": "PortMirroringSwitchingProfile",
"title": "port mirroring direction",
"type": "string"
}
DirectoryAdDomain (type)
{
"extends": {
"$ref": "DirectoryDomain
},
"id": "DirectoryAdDomain",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"type-identifier": "DirectoryAdDomain"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"base_distinguished_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain base distinguished name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "Directory domain Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "DirectoryEventLogServer
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of directory domain",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "DirectoryLdapServer
},
"maxItems": 50,
"required": true,
"title": "LDAP server of directory domain",
"type": "array"
},
"name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "Directory domain name",
"type": "string"
},
"netbios_name": {
"description": "NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.",
"required": true,
"title": "Directory domain NETBIOS name",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"DirectoryAdDomain"
],
"required": true,
"title": "Directory domain resource type",
"type": "string"
},
"selective_sync_settings": {
"$ref": "SelectiveSyncSettings,
"description": "SelectiveSync settings toggle the SelectiveSync feature and selected OrgUnits. If this is not specified, SelectiveSync is disabled by default.",
"required": false,
"title": "SelectiveSync settings"
},
"sync_settings": {
"$ref": "DirectoryDomainSyncSettings,
"description": "Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.",
"required": false,
"title": "Directory domain sync settings"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Active Directory Domain",
"type": "object"
}
DirectoryAdGroup (type)
{
"extends": {
"$ref": "DirectoryGroup
},
"id": "DirectoryAdGroup",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"type-identifier": "DirectoryAdGroup"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "Directory group distinguished name",
"type": "string"
},
"domain_id": {
"description": "Domain ID this directory group belongs to.",
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain distinguished name",
"type": "string"
},
"domain_sync_node_id": {
"description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.",
"required": false,
"title": "Domain synchronization root node id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"object_guid": {
"description": "GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects.",
"required": true,
"title": "Active directory group object guid",
"type": "string"
},
"resource_type": {
"description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"required": true,
"title": "Directory group resource type for this domain",
"type": "string"
},
"secure_id": {
"description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID.",
"required": true,
"title": "Active directory group secure id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryDomain (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource
},
"id": "DirectoryDomain",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "Directory domain Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "DirectoryEventLogServer
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of directory domain",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "DirectoryLdapServer
},
"maxItems": 50,
"required": true,
"title": "LDAP server of directory domain",
"type": "array"
},
"name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "Directory domain name",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"DirectoryAdDomain"
],
"required": true,
"title": "Directory domain resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Directory Domain",
"type": "object"
}
DirectoryDomainListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DirectoryDomainListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryDomain
},
"maxItems": 500,
"required": true,
"title": "List of Directory Domains",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Directory Domain",
"type": "object"
}
DirectoryDomainSize (type)
{
"additionalProperties": false,
"id": "DirectoryDomainSize",
"module_id": "DirectoryService",
"properties": {
"group_count": {
"readonly": true,
"required": false,
"title": "Number of groups",
"type": "int"
},
"group_member_count": {
"readonly": true,
"required": false,
"title": "Number of group members",
"type": "int"
},
"user_count": {
"readonly": true,
"required": false,
"title": "Number of users",
"type": "int"
}
},
"title": "Size of Directory Domain",
"type": "object"
}
DirectoryDomainSyncRequest (type)
{
"id": "DirectoryDomainSyncRequest",
"module_id": "DirectoryService",
"properties": {
"action": {
"description": "Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time.",
"enum": [
"FULL_SYNC",
"DELTA_SYNC",
"STOP_SYNC"
],
"required": true,
"title": "Sync type requested",
"type": "string"
},
"delay": {
"default": 0,
"description": "The delay can be added to execute the sync action in the future.",
"minimum": 0,
"required": false,
"title": "Request to execute the sync with some delay in seconds",
"type": "integer"
}
},
"title": "Directory domain synchronization request",
"type": "object"
}
DirectoryDomainSyncSettings (type)
{
"additionalProperties": false,
"id": "DirectoryDomainSyncSettings",
"module_id": "DirectoryService",
"properties": {
"delta_sync_interval": {
"default": 180,
"description": "Directory domain delta synchronization interval time between two delta sync in minutes.",
"maximum": 720,
"minimum": 5,
"required": false,
"title": "Delta synchronization inverval in minutes",
"type": "integer"
},
"full_sync_cron_expr": {
"description": "Directory domain full synchronization schedule using cron expression. For example, cron expression \"0 0 12 ? * SUN *\" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync.",
"required": false,
"title": "Full synchronization cron expression",
"type": "string"
},
"sync_delay_in_sec": {
"default": 30,
"description": "Sync delay after Directory domain has been successfully created. if delay is -1, initial full sync will not be triggered.",
"maximum": 600,
"minimum": -1,
"required": false,
"title": "Sync delay (in second).",
"type": "int"
}
},
"title": "Domain synchronization settings",
"type": "object"
}
DirectoryDomainSyncStats (type)
{
"id": "DirectoryDomainSyncStats",
"module_id": "DirectoryService",
"properties": {
"avg_delta_sync_time": {
"description": "All the historical delta sync are counted in calculating the average delta sync time in milliseconds.",
"readonly": true,
"required": false,
"title": "Average time spent for all historical delta sync",
"type": "integer"
},
"avg_full_sync_time": {
"description": "All the historical full sync are counted in calculating the average full sync time in milliseconds.",
"readonly": true,
"required": false,
"title": "Average time spent for all historical full sync",
"type": "integer"
},
"current_state": {
"description": "Current running state of the directory domain in synchronization life cycle. It could be one of the following five states. SELECTIVE_FULL_SYNC and SELECTIVE_DELTA_SYNC are sync states for selective sync.",
"enum": [
"IDLE",
"FULL_SYNC",
"DELTA_SYNC",
"SELECTIVE_FULL_SYNC",
"SELECTIVE_DELTA_SYNC"
],
"readonly": true,
"required": true,
"title": "Current state of directory domain sync context",
"type": "string"
},
"current_state_begin_time": {
"$ref": "EpochMsTimestamp,
"description": "Since what time the current state has begun. The time is expressed in millisecond epoch time.",
"readonly": true,
"required": true,
"title": "Current state elapsed time"
},
"num_delta_sync": {
"description": "number of successful historical delta sync initiated either by system or by API request.",
"readonly": true,
"required": false,
"title": "Total number of successful delta sync",
"type": "integer"
},
"num_full_sync": {
"description": "number of successful historical full sync initiated either by system or by API request.",
"readonly": true,
"required": false,
"title": "Total number of successful full sync",
"type": "integer"
},
"prev_sync_end_time": {
"$ref": "EpochMsTimestamp,
"description": "Directory domain previous sync ending time expressed in millisecond epoch time.",
"readonly": true,
"required": true,
"title": "Previous sync ended time"
},
"prev_sync_error": {
"description": "Directory domain previous sync status error if last status was failure.",
"readonly": true,
"required": false,
"title": "Previous sync error",
"type": "string"
},
"prev_sync_status": {
"description": "Directory domain previous sync status. It could be one of the following two states.",
"enum": [
"SUCCESS",
"FAILURE",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Previous sync status",
"type": "string"
},
"prev_sync_type": {
"description": "Directory domain previous sync type. It could be one of the following five states. Right after the directory domain is configured, this field is set to IDLE.",
"enum": [
"IDLE",
"FULL_SYNC",
"DELTA_SYNC",
"SELECTIVE_FULL_SYNC",
"SELECTIVE_DELTA_SYNC"
],
"readonly": true,
"required": true,
"title": "Previous sync type",
"type": "string"
}
},
"title": "Directory domain synchronization statistics",
"type": "object"
}
DirectoryDomanDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "DirectoryDomanDeleteRequestParameters",
"module_id": "DirectoryService",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Directory domain delete request parameters",
"type": "object"
}
DirectoryEventLogServer (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "DirectoryEventLogServer",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": false,
"title": "Directory domain name",
"type": "string"
},
"host": {
"description": "Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching.",
"format": "hostname-or-ip",
"required": true,
"title": "Event log server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Directory event log server connection password.",
"required": false,
"sensitive": true,
"title": "Event log server password",
"type": "secure_string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "DirectoryEventLogServerStatus,
"description": "Event log server connection status object",
"required": false,
"title": "Event log server connection status"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"username": {
"description": "Directory event log server connection user name.",
"required": false,
"title": "Event log server username",
"type": "string"
}
},
"title": "Event log server of directory domain",
"type": "object"
}
DirectoryEventLogServerStatus (type)
{
"id": "DirectoryEventLogServerStatus",
"module_id": "DirectoryService",
"properties": {
"error_message": {
"readonly": true,
"required": false,
"title": "Additional optional detail error message",
"type": "string"
},
"last_event_record_id": {
"description": "Last event record ID is an opaque integer value that shows the last successfully received event from event log server.",
"readonly": true,
"required": false,
"title": "Last event record ID",
"type": "integer"
},
"last_event_time_created": {
"$ref": "EpochMsTimestamp,
"description": "Time of last successfully received and record event from event log server.",
"readonly": true,
"required": false,
"title": "Time when last event record ID was received"
},
"last_polling_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Last polling time"
},
"status": {
"description": "Connection status: OK: All OK ERROR: Generic error",
"enum": [
"OK",
"ERROR"
],
"readonly": true,
"required": true,
"title": "Current connection status of event log server",
"type": "string"
}
},
"title": "Event log server connection status",
"type": "object"
}
DirectoryGroup (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "DirectoryGroup",
"module_id": "DirectoryService",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "Directory group distinguished name",
"type": "string"
},
"domain_id": {
"description": "Domain ID this directory group belongs to.",
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Directory domain distinguished name",
"type": "string"
},
"domain_sync_node_id": {
"description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.",
"required": false,
"title": "Domain synchronization root node id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"required": true,
"title": "Directory group resource type for this domain",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryGroupListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DirectoryGroupListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryGroup
},
"required": true,
"title": "Directory group list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DirectoryGroupMember (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "DirectoryGroupMember",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"group_distinguished_name": {
"description": "Directory group distinguished name this group member belongs to.",
"required": true,
"title": "Group distinguished name",
"type": "string"
},
"group_id": {
"description": "Directory group id this group member belongs to",
"required": true,
"title": "Group identifier",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_group_distinguished_name": {
"description": "Directory group name this group member owns",
"required": true,
"title": "Member group distinguished name",
"type": "string"
},
"member_group_id": {
"description": "Directory group id this group member owns",
"required": true,
"title": "Member group identifier",
"type": "string"
},
"nested": {
"description": "Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id.",
"required": true,
"title": "Nesting flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DirectoryGroupMemberListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DirectoryGroupMemberListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryGroupMember
},
"required": true,
"title": "Directory group member list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DirectoryLdapServer (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "DirectoryLdapServer",
"module_id": "DirectoryService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": false,
"title": "Directory domain name",
"type": "string"
},
"host": {
"description": "Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.",
"format": "hostname-or-ip",
"required": true,
"title": "LDAP server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Directory LDAP server connection password.",
"required": false,
"sensitive": true,
"title": "LDAP server password",
"type": "secure_string"
},
"port": {
"default": 389,
"description": "Directory LDAP server connection TCP/UDP port.",
"max": 65535,
"min": 1,
"required": false,
"title": "LDAP server TCP/UDP port",
"type": "integer"
},
"protocol": {
"default": "LDAP",
"description": "Directory LDAP server connection protocol which is either LDAP or LDAPS.",
"enum": [
"LDAP",
"LDAPS"
],
"required": false,
"title": "LDAP server protocol",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Directory LDAP server certificate thumbprint used in secure LDAPS connection.",
"required": false,
"title": "LDAP server certificate thumbprint using SHA-256 algorithm",
"type": "string"
},
"username": {
"description": "Directory LDAP server connection user name.",
"required": false,
"title": "LDAP server username",
"type": "string"
}
},
"title": "LDAP server of directory domain",
"type": "object"
}
DirectoryLdapServerListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DirectoryLdapServerListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryLdapServer
},
"maxItems": 50,
"required": true,
"title": "List of directory domain LDAP servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of directory domain LDAP servers",
"type": "object"
}
DirectoryLdapServerStatus (type)
{
"id": "DirectoryLdapServerStatus",
"module_id": "DirectoryService",
"properties": {
"error_id": {
"description": "Error ID of the directory LDAP server status maintained by the NSX directory service.",
"required": false,
"title": "Error ID of the directory LDAP server status",
"type": "integer"
},
"error_message": {
"description": "Error message of the directory LDAP server status maintained by the NSX directory service.",
"required": false,
"title": "Error message of the directory LDAP server status",
"type": "string"
}
},
"title": "Status LDAP server of directory domain",
"type": "object"
}
DirectoryLdapServerTestParameters (type)
{
"id": "DirectoryLdapServerTestParameters",
"module_id": "DirectoryService",
"properties": {
"action": {
"description": "Type of LDAP server test to perform.",
"enum": [
"CONNECTIVITY"
],
"required": true,
"title": "LDAP server test requested",
"type": "string"
}
},
"title": "Parameters for performing LDAP server test",
"type": "object"
}
DirectoryOrgUnit (type)
{
"id": "DirectoryOrgUnit",
"module_id": "DirectoryService",
"properties": {
"children": {
"description": "List of children Organization Units if any.",
"items": {
"$ref": "DirectoryOrgUnit
},
"maxItems": 500,
"required": true,
"title": "List of children Organization Units",
"type": "array"
},
"distinguished_name": {
"description": "Distinguished name of the organization unit.",
"required": true,
"title": "Distinguished name",
"type": "string"
},
"name": {
"description": "Organization Unit name.",
"required": true,
"title": "Organization Unit name",
"type": "string"
}
},
"title": "Organization Unit",
"type": "object"
}
DirectoryOrgUnitListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DirectoryOrgUnitListResults",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DirectoryOrgUnit
},
"maxItems": 500,
"required": true,
"title": "List of Organization Units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of organization units",
"type": "object"
}
DirectorySearchFilterValue (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "DirectorySearchFilterValue",
"module_id": "DirectoryService",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_value": {
"description": "Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.",
"required": true,
"title": "Name search filter value",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Searching domain entities using a matching filter value",
"type": "object"
}
DisconnectBridgeWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Disconnect bridge workflow spec.",
"extends": {
"$ref": "WorkflowSpec
},
"id": "DisconnectBridgeWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DisconnectBridgeWorkflowSpec"
},
"properties": {
"bridge_profile_path": {
"description": "Bridge profile path used to find the bridge config in the segment to be removed.",
"readonly": false,
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"segment_path": {
"description": "Path of the segment from which the bridge config specified by the property \"bridge_profile_path\" will be removed.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
}
},
"title": "Disconnect bridge workflow spec",
"type": "object"
}
DiscoveredNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "DiscoveredNode",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"certificate": {
"required": false,
"title": "Certificate of the discovered node",
"type": "string"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the discovered node in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the discovered node, ex. a mo-ref from VC",
"type": "string"
},
"hardware_id": {
"description": "Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx.",
"readonly": true,
"required": false,
"title": "Hardware Id of the discovered node",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": true,
"title": "IP Addresses of the the discovered node.",
"type": "array"
},
"node_type": {
"readonly": true,
"required": true,
"title": "Discovered Node type like Host",
"type": "string"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this node was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of discovered\nnode in the Compute Manager\n",
"type": "array"
},
"os_type": {
"readonly": true,
"required": false,
"title": "OS type of the discovered node",
"type": "string"
},
"os_version": {
"readonly": true,
"required": false,
"title": "OS version of the discovered node",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the discovered node. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when discovered node prepared by that nsx. OTHER applies to when discovered node prepared by other nsx. MULTIPLE applies to when discovered node tried to prepare by multiple nsx at a time. NONE applies to when discovered node is not prepared by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the discovered node",
"type": "string"
},
"parent_compute_collection": {
"readonly": true,
"required": false,
"title": "External id of the compute collection to which this node belongs",
"type": "string"
},
"pnic_details": {
"description": "PNIC details for the host.",
"items": {
"$ref": "PnicDetail
},
"readonly": false,
"required": false,
"title": "PNIC details",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"stateless": {
"description": "The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true.",
"readonly": true,
"required": false,
"title": "Specifies whether host is stateless",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DiscoveredNodeInterfaceProperties (type)
{
"additionalProperties": false,
"description": "Network interface properties of discovered node",
"id": "DiscoveredNodeInterfaceProperties",
"module_id": "InventoryCmObj",
"properties": {
"connected_switch": {
"description": "Switch name which is connected to nic, switch can be opaque, proxyHostSwitch or virtual",
"title": "Connected switch",
"type": "string"
},
"connected_switch_type": {
"description": "Type of virtual switch can be VSS, DVS or N-VDS.",
"enum": [
"VSS",
"DVS",
"N-VDS"
],
"required": false,
"title": "Type of virtual switch",
"type": "string"
},
"interface_id": {
"description": "Id of the network interface",
"title": "Interface ID",
"type": "string"
},
"physical_address": {
"$ref": "MACAddress,
"description": "Mac address of the interface",
"title": "Interface MAC address"
}
},
"title": "Discovered node network interface properties",
"type": "object"
}
DiscoveredNodeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "DiscoveredNodeListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cm_local_id": {
"required": false,
"title": "Local Id of the discovered node in the Compute Manager",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"required": false,
"title": "Display name of discovered node",
"type": "string"
},
"external_id": {
"required": false,
"title": "External id of the discovered node, ex. a mo-ref from VC",
"type": "string"
},
"has_parent": {
"enum": [
"true",
"false"
],
"required": false,
"title": "Discovered node has a parent compute collection or is a standalone host",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_address": {
"required": false,
"title": "IP address of the discovered node",
"type": "string"
},
"node_id": {
"required": false,
"title": "Id of the fabric node created from the discovered node",
"type": "string"
},
"node_type": {
"required": false,
"title": "Discovered Node type like HostNode",
"type": "string"
},
"origin_id": {
"required": false,
"title": "Id of the compute manager from where this node was discovered",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"parent_compute_collection": {
"required": false,
"title": "External id of the compute collection to which this node belongs",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Discovered Node list parameters",
"type": "object"
}
DiscoveredNodeListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DiscoveredNodeListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DiscoveredNode
},
"required": true,
"title": "Discovered Node list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Discovered Node list result",
"type": "object"
}
DiscoveredNodeNetworkInterfaces (type)
{
"description": "All the network interfaces of the discovered node",
"id": "DiscoveredNodeNetworkInterfaces",
"module_id": "InventoryCmObj",
"properties": {
"discovered_node_id": {
"description": "Id of the discovered node",
"required": true,
"title": "Discovered node Id",
"type": "string"
},
"network_interfaces": {
"description": "Network interfaces of the node",
"items": {
"$ref": "DiscoveredNodeInterfaceProperties
},
"required": false,
"title": "Discovered Node interfaces",
"type": "array"
}
},
"title": "Discovered node network interfaces",
"type": "object"
}
DiscoveredResource (type)
{
"abstract": true,
"extends": {
"$ref": "Resource
},
"id": "DiscoveredResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"mode": "force",
"property-name": "resource_type"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for resources that are discovered and automatically updated",
"type": "object"
}
DiscoveredResourceAssociation (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "DiscoveredResourceAssociation",
"module_id": "InventoryAssociations",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being configured.",
"enum": [
"VirtualMachine",
"ComputeCollection"
],
"required": true,
"title": "Type of the discovered resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External id of the discovered resource for which association is being configured.",
"required": true,
"title": "External id of the discovered resource",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Association for discovered resource",
"type": "object"
}
DiscoveredResourceAssociationListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "DiscoveredResourceAssociationListRequestParameters",
"module_id": "InventoryAssociations",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_resource_external_id": {
"description": "External id of the discovered resource for which association is being queried.",
"required": false,
"title": "External id of the discovered resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being queried.",
"enum": [
"VirtualMachine",
"ComputeCollection"
],
"required": false,
"title": "Type of the discovered resource",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters for discovered resource associations",
"type": "object"
}
DiscoveredResourceScope (type)
{
"id": "DiscoveredResourceScope",
"module_id": "Common",
"properties": {
"scope_id": {
"description": "Specifies the scope id of discovered resource.",
"required": false,
"title": "Scope Id of scope for discovered resource",
"type": "string"
},
"scope_type": {
"description": "Type of the scope for the discovered resource.",
"enum": [
"CONTAINER_CLUSTER",
"VPC"
],
"required": false,
"title": "Type of scope",
"type": "string"
}
},
"title": "Scope of discovered resource",
"type": "object"
}
DiscoveredVifListParameters (type)
{
"description": "The parameters to fetch the discovered VIF state.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "DiscoveredVifListParameters",
"module_id": "PolicyHostTransportNode",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"host_switch_id": {
"description": "Host switch id.",
"required": false,
"title": "VDS identifier",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_id": {
"description": "Segment id.",
"required": false,
"title": "Segment identifier",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment list parameters",
"type": "object"
}
DiscoveredVifState (type)
{
"description": "State of VIFs connected to discovered segment on the TransportNode.",
"id": "DiscoveredVifState",
"module_id": "PolicyHostTransportNode",
"properties": {
"error_msg": {
"description": "Error encountered during segment port creation for the discovered VIF.",
"required": false,
"title": "Error message",
"type": "string"
},
"id": {
"description": "Id of discovered VIF.",
"required": true,
"title": "VIF Id",
"type": "string"
},
"segment_path": {
"description": "Segment path related with discovered VIF.",
"required": true,
"title": "Path of the discovered segment",
"type": "string"
},
"segment_port_path": {
"description": "SegmentPort path related with discovered VIF.",
"required": true,
"title": "Path of the segment port",
"type": "string"
},
"state": {
"description": "The state of specific discovered VIF.",
"enum": [
"PENDING",
"ATTACHMENT_IN_PROGRESS",
"ATTACHMENT_SUCCESS",
"ATTACHMENT_FAILED"
],
"title": "Discovered VIF State",
"type": "string"
}
},
"title": "Discovered Vif State",
"type": "object"
}
DiscoveredVifStateListResult (type)
{
"additionalProperties": false,
"description": "Array of result of discovered VIF state result.",
"extends": {
"$ref": "ListResult
},
"id": "DiscoveredVifStateListResult",
"module_id": "PolicyHostTransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DiscoveredVifState
},
"readonly": true,
"title": "Discovered Segment Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment queries result",
"type": "object"
}
DiscoveryProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base Discovery Profile Binding Map",
"type": "object"
}
DiskProvisioning (type)
{
"additionalProperties": false,
"description": "Disk provisioning type for deploying VM.",
"enum": [
"THIN",
"LAZY_ZEROED_THICK",
"EAGER_ZEROED_THICK"
],
"id": "DiskProvisioning",
"module_id": "HostPrepServiceFabric",
"required": true,
"title": "Disk provisioning type",
"type": "string"
}
DistributedFirewall (type)
{
"id": "DistributedFirewall",
"module_id": "ObservabilityCounters",
"properties": {
"alg_handler_drops": {
"description": "alg handler error.",
"required": false,
"type": "integer"
},
"bad_offset_drops": {
"description": "bad-offset.",
"required": false,
"type": "integer"
},
"bad_timestamp_drops": {
"description": "bad-timestamp.",
"required": false,
"type": "integer"
},
"congestion_drops": {
"description": "congestion.",
"required": false,
"type": "integer"
},
"fragment_drops": {
"description": "fragment.",
"required": false,
"type": "integer"
},
"handshake_error_drops": {
"description": "3wh error.",
"required": false,
"type": "integer"
},
"icmp_err_pkt_drops": {
"description": "icmp errpkt drop.",
"required": false,
"type": "integer"
},
"icmp_error_drops": {
"description": "icmp error.",
"required": false,
"type": "integer"
},
"icmp_flood_overlimit_drops": {
"description": "ICMP flood overlimit.",
"required": false,
"type": "integer"
},
"ignored_offloaded_fpdrops": {
"description": "Ignored offloaded FP.",
"required": false,
"type": "integer"
},
"ignored_offloaded_spdrops": {
"description": "Ignored offloaded SP.",
"required": false,
"type": "integer"
},
"ip_option_drops": {
"description": "ip-option.",
"required": false,
"type": "integer"
},
"l7_alert_drops": {
"description": "L7 alert.",
"required": false,
"type": "integer"
},
"l7_attr_error_drops": {
"description": "L7 attr error.",
"required": false,
"type": "integer"
},
"l7_pending_misc": {
"description": "L7 pending.",
"required": false,
"type": "integer"
},
"lb_reject_drops": {
"description": "LB Reject.",
"required": false,
"type": "integer"
},
"match_drop_rule_rx_drops": {
"description": "Rx pkts dropped by hitting drop/reject rule.",
"required": false,
"type": "integer"
},
"match_drop_rule_tx_drops": {
"description": "Tx pkts dropped by hitting drop/reject rule.",
"required": false,
"type": "integer"
},
"memory_drops": {
"description": "memory.",
"required": false,
"type": "integer"
},
"normalize_drops": {
"description": "normalize.",
"required": false,
"type": "integer"
},
"other_flood_overlimit_drops": {
"description": "OTHER flood overlimit.",
"required": false,
"type": "integer"
},
"pkts_frag_queued_v4_misc": {
"description": "pkts-frag-queued-v4.",
"required": false,
"type": "integer"
},
"pkts_frag_queued_v6_misc": {
"description": "pkts-frag-queued-v6.",
"required": false,
"type": "integer"
},
"proto_cksum_drops": {
"description": "proto-cksum.",
"required": false,
"type": "integer"
},
"rx_ipv4_drop_pkts": {
"description": "Received IPv4 drop packets.",
"required": false,
"type": "integer"
},
"rx_ipv4_reject_pkts": {
"description": "Received IPv4 reject packets.",
"required": false,
"type": "integer"
},
"rx_ipv6_drop_pkts": {
"description": "Received IPv6 drop packets.",
"required": false,
"type": "integer"
},
"rx_ipv6_reject_pkts": {
"description": "Received IPv6 reject packets.",
"required": false,
"type": "integer"
},
"rx_l2_drop_pkts": {
"description": "Received layer 2 drop packets.",
"required": false,
"type": "integer"
},
"seqno_bad_ack_drops": {
"description": "seqno bad ack.",
"required": false,
"type": "integer"
},
"seqno_gt_max_ack_drops": {
"description": "seqno gt maxack.",
"required": false,
"type": "integer"
},
"seqno_lt_minack_drops": {
"description": "seqno lt minack.",
"required": false,
"type": "integer"
},
"seqno_old_ack_drops": {
"description": "seqno old ack.",
"required": false,
"type": "integer"
},
"seqno_old_retrans_drops": {
"description": "seqno old retrans.",
"required": false,
"type": "integer"
},
"seqno_outside_window_drops": {
"description": "seqno outside window.",
"required": false,
"type": "integer"
},
"short_drops": {
"description": "short.",
"required": false,
"type": "integer"
},
"spoof_guard_drops": {
"description": "spoofguard.",
"required": false,
"type": "integer"
},
"src_limit_misc": {
"description": "src-limit.",
"required": false,
"type": "integer"
},
"state_insert_drops": {
"description": "state-insert.",
"required": false,
"type": "integer"
},
"state_limit_drops": {
"description": "state-limit.",
"required": false,
"type": "integer"
},
"state_mismatch_drops": {
"description": "state-mismatch.",
"required": false,
"type": "integer"
},
"strict_no_syn_drops": {
"description": "strict no syn.",
"required": false,
"type": "integer"
},
"syn_expected_drops": {
"description": "SYN Expected.",
"required": false,
"type": "integer"
},
"syn_proxy_drops": {
"description": "synproxy.",
"required": false,
"type": "integer"
},
"tcp_flood_overlimit_drops": {
"description": "TCP flood overlimit.",
"required": false,
"type": "integer"
},
"tx_ipv4_drop_pkts": {
"description": "Sent IPv4 drop packets.",
"required": false,
"type": "integer"
},
"tx_ipv4_reject_pkts": {
"description": "Sent IPv4 reject packets.",
"required": false,
"type": "integer"
},
"tx_ipv6_drop_pkts": {
"description": "Sent IPv6 drop packets.",
"required": false,
"type": "integer"
},
"tx_ipv6_reject_pkts": {
"description": "Sent IPv6 reject packets.",
"required": false,
"type": "integer"
},
"tx_l2_drop_pkts": {
"description": "Sent layer 2 drop packets.",
"required": false,
"type": "integer"
},
"udp_flood_overlimit_drops": {
"description": "UDP flood overlimit.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
DistributedFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile
},
"id": "DistributedFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rst_spoofing": {
"default": false,
"description": "If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate rst spoofing is enabled",
"type": "boolean"
},
"enable_syncache": {
"default": false,
"description": "If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate syncache is enabled",
"type": "boolean"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
DistributedVirtualPortgroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualPortgroup
},
"id": "DistributedVirtualPortgroup",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualPortgroup"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"backing_type": {
"description": "For distributed virtual portgroup, backing type is standard. For logical switch portgroup, the backing type is set to nsx.",
"readonly": false,
"title": "Backing type for portgroup",
"type": "string"
},
"cm_local_id": {
"description": "Id of the portgroup, eg. a mo-ref from VC.",
"readonly": true,
"required": false,
"title": "Id of the portgroup in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual portgroup",
"type": "string"
},
"key": {
"readonly": false,
"title": "Generated UUID of the portgroup",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Portgroup type like DistributedVirtualPortgroup",
"type": "string"
},
"overall_status": {
"description": "This parameters reflects the managed entity status of the portgroup as reported by VC.",
"enum": [
"RED",
"YELLOW",
"GREEN",
"GRAY"
],
"readonly": true,
"required": false,
"title": "General status of the virtual portgroup",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Distributed virtual portgroup on a VC",
"type": "object"
}
DistributedVirtualSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualSwitch
},
"id": "DistributedVirtualSwitch",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualSwitch"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": false,
"title": "ID of the virtual switch in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_nodes": {
"description": "Array of discovered nodes connected to this switch.",
"items": {
"$ref": "DiscoveredNode
},
"readonly": true,
"required": false,
"title": "Array of discovered nodes connected",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu_failover_policy": {
"$ref": "DpuFailoverPolicy,
"description": "This specifies the failover policy for a distributed virtual switch from vCenter DVS, specifically related to the Data Processing Unit(DPU).",
"readonly": true,
"required": false,
"title": "Dpu Failover policy for a DVS"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual switch",
"type": "string"
},
"lacp_group_configs": {
"description": "It contains information about VMware specific multiple dynamic LACP groups.",
"items": {
"$ref": "LacpGroupConfigInfo
},
"readonly": false,
"required": false,
"title": "Array of Link Aggregation Control Protocol (LACP) configuration",
"type": "array"
},
"network_offload_spec_id": {
"description": "Specify the Id of network offload spec.",
"readonly": true,
"required": false,
"title": "Id of network offload spec",
"type": "string"
},
"origin_id": {
"description": "ID of the compute manager where this virtual switch is discovered.",
"readonly": true,
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional properties of switch",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Switch type like VmwareDistributedVirtualSwitch",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the virtual switch. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when virtual switch owned by that nsx. OTHER applies to whenf virtual switch owned by other nsx. MULTIPLE applies to when virtual switch tried to own by multiple nsx at a time. NONE applies to when virtual switch is not owned by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the virtual switch",
"type": "string"
},
"real_time_config": {
"$ref": "RealTimeConfig,
"description": "Real time config for VDS which consists of vswitchRT flag and annotations for uplinks.",
"readonly": true,
"required": false,
"title": "Real Time Config for a VDS"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_port_names": {
"description": "The uniform name of uplink ports on each host.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Uplink port names",
"type": "array"
},
"uplink_portgroup": {
"$ref": "DistributedVirtualPortgroup,
"readonly": true,
"required": false,
"title": "Uplink portgroup of distributed virtual switch"
},
"uuid": {
"readonly": true,
"required": false,
"title": "UUID of the switch",
"type": "string"
}
},
"title": "DistributedVirtualSwitch on a VC",
"type": "object"
}
DistributedVirtualSwitchListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DistributedVirtualSwitchListResult",
"module_id": "InventoryCmObj",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DistributedVirtualSwitch
},
"required": true,
"title": "Distributed Virtual switch list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Distributed Virtual switch list result",
"type": "object"
}
DnsAnswer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The response for DNS nslookup.",
"id": "DnsAnswer",
"module_id": "DnsForwarder",
"properties": {
"answers": {
"description": "The answers of the query.",
"items": {
"$ref": "DnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "The answers of the query.",
"type": "array"
},
"authoritative_answers": {
"deprecated": true,
"description": "Authotitative answers of the query. This is a deprecated property, please use 'answers' instead.",
"items": {
"$ref": "DnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Authoritative answers",
"type": "array"
},
"dns_server": {
"description": "Dns server ip address and port, format is \"ip address#port\".",
"required": true,
"title": "DNS server information",
"type": "string"
},
"edge_node_id": {
"description": "ID of the edge node that performed the query.",
"required": true,
"title": "Edge node id",
"type": "string"
},
"non_authoritative_answers": {
"deprecated": true,
"description": "Non-authotitative answers of the query. This is a deprecated property, please use 'answers' instead.",
"items": {
"$ref": "DnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Non authoritative answers",
"type": "array"
},
"raw_answer": {
"description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.",
"required": false,
"title": "Raw message returned from the DNS forwarder",
"type": "string"
},
"source_ip": {
"$ref": "IPv4Address,
"description": "The source ip used in this lookup.",
"required": true,
"title": "The source ip used in this lookup"
}
},
"title": "Answer of dns nslookup",
"type": "object"
}
DnsClientConfig (type)
{
"description": "Dns config",
"id": "DnsClientConfig",
"module_id": "PolicyVpc",
"properties": {
"dns_server_ips": {
"description": "IPs of the DNS servers which need to be configured on the workload VMs",
"items": {
"type": "string"
},
"required": false,
"type": "array"
}
},
"title": "Dns configuration",
"type": "object"
}
DnsFailedQueries (type)
{
"additionalProperties": false,
"description": "The array of the failed DNS queries with entry count and timestamp on active and standby transport node.",
"id": "DnsFailedQueries",
"module_id": "DnsForwarder",
"properties": {
"per_node_failed_queries": {
"description": "The array of failed DNS queries on active and standby transport node. If there is no standby node, the failed queries on standby node will not be present.",
"items": {
"$ref": "PerNodeDnsFailedQueries
},
"readonly": true,
"required": false,
"title": "The array of failed DNS queries on active and standby transport node",
"type": "array"
},
"timestamp": {
"description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.",
"readonly": true,
"required": true,
"title": "Timestamp of the request",
"type": "string"
}
},
"title": "The array of failed DNS queries for active and standby transport node",
"type": "object"
}
DnsFailedQuery (type)
{
"description": "The summary of the failed DNS query. The query result represents a full query chain from client VM to dns forwarder, and upstream server if no forwarder cache was hit.",
"id": "DnsFailedQuery",
"module_id": "DnsForwarder",
"properties": {
"address": {
"description": "The address be queried, can be a FQDN or an ip address.",
"required": false,
"title": "The adddress be queried",
"type": "string"
},
"client_ip": {
"description": "The client host ip address from which the query was issued.",
"required": false,
"title": "The client host ip address from which the query was issued",
"type": "string"
},
"error_message": {
"description": "The detailed error message of the failed query, if any.",
"required": false,
"title": "The error message of the failed query",
"type": "string"
},
"error_type": {
"description": "The type of the query failure, e.g. NXDOMAIN, etc.",
"required": false,
"title": "The type of the failure",
"type": "string"
},
"forwarder_ip": {
"description": "The DNS forwarder ip address to which the query was first received.",
"required": false,
"title": "The DNS forwarder ip address to which the query was first received",
"type": "string"
},
"record_type": {
"description": "The record type be queried, e.g. A, CNAME, SOA, etc.",
"required": false,
"title": "The record type be queried",
"type": "string"
},
"source_ip": {
"description": "The source ip address that is used to forward a query to an upstream server.",
"required": false,
"title": "The source ip address for forwarding query",
"type": "string"
},
"time_spent": {
"description": "The time the query took before it got a failed answer, in ms.",
"required": false,
"title": "Time spent in the query, if applicable",
"type": "integer"
},
"timestamp": {
"description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.",
"required": true,
"title": "Timestamp of the request",
"type": "string"
},
"upstream_server_ip": {
"description": "The upstream server ip address to which the query was forwarded. If the query could not be serviced from the DNS forwarder cache, this property will contain the IP address of the DNS server that serviced the request. If the request was serviced from the cache, this property will be absent.",
"required": false,
"title": "The ip address to which the query was forwarded",
"type": "string"
}
},
"title": "The failed DNS query",
"type": "object"
}
DnsFailedQueryRequestParameters (type) (Deprecated)
{
"deprecated": true,
"description": "To specify how many failed DNS queries will be returned.",
"id": "DnsFailedQueryRequestParameters",
"module_id": "DnsForwarder",
"properties": {
"count": {
"default": 100,
"description": "How many failed DNS queries should be returned.",
"maximum": 1000,
"minimum": 1,
"required": false,
"title": "The count of the failed DNS queries",
"type": "integer"
}
},
"title": "The request parameters to get failed DNS queries",
"type": "object"
}
DnsForwarder (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "DnsForwarder",
"module_id": "DnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cache_size": {
"default": 1024,
"description": "One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache size can cache ~8 DNS answer entries, and the default 1024 KB cache size can hold ~8k DNS answer entries.",
"maximum": 16777216,
"minimum": 1,
"required": false,
"title": "Cache size in KB",
"type": "int"
},
"conditional_forwarders": {
"description": "The conditional zone forwarders. During matching a zone forwarder, the DNS forwarder will use the conditional fowarder with the longest domain name that matches the query.",
"items": {
"$ref": "ConditionalForwarderZone
},
"maxItems": 5,
"required": false,
"title": "Conditional zone forwarders",
"type": "array"
},
"default_forwarder": {
"$ref": "ForwarderZone,
"description": "The default zone forwarder that catches all other domain names except those matched by conditional forwarder zone.",
"required": true,
"title": "Default zone forwarder"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable/disable the forwarder",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"listener_ip": {
"$ref": "IPv4Address,
"description": "The ip address the DNS forwarder listens on. It can be an ip address already owned by the logical-router uplink port or router-link, or a loopback port ip address. But it can not be a downlink port address. User needs to ensure the address is reachable via router or NAT from both client VMs and upstream servers. User will need to create Firewall rules if needed to allow such traffic on a Tier-1 or Tier-0.",
"required": true,
"title": "Listener ip address"
},
"log_level": {
"default": "INFO",
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"FATAL"
],
"required": false,
"title": "Log level of the DNS forwarder",
"type": "string"
},
"logical_router_id": {
"description": "Specify the LogicalRouter where the DnsForwarder runs. The HA mode of the hosting LogicalRouter must be Active/Standby.",
"required": true,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DnsForwarderListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "DnsForwarderListResult",
"module_id": "DnsForwarder",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsForwarder
},
"required": true,
"title": "Paginated list of DNS forwarders",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DnsForwarderStatistics (type) (Deprecated)
{
"deprecated": true,
"description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders.",
"id": "DnsForwarderStatistics",
"module_id": "AggSvcDnsForwarder",
"properties": {
"conditional_forwarder_statistics": {
"items": {
"$ref": "PerForwarderStatistics
},
"maxItems": 5,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of conditional forwarders",
"type": "array"
},
"configured_cache_size": {
"readonly": true,
"title": "The configured cache size, in kb",
"type": "integer"
},
"default_forwarder_statistics": {
"$ref": "PerForwarderStatistics,
"readonly": true,
"title": "The statistics of default forwarder"
},
"error_message": {
"readonly": true,
"required": false,
"title": "Error message, if available",
"type": "string"
},
"queries_answered_locally": {
"readonly": true,
"title": "The totocal number of queries answered from local cache",
"type": "integer"
},
"queries_forwarded": {
"readonly": true,
"title": "The total number of forwarded dns queries",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current statistics, in ms"
},
"total_queries": {
"readonly": true,
"title": "The total number of received dns queries",
"type": "integer"
},
"used_cache_statistics": {
"items": {
"$ref": "PerNodeUsedCacheStatistics
},
"maxItems": 2,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of used cache",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder",
"type": "object"
}
DnsForwarderStatus (type) (Deprecated)
{
"deprecated": true,
"description": "The current runtime status of the DNS forwarder including the hosting transport nodes and forwarder service status.",
"id": "DnsForwarderStatus",
"module_id": "AggSvcDnsForwarder",
"properties": {
"active_node": {
"readonly": true,
"title": "Uuid of active transport node",
"type": "string"
},
"extra_message": {
"readonly": true,
"required": false,
"title": "Extra message, if available",
"type": "string"
},
"standby_node": {
"readonly": true,
"required": false,
"title": "Uuid of stand_by transport node. null if non-HA mode",
"type": "string"
},
"status": {
"description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The dns forwarder may be working (or not working). NO_BACKUP means dns forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP"
],
"readonly": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current status, in ms"
}
},
"title": "The current runtime status of DNS forwarder",
"type": "object"
}
DnsHeader (type)
{
"additionalProperties": false,
"id": "DnsHeader",
"module_id": "Traceflow",
"properties": {
"address": {
"description": "This is used to define what is being asked or responded.",
"format": "hostname-or-ip",
"required": false,
"title": "Domain name/IP to query/response",
"type": "string"
},
"address_type": {
"default": "V4",
"description": "This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA",
"enum": [
"V4",
"V6"
],
"required": false,
"title": null,
"type": "string"
},
"message_type": {
"default": "QUERY",
"enum": [
"QUERY",
"RESPONSE"
],
"required": false,
"title": "Specifies the message type whether it is a query or a response.",
"type": "string"
}
},
"type": "object"
}
DnsNameString (type)
{
"description": "DNS name string in the \"preferred name syntax\", as specified by Section 3.5 of [RFC1034] and as modified by Section 2.1 of [RFC1123].",
"id": "DnsNameString",
"maxLength": 200,
"module_id": "CertificateManager",
"title": "An IA5String instance for DNS Name",
"type": "string"
}
DnsQueryAnswer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "DnsQueryAnswer",
"module_id": "DnsForwarder",
"properties": {
"address": {
"description": "Can be resolved ip address.",
"required": false,
"title": "Matched ip address",
"type": "string"
},
"name": {
"description": "Matched name of the given address.",
"required": false,
"title": "Matched name",
"type": "string"
},
"raw_string": {
"description": "Unparsed answer string from raw_answer.",
"required": false,
"title": "Unparsed answer string",
"type": "string"
}
},
"title": "Answer of nslookup",
"type": "object"
}
DnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Used to configure DNS security profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ttl": {
"default": 86400,
"description": "Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet. User defined TTL value is used only when it is betweeen 3600 to 864000.",
"maximum": 864000,
"minimum": 0,
"required": false,
"title": "Time to live for DNS cache entry",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DNS security profile",
"type": "object"
}
DnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between DNS security profile and Group. With this entity, user can specify intent for applying DNS security profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "DnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number DNS Security Profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Binding Map for DNS Security Profile",
"type": "object"
}
DnsSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DnsSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DNS Security Profile Binding Map List Request Parameters",
"type": "object"
}
DnsSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DnsSecurityProfileBindingMapListResult",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfileBindingMap
},
"requried": true,
"title": "DNS Security Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DNS Security Profile Binding Map",
"type": "object"
}
DnsSecurityProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DnsSecurityProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfile
},
"required": true,
"title": "DnsSecurityProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of DnsSecurityProfile",
"type": "object"
}
DnsTtlConfig (type)
{
"description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.",
"id": "DnsTtlConfig",
"module_id": "FirewallProfile",
"properties": {
"dns_ttl_type": {
"description": "TTL type to decide how to manage ttl.",
"enum": [
"USE_TTL",
"AUTO",
"NEVER_EXPIRE"
],
"help_summary": "Use 'USE_TTL' to set custom ttl with the help of 'ttl' property.\nUse 'AUTO' to set ttl value from DNS response packet.\nUse 'NEVER_EXPIRE' to never expire cached entry.\n",
"required": true,
"title": "TTL type.",
"type": "string"
},
"ttl": {
"default": 86400,
"description": "The number of seconds that snooped DNS responses are retained in the cache. Used only when dns_ttl_type is USE_TTL.",
"maximum": 864000,
"minimum": 3600,
"required": false,
"title": "DNS server TTL",
"type": "integer"
}
},
"title": "DNS TTL config",
"type": "object"
}
Domain (type)
{
"additionalProperties": false,
"description": "Domain.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Domain",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildCommunicationMap",
"ChildDomainDeploymentMap",
"ChildEndpointPolicy",
"ChildForwardingPolicy",
"ChildGatewayPolicy",
"ChildGroup",
"ChildIdsGatewayPolicy",
"ChildIdsSecurityPolicy",
"ChildRedirectionPolicy",
"ChildSecurityPolicy"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain",
"type": "object"
}
DomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of domain to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "Path of enforcement point on which domain shall be enforced.",
"required": true,
"title": "Absolute path of enforcement point",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"DomainDeploymentMap"
],
"relationshipType": "DEPLOYMENT_MAP_ENFORCEMENT_POINT_RELATIONSHIP",
"rightType": [
"EnforcementPoint"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain Deployment Map",
"type": "object"
}
DomainDeploymentMapListRequestParameters (type)
{
"additionalProperties": false,
"description": "Domain Deployment Map list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DomainDeploymentMapListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain Deployment Map List Request Parameters",
"type": "object"
}
DomainDeploymentMapListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Domain Deployment Map.",
"extends": {
"$ref": "ListResult
},
"id": "DomainDeploymentMapListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Domain Deployment Map list result.",
"items": {
"$ref": "DomainDeploymentMap
},
"required": true,
"title": "Domain Deployment Map List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domain Deployment Map",
"type": "object"
}
DomainListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DomainListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain list request parameters",
"type": "object"
}
DomainListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DomainListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Domain
},
"required": true,
"title": "Domain list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domains",
"type": "object"
}
DonutConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Donut",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "DonutConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DonutConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"count": {
"description": "Expression to retrieve count to be shown on Donut.",
"title": "Expression to retrieve count to be shown on Donut",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_count": {
"default": true,
"description": "If true, displays the count of entities in the donut",
"title": "Show or hide the count of entities",
"type": "boolean"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Displayed at the middle of the donut, by default. It labels the entities of donut.",
"title": "Label of the Donut Configuration"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"sections": {
"decription": "High level logical grouping of portions or segments of donut.",
"items": {
"$ref": "DonutSection
},
"minItems": 1,
"required": true,
"title": "Sections",
"type": "array"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Donut Configuration",
"type": "object"
}
DonutPart (type)
{
"additionalProperties": false,
"description": "Represents an entity or portion to be plotted on a donut or stats chart.",
"id": "DonutPart",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the part will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"title": "Expression for evaluating condition",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "A numerical value that represents the portion or entity of the donut or stats chart.",
"maxLength": 1024,
"required": true,
"title": "Value of the portion or entity of donut or stats chart",
"type": "string"
},
"hide_empty_legend": {
"default": false,
"description": "If true, legend will be shown only if the data for the part is available. This is applicable only if legends are specified in widget configuration.",
"title": "Hide the legend if the data for the part is not available",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template.",
"title": "Label of the portion or entity of donut or stats chart"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the portion.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
}
},
"title": "Portion of a donut or stats chart",
"type": "object"
}
DonutSection (type)
{
"additionalProperties": false,
"description": "Represents high level logical grouping of portions or segments of a donut / stats chart.",
"id": "DonutSection",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"parts": {
"description": "Array of portions or parts of the donut or stats chart.",
"items": {
"$ref": "DonutPart
},
"minItems": 1,
"required": true,
"title": "Parts of a donut / stats chart",
"type": "array"
},
"row_list_field": {
"description": "Field of the root of the api result set for forming parts.",
"maxLength": 1024,
"title": "Field from which parts of the donut or stats chart are formed",
"type": "string"
},
"template": {
"default": false,
"description": "If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'.",
"title": "Template, if any, for automatically forming the donut or stats parts",
"type": "boolean"
}
},
"title": "Section of a donut or stats chart",
"type": "object"
}
DpuFailoverPolicy (type)
{
"additionalProperties": false,
"id": "DpuFailoverPolicy",
"module_id": "InventoryCmObj",
"properties": {
"active_uplinks": {
"description": "Array of configured active uplinks on DVS for DPU failover policy.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Active uplinks",
"type": "array"
},
"standby_uplinks": {
"description": "Array of configured standby uplinks on DVS for DPU failover policy.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Standby uplinks",
"type": "array"
}
},
"type": "object"
}
DpuInfo (type)
{
"description": "Details of data processing unit (DPU) present on a ESXi Host.",
"id": "DpuInfo",
"module_id": "FabricNode",
"properties": {
"dpu_id": {
"description": "Specifies Id of DPU.",
"readonly": true,
"required": true,
"title": "Id of DPU",
"type": "string"
},
"firmware_version": {
"description": "Specifies the firmware version of DPU.",
"readonly": true,
"required": false,
"title": "Firmware version of DPU",
"type": "string"
},
"is_primary": {
"description": "Specifies whether this is considered the primary DPU in the host.",
"readonly": true,
"required": false,
"title": "Primary flag of DPU",
"type": "boolean"
},
"model": {
"description": "Specifies the model of DPU.",
"readonly": true,
"required": false,
"title": "Model of the DPU",
"type": "string"
},
"os_version": {
"description": "Specifies the operating system version of DPU.",
"readonly": true,
"required": false,
"title": "Operating system version of DPU",
"type": "string"
},
"state": {
"description": "Specifies state of DPU.",
"enum": [
"UNAVAILABLE",
"UNMANAGED",
"UNUSED",
"MANAGED",
"INVALID"
],
"readonly": true,
"required": false,
"title": "State of DPU",
"type": "string"
},
"vendor": {
"description": "Specifies the vendor of DPU.",
"readonly": true,
"required": false,
"title": "Vendor of DPU",
"type": "string"
}
},
"title": "DPU information for a Host Transport node",
"type": "object"
}
DpuStatusProperties (type)
{
"id": "DpuStatusProperties",
"module_id": "ApplianceStats",
"properties": {
"cpu_cores": {
"description": "The number of CPU cores on the system.",
"readonly": true,
"title": "CPU core count",
"type": "integer"
},
"dpu_alias": {
"description": "DPU alias",
"readonly": true,
"title": "Data processing unit alias",
"type": "string"
},
"dpu_id": {
"readonly": true,
"title": "Data processing unit ID",
"type": "string"
},
"load_average": {
"description": "One, five, and fifteen minute load averages for the system.",
"items": {
"type": "number"
},
"readonly": true,
"title": "System load average",
"type": "array"
},
"mem_cache": {
"description": "Amount of RAM on the system that can be flushed out to disk, in kilobytes.",
"readonly": true,
"title": "Cached RAM size in kilobytes",
"type": "integer"
},
"mem_total": {
"description": "System Amount of RAM allocated to the system, in kilobytes.",
"readonly": true,
"title": "Total RAM size in kilobytes",
"type": "integer"
},
"mem_used": {
"description": "Amount of RAM in use on the system, in kilobytes.",
"readonly": true,
"title": "Used RAM size in kilobytes",
"type": "integer"
}
},
"title": "Data processing unit status properties",
"type": "object"
}
DriverConfig (type)
{
"extends": {
"$ref": "HighPerformanceConfig
},
"id": "DriverConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "DRIVER_CONFIG"
},
"properties": {
"driver_info": {
"items": {
"type": "string"
},
"title": "This is physical nic driver version.",
"type": "array"
},
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "These are driver specific configuration options.",
"type": "object"
}
DropdownFilterPlotConfiguration (type)
{
"additionalProperties": false,
"description": "Dropdown Filter plotting configuration.",
"extends": {
"$ref": "WidgetPlotConfiguration
},
"id": "DropdownFilterPlotConfiguration",
"module_id": "NsxDashboard",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"allow_search": {
"default": false,
"description": "Allow search on drop down filter.",
"title": "Allow search on drop down filter",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
}
},
"title": "Dropdown Filtert plotting configuration",
"type": "object"
}
DropdownFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for dropdown filter widget.",
"extends": {
"$ref": "FilterWidgetConfiguration
},
"id": "DropdownFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DropdownFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"default_value": {
"description": "Expression to specify default value of filter.",
"title": "Expression to specify default value",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"dropdown_filter_plot_config": {
"$ref": "DropdownFilterPlotConfiguration,
"description": "Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only.",
"required": false,
"title": "Dropdown filter plotting configuration"
},
"dropdown_item": {
"$ref": "DropdownItem,
"description": "Defines the item of a dropdown.",
"required": false,
"title": "Definition for item of a dropdown"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"placeholder_msg": {
"description": "Placeholder message to be displayed in dropdown filter.",
"title": "Placeholder message to be shown in filter",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"static_filter_condition": {
"description": "If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally.",
"title": "Expression for evaluating condition",
"type": "string"
},
"static_filters": {
"description": "Additional static items to be added in dropdown filter. Example can be 'ALL'.",
"items": {
"$ref": "StaticFilter
},
"title": "Additional static items to be added in dropdown filter",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Dropdown Filter widget Configuration",
"type": "object"
}
DropdownItem (type)
{
"additionalProperties": false,
"id": "DropdownItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"additional_value": {
"description": "An additional key-value pair for item to be display in dropdown.",
"required": false,
"title": "An additional value for item to be display in dropdown.",
"type": "object"
},
"display_name": {
"description": "expression to extract display name to be shown in the drop down.",
"maxLength": 1024,
"title": "Display name for item to be displayed in dropdown",
"type": "string"
},
"field": {
"description": "An expression that represents the items of the dropdown filter.",
"required": true,
"title": "Expression for dropdown items of filter",
"type": "string"
},
"short_display_name": {
"description": "Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used.",
"maxLength": 1024,
"title": "A property value to be shown once value is selected for a filter.",
"type": "string"
},
"value": {
"description": "Value of filter inside dropdown filter.",
"required": true,
"title": "Value for item to be displayed in dropdown",
"type": "string"
}
},
"title": "Dropdown item definition",
"type": "object"
}
Dscp (type) (Deprecated)
{
"deprecated": true,
"description": "Dscp value is ignored in case of 'TRUSTED' DscpMode.",
"id": "Dscp",
"module_id": "QosSwitchingProfile",
"properties": {
"mode": {
"$ref": "DscpMode
},
"priority": {
"default": 0,
"maximum": 63,
"minimum": 0,
"title": "Internal Forwarding Priority",
"type": "int"
}
},
"required": true,
"title": "One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer",
"type": "object"
}
DscpBit (type)
{
"additionalProperties": false,
"description": "To define the Dscp bit in Global In-band network telemetry configuration.",
"extends": {
"$ref": "DscpIndicator
},
"id": "DscpBit",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_BIT"
},
"properties": {
"dscp_bit": {
"description": "A DSCP bit is allocated to indicate the existence of INT header. It takes effect only when the INT indicator mode is DSCP_BIT. The user should guarantee that the given DSCP bit is specifically allocated for INT.",
"maximum": 5,
"minimum": 0,
"required": true,
"title": "DSCP bit for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DscpIndicator (type)
{
"abstract": true,
"additionalProperties": false,
"description": "The DscpIndicator is the base class for global In-band network telemetry configurations for different types in a NSX domain.",
"id": "DscpIndicator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "indicator_type"
},
"properties": {
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Abstract base type for Global In-band network telemetry configuration",
"type": "object"
}
DscpMode (type) (Deprecated)
{
"default": "TRUSTED",
"deprecated": true,
"enum": [
"TRUSTED",
"UNTRUSTED"
],
"id": "DscpMode",
"module_id": "QosSwitchingProfile",
"title": "Trust settings",
"type": "string"
}
DscpTrustMode (type)
{
"default": "TRUSTED",
"description": "When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port.",
"enum": [
"TRUSTED",
"UNTRUSTED"
],
"id": "DscpTrustMode",
"module_id": "PolicyQoS",
"title": "Trust settings",
"type": "string"
}
DscpValue (type)
{
"additionalProperties": false,
"description": "To define the Dscp value in Global In-band network telemetry configuration.",
"extends": {
"$ref": "DscpIndicator
},
"id": "DscpValue",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_VALUE"
},
"properties": {
"dscp_value": {
"description": "A DSCP value is allocated to indicate the existence of INT header. It takes effects only when the INT indicator mode is DSCP_VALUE. The user should guarantee that the given DSCP value is specifically allocated for INT.",
"maximum": 63,
"minimum": 1,
"required": true,
"title": "DSCP value for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DuplicateAddressBindingEntry (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "AddressBindingEntry
},
"id": "DuplicateAddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier,
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"conflicting_port": {
"description": "Provides the ID of the port on which the same address bidning exists",
"required": false,
"title": "ID of logical port with the same address binding",
"type": "string"
},
"source": {
"$ref": "AddressBindingSource,
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Duplicate address binding information",
"type": "object"
}
DuplicateIPDetection (type) (Deprecated)
{
"deprecated": true,
"id": "DuplicateIPDetection",
"module_id": "IpDiscoverySwitchingProfile",
"properties": {
"duplicate_ip_detection_enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Indicates whether duplicate IP detection should be enabled",
"type": "boolean"
}
},
"title": "Duplicate IP detection and control",
"type": "object"
}
DuplicateIPDetectionOptions (type)
{
"additionalProperties": false,
"description": "Contains dupliacte IP detection related discovery options.",
"id": "DuplicateIPDetectionOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"duplicate_ip_detection_enabled": {
"default": false,
"description": "Indicates whether duplicate IP detection should be enabled",
"required": false,
"title": "Duplicate IP detection",
"type": "boolean"
}
},
"title": "Controls duplicate IP detection options",
"type": "object"
}
Dvpg (type)
{
"additionalProperties": false,
"description": "DVPG details.",
"id": "Dvpg",
"module_id": "OverlayAdoption",
"properties": {
"data_center_id": {
"description": "Datacenter ID.",
"readonly": true,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": true,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"id": {
"description": "DVPG ID.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"name": {
"description": "DVPG name.",
"readonly": true,
"required": false,
"title": "DVPG name",
"type": "string"
},
"vds_id": {
"description": "VDS ID.",
"readonly": true,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": true,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "A single vlan ID or comma separated vlan ranges. Example - \"200\" or \"1-100,201-300\"",
"readonly": true,
"required": false,
"title": "VLAN ID",
"type": "string"
},
"vm_count": {
"description": "Number of vm's that belong to dvpg.",
"readonly": true,
"required": false,
"title": "Number of vm's",
"type": "int"
}
},
"title": "DVPG details",
"type": "object"
}
DvpgAggregateInfo (type)
{
"additionalProperties": false,
"description": "DVPG aggregate info.",
"id": "DvpgAggregateInfo",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode,
"description": "Assessment result for the resource.",
"readonly": true,
"required": false,
"title": "Assessment result for the resource"
},
"dvpg": {
"$ref": "Dvpg,
"description": "DVPG details",
"readonly": true,
"required": false,
"title": "DVPG details"
},
"migration_status": {
"$ref": "DvpgMigrationStatus,
"description": "DVPG migration status.",
"readonly": true,
"required": false,
"title": "DVPG migration status"
}
},
"title": "DVPG aggregate info",
"type": "object"
}
DvpgAggregateInfoListRequestParameters (type)
{
"description": "DVPG aggregate info list request parameters.",
"extends": {
"$ref": "DvpgListRequestParameters
},
"id": "DvpgAggregateInfoListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"assessment_result": {
"$ref": "ColorCode,
"description": "Assessment result for the resource.",
"readonly": false,
"required": false,
"title": "Assessment result for the resource"
},
"data_center_id": {
"description": "Datacenter ID.",
"readonly": false,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": false,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": false,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": false,
"required": false,
"title": "DVPG name",
"type": "string"
},
"migration_status": {
"$ref": "DvpgMigrationStatus,
"description": "DVPG migration status.",
"readonly": false,
"required": false,
"title": "DVPG migration status"
},
"vds_id": {
"description": "VDS ID.",
"readonly": false,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": false,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID.",
"readonly": false,
"required": false,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG aggregate info list request parameters",
"type": "object"
}
DvpgAggregateInfoListResult (type)
{
"additionalProperties": false,
"description": "List of DVPG aggregate info.",
"extends": {
"$ref": "ListResult
},
"id": "DvpgAggregateInfoListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of DVPG aggregate info.",
"items": {
"$ref": "DvpgAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of DVPG aggregate info",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of DVPG aggregate info",
"type": "object"
}
DvpgAndSegmentWorkflowResource (type)
{
"additionalProperties": false,
"description": "DVPG and segment workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "DvpgAndSegmentWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DvpgAndSegmentWorkflowResource"
},
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "DVPG and segment workflow resource",
"type": "object"
}
DvpgAndSubnetMigrationUnit (type)
{
"additionalProperties": false,
"description": "DVPG and subnet migration unit.",
"id": "DvpgAndSubnetMigrationUnit",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_and_subnet_to_segment_migration_info_list": {
"description": "Collection of DVPG and subnet migration to segment migration info.",
"items": {
"$ref": "DvpgAndSubnetToSegmentMigrationInfo
},
"readonly": true,
"required": false,
"title": "Collection of DVPG and subnet migration to segment migration info",
"type": "array"
},
"ip_subnets": {
"$ref": "VnicIpSubnets,
"description": "A VnicIpSubnets shared by vNICs connected to a DVPG.",
"readonly": true,
"required": false,
"title": "A VnicIpSubnets shared by vNICs connected to a DVPG"
},
"migration_status": {
"$ref": "DvpgAndSubnetMigrationUnitStatus,
"description": "DVPG and subnet unit migration status.",
"readonly": true,
"required": false,
"title": "DVPG and subnet unit migration status"
},
"vm_count": {
"description": "Number of VMs connected to a DVPG in the subnets specified by the the property \"subnets\".",
"readonly": true,
"required": false,
"title": "Number of VMs connected to a DVPG in the subnets",
"type": "int"
}
},
"title": "DVPG and subnet migration unit",
"type": "object"
}
DvpgAndSubnetMigrationUnitStatus (type)
{
"description": "DVPG and subnet migration unit status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgAndSubnetMigrationUnitStatus",
"module_id": "OverlayAdoption",
"title": "DVPG and subnet migration unit status",
"type": "string"
}
DvpgAndSubnetToSegmentMigrationInfo (type)
{
"additionalProperties": false,
"description": "DVPG and subnet to segment migration info.",
"id": "DvpgAndSubnetToSegmentMigrationInfo",
"module_id": "OverlayAdoption",
"properties": {
"migration_status": {
"$ref": "DvpgAndSubnetToSegmentMigrationStatus,
"description": "DVPG and subnet to segment migration status.",
"readonly": true,
"required": false,
"title": "DVPG and subnet to segment migration status"
},
"segment_path": {
"description": "Segment path.",
"readonly": true,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "DVPG and subnet to segment migration info",
"type": "object"
}
DvpgAndSubnetToSegmentMigrationStatus (type)
{
"description": "DVPG and subnet to segment migration status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgAndSubnetToSegmentMigrationStatus",
"module_id": "OverlayAdoption",
"title": "DVPG and subnet to segment migration status",
"type": "string"
}
DvpgIdAndSegmentPathPair (type)
{
"additionalProperties": false,
"description": "DVPG ID and Segment path pair.",
"id": "DvpgIdAndSegmentPathPair",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "DVPG ID and Segment path pair",
"type": "object"
}
DvpgListRequestParameters (type)
{
"description": "DVPG list request parameters",
"id": "DvpgListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"data_center_id": {
"description": "Datacenter ID.",
"readonly": false,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": false,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": false,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": false,
"required": false,
"title": "DVPG name",
"type": "string"
},
"vds_id": {
"description": "VDS ID.",
"readonly": false,
"required": false,
"title": "VDS ID",
"type": "string"
},
"vds_name": {
"description": "VDS name.",
"readonly": false,
"required": false,
"title": "VDS name",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID.",
"readonly": false,
"required": false,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG list request parameters",
"type": "object"
}
DvpgListResult (type)
{
"additionalProperties": false,
"description": "List of DVPGs.",
"extends": {
"$ref": "ListResult
},
"id": "DvpgListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of DVPGs.",
"items": {
"$ref": "Dvpg
},
"readonly": true,
"required": true,
"title": "Paged collection of DVPGs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of DVPGs",
"type": "object"
}
DvpgMappingInfo (type)
{
"additionalProperties": false,
"description": "Mapping info for a DVPG to which an overlay segment has been bridged.",
"id": "DvpgMappingInfo",
"module_id": "OverlayAdoption",
"properties": {
"bridge_profile_path": {
"description": "Policy path of the L2 bridge profile that has been used for bridging the segment and DVPG",
"readonly": true,
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"bridging_mode": {
"$ref": "BridgingMode,
"description": "Bridging mode.",
"readonly": true,
"required": true,
"title": "Bridging mode"
},
"dvpg_id": {
"description": "DVPG ID to which the overlay segment has been bridged.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"dvpg_name": {
"description": "DVPG name.",
"readonly": true,
"required": true,
"title": "DVPG name",
"type": "string"
},
"ipv4_subnet": {
"description": "IPv4 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed.",
"readonly": true,
"required": false,
"title": "IPv4 subnet of some/all vNICs connected to the DVPG",
"type": "string"
},
"ipv6_subnet": {
"description": "IPv6 subnet of some/all vNICs connected to the DVPG. This value would have been provided when extend DVPG workflow was performed.",
"readonly": true,
"required": false,
"title": "IPv6 subnet of some/all vNICs connected to the DVPG",
"type": "string"
},
"vlan_id": {
"description": "VLAN ID of the DVPG that has been bridged to overlay segment.",
"readonly": true,
"required": true,
"title": "VLAN ID",
"type": "string"
}
},
"title": "DVPG mapping info",
"type": "object"
}
DvpgMigrationInfo (type)
{
"additionalProperties": false,
"description": "Detailed DVPG migration info.",
"id": "DvpgMigrationInfo",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_and_subnet_migration_units": {
"description": "Collection of DVPG and subnet migration units.",
"items": {
"$ref": "DvpgAndSubnetMigrationUnit
},
"readonly": true,
"required": false,
"title": "Collection of DVPG and subnet migration units",
"type": "array"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": true,
"required": true,
"title": "DVPG ID",
"type": "string"
}
},
"title": "DVPG migration info",
"type": "object"
}
DvpgMigrationInfoRequestParameters (type)
{
"description": "DVPG migration info request parameters.",
"id": "DvpgMigrationInfoRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
}
},
"title": "DVPG migration info request parameters",
"type": "object"
}
DvpgMigrationStatus (type)
{
"description": "DVPG migration status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"id": "DvpgMigrationStatus",
"module_id": "OverlayAdoption",
"title": "DVPG migration status",
"type": "string"
}
DvpgWorkflowResource (type)
{
"additionalProperties": false,
"description": "DVPG workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "DvpgWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "DvpgWorkflowResource"
},
"properties": {
"dvpg_id": {
"description": "DVPG Id.",
"readonly": false,
"required": true,
"title": "DVPG Id",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "DVPG workflow resource",
"type": "object"
}
DynamicContentFilterQueryParameter (type)
{
"additionalProperties": false,
"id": "DynamicContentFilterQueryParameter",
"properties": {
"scope": {
"enum": [
"NAPP"
],
"title": "Restrict scope of dynamic content filters to report",
"type": "string"
}
},
"type": "object"
}
DynamicContentFilterValue (type)
{
"id": "DynamicContentFilterValue",
"title": "Support bundle dynamic content filter allowed values, for example, NAPP:SERVICE:PLATFORM_SERVICES",
"type": "string"
}
DynamicContentFilters (type)
{
"additionalProperties": false,
"id": "DynamicContentFilters",
"properties": {
"dynamic_content_filters": {
"description": "These filter values will be set by the remote node like the NSX Intelligence Platform for instance. We would not need to know or act on these dynamic content filters, except for passing them on as request parameters along with the support bundle collection API.",
"items": {
"$ref": "DynamicContentFilterValue
},
"title": "Support bundle content filter allowed values",
"type": "array"
}
},
"type": "object"
}
DynamicPluginFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "DynamicPluginFileProperties",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"file_name": {
"display": {
"order": 2
},
"required": true,
"title": "File name",
"type": "string"
},
"plugin_path": {
"display": {
"order": 1
},
"required": true,
"title": "Plugin id",
"type": "string"
},
"status": {
"display": {
"order": 3
},
"enum": [
"SUCCESS",
"FAILURE"
],
"required": true,
"title": "Upload status",
"type": "string"
}
},
"title": "Plugin file properties",
"type": "object"
}
EPActionForDnsForwarderRequestParameters (type)
{
"id": "EPActionForDnsForwarderRequestParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"action": {
"description": "The valid DNS forwarder actions to be performed on EP are, - clear_cache: Clear the current cache of the dns forwarder from specified enforcement point.",
"enum": [
"clear_cache"
],
"required": true,
"title": "An action to be performed for DNS forwarder on EP",
"type": "string"
},
"enforcement_point_path": {
"default": "/infra/sites/default/enforcement-points/default",
"description": "An enforcement point path, on which the action is to be performed. If not specified, default enforcement point path, /infra/sites/default/enforcement-points/default will be considered.",
"required": false,
"title": "An enforcement point path, on which the action is to be performed",
"type": "string"
}
},
"type": "object"
}
EULAAcceptance (type)
{
"additionalProperties": false,
"description": "Indicate the status of End User License Agreement acceptance",
"extends": {
"$ref": "ManagedResource
},
"id": "EULAAcceptance",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptance": {
"description": "Acceptance status of End User License Agreement",
"required": true,
"title": "End User License Agreement acceptance status",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA acceptance status",
"type": "object"
}
EULAContent (type)
{
"additionalProperties": false,
"description": "End User License Agreement content",
"extends": {
"$ref": "ManagedResource
},
"id": "EULAContent",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"content": {
"description": "Content of End User License Agreement",
"required": true,
"sensitive": true,
"title": "End User License Agreement content",
"type": "secure_string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA content",
"type": "object"
}
EULAOutputFormatRequestParameters (type)
{
"additionalProperties": false,
"description": "Indicate output format of End User License Agreement content",
"extends": {
"$ref": "ListRequestParameters
},
"id": "EULAOutputFormatRequestParameters",
"module_id": "EULA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"value_format": {
"title": "End User License Agreement content output format",
"type": "string"
}
},
"type": "object"
}
EdgeCluster (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "EdgeCluster",
"module_id": "EdgeClusters",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_rules": {
"description": "Set of allocation rules and respected action for auto placement of logical router, DHCP and MDProxy on edge cluster members.",
"items": {
"$ref": "AllocationRule
},
"required": false,
"title": "Allocation rules for auto placement",
"type": "array"
},
"cluster_profile_bindings": {
"items": {
"$ref": "ClusterProfileTypeIdEntry
},
"required": false,
"title": "Edge cluster profile bindings",
"type": "array"
},
"deployment_type": {
"$ref": "EdgeDeploymentType,
"description": "This field is a readonly field which shows the deployment_type of members. It returns UNKNOWN if there are no members, and returns VIRTUAL_MACHINE| PHYSICAL_MACHINE if all edge members are VIRTUAL_MACHINE|PHYSICAL_MACHINE. It returns HYBRID if the cluster contains edge members of both types VIRTUAL_MACHINE and PHYSICAL_MACHINE.",
"readonly": true,
"required": false,
"title": "Edge cluster deployment type"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_inter_site_forwarding": {
"description": "Flag should be only use in federation for inter site l2 and l3 forwarding. Before enabling this flag, all the edge cluster members must have remote tunnel endpoint configured. TIER0/TIER1 logical routers managed by GM must be associated with edge cluster which has inter-site forwarding enabled.",
"readonly": true,
"title": "Flag to enable inter site forwarding",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_node_type": {
"$ref": "EdgeClusterNodeType,
"description": "Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes.",
"readonly": true,
"required": false,
"title": "Node type of the cluster members"
},
"members": {
"description": "EdgeCluster only supports homogeneous members. These member should be backed by either EdgeNode or PublicCloudGatewayNode. TransportNode type of these nodes should be the same. DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is recommended to be the same. EdgeCluster supports members of different deployment types.",
"items": {
"$ref": "EdgeClusterMember
},
"required": false,
"title": "Edge cluster members",
"type": "array"
},
"node_rtep_ips": {
"description": "List of remote tunnel endpoint ipaddress configured on edge cluster for each transport node.",
"items": {
"$ref": "NodeRtepIpsConfig
},
"readonly": true,
"required": false,
"title": "Remote tunnel endpoint ip address.",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
EdgeClusterAllocationStatus (type)
{
"additionalProperties": false,
"description": "Allocation details of cluster and its members. Contains information of the edge nodes present in cluster, active and standby services of each node, utilization details of configured sub-pools. These allocation details can be monitored by customers to trigger migration of certain service contexts to different edge nodes, to balance the utilization of edge node resources.",
"id": "EdgeClusterAllocationStatus",
"module_id": "EdgeClusters",
"properties": {
"display_name": {
"readonly": true,
"title": "Display name of the edge cluster",
"type": "string"
},
"id": {
"description": "System allotted UUID of edge cluster.",
"readonly": true,
"title": "Unique identifier of edge cluster",
"type": "string"
},
"member_count": {
"description": "Represents the number of edge nodes in the cluster.",
"readonly": true,
"title": "Count of edge nodes present in the cluster",
"type": "int"
},
"members": {
"description": "Allocation details of edge nodes present in the cluster.",
"items": {
"$ref": "EdgeMemberAllocationStatus
},
"readonly": true,
"title": "Allocation Status of edge nodes",
"type": "array"
}
},
"title": "Allocationd details of edge cluster",
"type": "object"
}
EdgeClusterInterSiteStatus (type)
{
"additionalProperties": false,
"id": "EdgeClusterInterSiteStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"edge_cluster_id": {
"description": "Id of the edge cluster whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge cluster id",
"type": "string"
},
"edge_cluster_name": {
"description": "Name of the edge cluster whose status is being reported.",
"readonly": true,
"title": "Edge cluster name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the edge cluster inter-site status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"description": "Per edge node inter-site status.",
"items": {
"$ref": "EdgeClusterMemberInterSiteStatus
},
"readonly": true,
"title": "Per edge node inter-site status",
"type": "array"
},
"overall_status": {
"description": "Overall status of all edge nodes IBGP status in the edge cluster.",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN",
"CONFIGURED"
],
"readonly": true,
"title": "Overall IBGP status in the edge cluster",
"type": "string"
}
},
"type": "object"
}
EdgeClusterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EdgeClusterListResult",
"module_id": "EdgeClusters",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EdgeCluster
},
"required": true,
"title": "Edge cluster list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EdgeClusterMember (type)
{
"additionalProperties": false,
"id": "EdgeClusterMember",
"module_id": "EdgeClusters",
"properties": {
"description": {
"description": "description of edge cluster member",
"required": false,
"title": "description of edge cluster member",
"type": "string"
},
"display_name": {
"description": "display name of edge cluster member",
"required": false,
"title": "display name of edge cluster member",
"type": "string"
},
"member_index": {
"description": "System generated index for cluster member",
"readonly": true,
"required": false,
"title": "System generated index for cluster member",
"type": "int"
},
"transport_node_id": {
"description": "Identifier of the transport node backed by an Edge node",
"required": true,
"title": "UUID of edge transport node",
"type": "string"
}
},
"type": "object"
}
EdgeClusterMemberAllocationPool (type)
{
"abstract": true,
"additionalProperties": false,
"id": "EdgeClusterMemberAllocationPool",
"module_id": "LogicalRouter",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "allocation_pool_type"
},
"properties": {
"allocation_pool_type": {
"$ref": "AllocationPoolType,
"required": true
}
},
"type": "object"
}
EdgeClusterMemberAllocationProfile (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberAllocationProfile",
"module_id": "LogicalRouter",
"properties": {
"allocation_pool": {
"$ref": "EdgeClusterMemberAllocationPool,
"description": "Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router.",
"required": false,
"title": "Edge Cluster Member Allocation Pool for logical router"
},
"allocation_type": {
"description": "Allocation type is used to specify the mode used to allocate the LR. This is populated only for TIER1 logical router and for TIER0 this will be null.",
"enum": [
"MANUAL",
"AUTO"
],
"readonly": true,
"required": false,
"title": "Resource allocation type",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable the auto-relocation of standby service router running on edge cluster and node associated with the logical router. Only dynamically allocated tier1 logical routers are considered for the relocation.",
"required": false,
"title": "Flag to enable standby service router relocation",
"type": "boolean"
}
},
"type": "object"
}
EdgeClusterMemberIndex (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberIndex",
"module_id": "EdgeClusters",
"properties": {
"member_index": {
"description": "Index for cluster member",
"required": true,
"title": "Index for cluster member",
"type": "int"
}
},
"type": "object"
}
EdgeClusterMemberInterSiteStatus (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberInterSiteStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"established_bgp_sessions": {
"description": "Total number of current established inter-site IBGP sessions.",
"readonly": true,
"title": "Established inter-site IBGP sessions",
"type": "integer"
},
"neighbor_status": {
"description": "Inter-site BGP neighbor status.",
"items": {
"$ref": "BgpNeighborStatusLiteDto
},
"readonly": true,
"title": "BGP neighbor status",
"type": "array"
},
"status": {
"description": "Edge node IBGP status",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Edge node IBGP status",
"type": "string"
},
"total_bgp_sessions": {
"description": "Total number of inter-site IBGP sessions.",
"readonly": true,
"title": "Total inter-site IBGP sessions",
"type": "integer"
},
"transport_node": {
"$ref": "ResourceReference,
"description": "Edge node details from where the status is being retrived.",
"readonly": true,
"required": true,
"title": "Transport node"
}
},
"type": "object"
}
EdgeClusterMemberStatus (type)
{
"id": "EdgeClusterMemberStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"status": {
"enum": [
"UP",
"DOWN",
"ADMIN_DOWN",
"PARTIALLY_DISCONNECTED",
"UNKNOWN"
],
"required": true,
"title": "Status of an edge node",
"type": "string"
},
"transport_node": {
"$ref": "ResourceReference,
"description": "Transport node backed by an Edge node.",
"required": true,
"title": "UUID of edge transport node"
}
},
"type": "object"
}
EdgeClusterMemberTransportNode (type)
{
"additionalProperties": false,
"id": "EdgeClusterMemberTransportNode",
"module_id": "EdgeClusters",
"properties": {
"member_index": {
"description": "System generated index for cluster member",
"required": true,
"title": "System generated index for cluster member",
"type": "int"
},
"transport_node_id": {
"description": "Identifier of the transport node backed by an Edge node",
"required": true,
"title": "UUID of edge transport node",
"type": "string"
}
},
"type": "object"
}
EdgeClusterNodeType (type)
{
"enum": [
"EDGE_NODE",
"PUBLIC_CLOUD_GATEWAY_NODE",
"UNKNOWN"
],
"id": "EdgeClusterNodeType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge cluster node type.",
"type": "string"
}
EdgeClusterState (type)
{
"description": "This holds the state of Edge Cluster. If there are errors in realizing EC outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "EdgeClusterState",
"module_id": "EdgeClusters",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Edge Cluster.",
"type": "object"
}
EdgeClusterStatus (type)
{
"id": "EdgeClusterStatus",
"module_id": "AggSvcEdgeCluster",
"properties": {
"edge_cluster_id": {
"description": "Id of the edge cluster whose status is being reported",
"required": true,
"title": "Edge cluster id",
"type": "string"
},
"edge_cluster_status": {
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"required": true,
"title": "Status of an edge node",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the cluster status was last updated",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"additionalProperties": false,
"items": {
"$ref": "EdgeClusterMemberStatus
},
"readonly": true,
"title": "Per Edge Node Status",
"type": "array"
}
},
"type": "object"
}
EdgeConfigDiagnosis (type)
{
"additionalProperties": false,
"id": "EdgeConfigDiagnosis",
"properties": {
"failed": {
"$ref": "FailedOrWarningConfig,
"required": true,
"title": "Failed Config",
"type": "object"
},
"passed": {
"items": {
"$ref": "ConfigType
},
"required": true,
"title": "Passed Config",
"type": "array"
},
"warning": {
"$ref": "FailedOrWarningConfig,
"required": true,
"title": "Config Warning",
"type": "object"
}
},
"type": "object"
}
EdgeConfigurationState (type)
{
"additionalProperties": false,
"description": "This contains fields that captures state of Trackable entities. Edge and VPN state entities extend this object.",
"extends": {
"$ref": "ConfigurationState
},
"id": "EdgeConfigurationState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Configuration State for Edge and VPN entities.",
"type": "object"
}
EdgeDataplaneCpuStats (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneCpuStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cores": {
"description": "Statistics of CPU cores",
"items": {
"$ref": "CpuStats
},
"maxItems": 64,
"title": "Statistics of CPU cores",
"type": "array"
},
"datapath_cores_mode": {
"description": "Mode of how the datapath cores get the packets from driver",
"readonly": true,
"title": "Datapath core mode",
"type": "string"
}
},
"title": "Information about Edge Dataplane CPU Stats",
"type": "object"
}
EdgeDataplaneCtrlPrioSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneCtrlPrioSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"ctrl_prio_enabled": {
"description": "Control packet prioritization setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane control packet prioritization setting.",
"type": "object"
}
EdgeDataplaneFlow (type)
{
"additionalProperties": false,
"id": "EdgeDataplaneFlow",
"properties": {
"dst_ip": {
"description": "Destination IP of the flow",
"title": "Destination IP",
"type": "string"
},
"dst_port": {
"description": "Destination port of the flow",
"title": "Destination port",
"type": "integer"
},
"proto": {
"description": "Protocol of the flow",
"title": "Protocol",
"type": "integer"
},
"src_ip": {
"description": "Source IP of the flow",
"title": "Source IP",
"type": "string"
},
"src_port": {
"description": "Source port of the flow",
"title": "Source port",
"type": "integer"
},
"tunnel_dst_ip": {
"description": "Tunnel destination IP of the flow",
"title": "Tunnel destination IP",
"type": "string"
},
"tunnel_src_ip": {
"description": "Tunnel source IP of the flow",
"title": "Tunnel source IP",
"type": "string"
}
},
"title": "Edge dataplane flow record",
"type": "object"
}
EdgeDataplaneFlowCacheSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneFlowCacheSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"flow_cache_enabled": {
"description": "Flow cache setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane Flow Cache mode.",
"type": "object"
}
EdgeDataplaneFlowMonitorMessage (type)
{
"additionalProperties": false,
"id": "EdgeDataplaneFlowMonitorMessage",
"properties": {
"message": {
"description": "Edge dataplane flow monitor message",
"title": "Message",
"type": "string"
}
},
"title": "Edge dataplane flow monitor message",
"type": "object"
}
EdgeDataplaneFlowMonitorStartSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneFlowMonitorStartSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"core_id": {
"description": "Flow monitor core id",
"title": "Core id",
"type": "string"
},
"timeout": {
"default": "15",
"description": "Flow monitor timeout in seconds",
"title": "Timeout for flow monitor in seconds, in the range of 1 - 600.",
"type": "string"
}
},
"title": "Information about Edge Dataplane flow monitor start setting.",
"type": "object"
}
EdgeDataplaneFlowQueryParameters (type)
{
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "EdgeDataplaneFlowQueryParameters",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"top_10": {
"default": false,
"description": "Collect top 10 flows when set to true, else collect all flows.",
"title": "Collect top 10 flows when set to true",
"type": "boolean"
}
},
"type": "object"
}
EdgeDataplaneFwContexts (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneFwContexts",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"results": {
"description": "Firewall context",
"items": {
"$ref": "FwContexts
},
"maxItems": 4096,
"title": "Firewall Context",
"type": "array"
}
},
"title": "Information about Edge Dataplane firewall contexts",
"type": "object"
}
EdgeDataplaneGeneveCbitSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneGeneveCbitSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"geneve_cbit_set": {
"description": "geneve critical bit setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane geneve cbit setting.",
"type": "object"
}
EdgeDataplaneIntrModeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneIntrModeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"intr_mode_enabled": {
"description": "interrupt mode setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane interrupt mode setting.",
"type": "object"
}
EdgeDataplaneL2vpnPmtuSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneL2vpnPmtuSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"l2vpn_pmtu_enabled": {
"description": "l2vpn pmtu setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane l2vpn pmtu message generation setting.",
"type": "object"
}
EdgeDataplanePmtuLearningSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplanePmtuLearningSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"pmtu_learning_enabled": {
"description": "l3vpn pmtu setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane pmtu learning setting.",
"type": "object"
}
EdgeDataplaneQatAdminSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneQatAdminSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"qat_admin_enabled": {
"description": "QAT feature enabled setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane QAT feature enabled setting.",
"type": "object"
}
EdgeDataplaneQatAdminSettingResponse (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneQatAdminSettingResponse",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"update_message": {
"description": "Message to display after setting QAT feature",
"readonly": true,
"title": "Datapath QAT enable CLI message",
"type": "string"
}
},
"title": "Information about Edge Dataplane QAT feature enabled setting.",
"type": "object"
}
EdgeDataplaneQatStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneQatStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"admin_status": {
"description": "QAT device enabled",
"readonly": true,
"title": "QAT enabled",
"type": "boolean"
},
"device_present": {
"description": "QAT device present",
"readonly": true,
"title": "QAT present",
"type": "boolean"
},
"fips_compliant": {
"description": "FIPS compliance of QAT feature",
"readonly": true,
"title": "FIPS compliance",
"type": "boolean"
},
"is_vm": {
"description": "Edge is deployed in VM",
"readonly": true,
"title": "VM deployment",
"type": "boolean"
},
"operational_status": {
"description": "QAT device currently running",
"readonly": true,
"title": "QAT running",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane QAT status",
"type": "object"
}
EdgeDataplaneQueueNumPerPortPerCoreSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneQueueNumPerPortPerCoreSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"queue_num_per_port_per_core": {
"description": "queue number per port per core",
"maximum": 16,
"minimum": 1,
"type": "integer"
}
},
"title": "Information about Edge Dataplane queue num per port per core setting.",
"type": "object"
}
EdgeDataplaneRingSize (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneRingSize",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"rx_ring_size": {
"description": "rx ring size",
"type": "integer"
},
"tx_ring_size": {
"description": "tx ring size",
"type": "integer"
}
},
"title": "Information about Edge physical port ring size.",
"type": "object"
}
EdgeDataplaneRingSizeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneRingSizeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"ring_size": {
"description": "ring size",
"type": "integer"
}
},
"title": "Information about Edge physical port ring size setting.",
"type": "object"
}
EdgeDataplaneTopKFlowQueryParameters (type)
{
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "EdgeDataplaneTopKFlowQueryParameters",
"properties": {
"core_id": {
"description": "CPU core on which the flows are to be monitored",
"maximum": 128,
"minimum": 0,
"title": "CPU core on which the flows are to be monitored",
"type": "integer"
},
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"timeout": {
"default": 30,
"description": "Timeout for flow monitor in seconds",
"maximum": 120,
"minimum": 1,
"title": "Timeout for flow monitor in seconds",
"type": "integer"
}
},
"type": "object"
}
EdgeDataplaneTopKFlows (type)
{
"id": "EdgeDataplaneTopKFlows",
"properties": {
"flow_count": {
"description": "Count of flow records in the result",
"title": "Count of flow records",
"type": "integer"
},
"flows": {
"description": "Array of flow records",
"items": {
"$ref": "EdgeDataplaneFlow
},
"title": "Array of flow records",
"type": "array"
}
},
"title": "Edge dataplane top-k flow dump",
"type": "object"
}
EdgeDataplaneUptModeSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "EdgeDataplaneUptModeSetting",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"upt_mode_enabled": {
"default": false,
"description": "UPT (Uniform Pass Thru) mode setting",
"type": "boolean"
}
},
"title": "Information about Edge Dataplane UPT mode setting.",
"type": "object"
}
EdgeDeploymentType (type)
{
"enum": [
"VIRTUAL_MACHINE",
"PHYSICAL_MACHINE",
"UNKNOWN"
],
"id": "EdgeDeploymentType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge deployment type.",
"type": "string"
}
EdgeDiagnosis (type)
{
"additionalProperties": false,
"id": "EdgeDiagnosis",
"properties": {
"config": {
"$ref": "EdgeConfigDiagnosis,
"required": true,
"title": "Edge Config Diagnosis",
"type": "object"
},
"ha-state": {
"enum": [
"disabled",
"offline",
"discover",
"statesync",
"inactive",
"active",
"unknown"
],
"required": true,
"title": "HA State",
"type": "string"
}
},
"type": "object"
}
EdgeDiagnosisInconsistency (type)
{
"id": "EdgeDiagnosisInconsistency",
"properties": {
"detail": {
"description": "NSX Edge inconsistency check detail",
"items": {
"type": "string"
},
"title": "NSX Edge inconsistency check detail",
"type": "array"
},
"title": {
"description": "NSX Edge inconsistency check type",
"title": "NSX Edge inconsistency check type",
"type": "string"
}
},
"title": "NSX Edge inconsistency check",
"type": "object"
}
EdgeDiagnosisInconsistencyResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "EdgeDiagnosisInconsistencyResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EdgeDiagnosisInconsistency
},
"title": "NSX Edge inconsistency check result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSX Edge inconsistency check result",
"type": "object"
}
EdgeFormFactor (type)
{
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE"
],
"id": "EdgeFormFactor",
"module_id": "EdgeCommonTypes",
"title": "Supported edge form factor.",
"type": "string"
}
EdgeHighAvailabilityProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ClusterProfile
},
"id": "EdgeHighAvailabilityProfile",
"module_id": "EdgeHighAvailabilityProfile",
"polymorphic-type-descriptor": {
"type-identifier": "EdgeHighAvailabilityProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_allowed_hops": {
"default": 255,
"maximum": 255,
"minimum": 1,
"required": false,
"title": "BFD allowed hops",
"type": "integer"
},
"bfd_declare_dead_multiple": {
"default": 3,
"maximum": 16,
"minimum": 2,
"required": false,
"title": "Number of times a packet is missed before BFD declares the neighbor down.",
"type": "integer"
},
"bfd_probe_interval": {
"default": 500,
"maximum": 60000,
"minimum": 50,
"required": false,
"title": "the time interval (in millisec) between probe packets for heartbeat purpose",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ClusterProfileType,
"help_summary": "The cluster profile type.",
"required": true
},
"standby_relocation_config": {
"$ref": "StandbyRelocationConfig,
"required": false,
"title": "Standby service contexts relocation setting"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for BFD HA cluster setting",
"type": "object"
}
EdgeIPSecDetermRSSSetting (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "EdgeIPSecDetermRSSSetting",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"deterministic_esp_rss": {
"description": "Deterministically queue ESP packets to CPU queues, to achieve higher throughout.",
"title": "Deterministic ESP RSS Config",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Information about Edge IPSec Deterministic RSS Setting.",
"type": "object"
}
EdgeIPSecDetermRSSValues (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "EdgeIPSecDetermRSSValues",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"deterministic_esp_rss_driver_status": {
"description": "Shows driver status of deterministic esp rss feature.",
"enum": [
"ENABLED",
"DISABLED"
],
"title": "Deterministic ESP RSS Driver Status",
"type": "string"
},
"deterministic_esp_rss_enabled": {
"description": "Shows configured value of deterministic esp rss feature.",
"title": "Deterministic ESP RSS Config Status",
"type": "boolean"
},
"deterministic_esp_rss_status": {
"description": "Shows runtime status of deterministic esp rss feature.",
"enum": [
"ENABLED",
"DISABLED"
],
"title": "Deterministic ESP RSS Runtime Status",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Information about Edge IPSec Deterministic RSS Values.",
"type": "object"
}
EdgeInconsistencyQueryParameters (type)
{
"additionalProperties": false,
"id": "EdgeInconsistencyQueryParameters",
"properties": {
"cursor": {
"description": "A cursor points to a specific record in the inconsistency check result",
"minimum": 0,
"required": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "integer"
},
"page_size": {
"description": "The page size determines the number of records to be returned",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
}
},
"type": "object"
}
EdgeMemberAllocationStatus (type)
{
"additionalProperties": false,
"id": "EdgeMemberAllocationStatus",
"module_id": "EdgeClusters",
"properties": {
"allocated_services": {
"description": "List of services allocated on the edge node.",
"items": {
"$ref": "AllocatedService
},
"readonly": true,
"title": "Services allocated on edge node",
"type": "array"
},
"allocation_pools": {
"description": "Allocation details of pools defined on the edge node.",
"items": {
"$ref": "AllocationPool
},
"readonly": true,
"title": "Pool Allocation details",
"type": "array"
},
"member_index": {
"description": "System generated index for transport node backed by edge node.",
"readonly": true,
"title": "System generated index for cluster member",
"type": "int"
},
"node_display_name": {
"description": "Display name of edge cluster member. Defaults to ID if not set.",
"readonly": true,
"title": "Identifier to use when displaying cluster member in logs or GUI",
"type": "string"
},
"node_id": {
"description": "System allotted UUID of edge node.",
"readonly": true,
"title": "Unique identifier of edge node",
"type": "string"
}
},
"type": "object"
}
EdgeNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Node
},
"id": "EdgeNode",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"type-identifier": "EdgeNode"
},
"properties": {
"allocation_list": {
"description": "List of logical router ids to which this edge node is allocated.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Allocation list",
"type": "array"
},
"deployment_config": {
"$ref": "EdgeNodeDeploymentConfig,
"description": "When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP.",
"required": false,
"title": "Config for automatic deployment of edge node virtual machine."
},
"deployment_type": {
"$ref": "EdgeDeploymentType,
"readonly": true,
"required": false
},
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"node_settings": {
"$ref": "EdgeNodeSettings,
"description": "Reports the current configuration of host name, SSH and servers configured for DNS, syslog, NTP. The settings are configured as part of automatic deployment of edge virtual machine. The settings are editable.",
"required": true,
"title": "Current configuration on edge node."
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
EdgeNodeDeploymentConfig (type)
{
"additionalProperties": false,
"id": "EdgeNodeDeploymentConfig",
"module_id": "FabricNode",
"properties": {
"form_factor": {
"$ref": "EdgeFormFactor,
"default": "MEDIUM",
"required": false
},
"node_user_settings": {
"$ref": "NodeUserSettings,
"description": "Username and password settings for the node. Note - these settings will be honored only during node deployment. Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect.",
"required": true,
"title": "Node user settings"
},
"vm_deployment_config": {
"$ref": "DeploymentConfig,
"required": true
}
},
"type": "object"
}
EdgeNodeRefreshRequestParameters (type)
{
"additionalProperties": false,
"id": "EdgeNodeRefreshRequestParameters",
"module_id": "TransportNodeLcm",
"properties": {
"read_only": {
"default": false,
"description": "If readonly is true, then internal objects like resource reservation, allocation etc are updated. Note that Edge transport node intent is not updated. If it is false or if not set, then internal objects and Edge transport node intent both are updated",
"required": false,
"title": "Read-only flag for Refresh API",
"type": "boolean"
}
},
"title": "Parameters for Edge node refresh request",
"type": "object"
}
EdgeNodeServiceLoggingProperties (type)
{
"extends": {
"$ref": "NodeServiceProperties
},
"id": "EdgeNodeServiceLoggingProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": true,
"title": "Service logging level",
"type": "string"
}
}
},
"title": "Edge node service properties",
"type": "object"
}
EdgeNodeServiceLoggingReadOnlyProperties (type)
{
"extends": {
"$ref": "NodeServiceProperties
},
"id": "EdgeNodeServiceLoggingReadOnlyProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"readonly": true,
"required": true,
"title": "Service logging level",
"type": "string"
}
}
},
"title": "Edge node service properties",
"type": "object"
}
EdgeNodeSettings (type)
{
"additionalProperties": false,
"description": "The settings are used during deployment and consequent update of an edge, unless indicated otherwise. These settings are editable for manually deployed edge nodes as well. If using DHCP, you must leave the following fields unset: search_domains, management_port_subnets, dns_servers and default_gateway_addresses. EdgeNodeSettings reports current values configured on the edge node. If the settings lag with actual state on the edge, these may be refreshed at NSX Manager using API POST api/v1/transport-nodes /<transport-node-id>?action=refresh_node_configuration&resource_type= EdgeNode",
"id": "EdgeNodeSettings",
"module_id": "FabricNode",
"properties": {
"advanced_configuration": {
"description": "Array of additional specific properties for advanced or cloud- specific deployments in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Advanced configuration",
"type": "array"
},
"allow_ssh_root_login": {
"default": false,
"description": "Allowing root SSH logins is not recommended for security reasons. Edit of this property is not supported when updating transport node. Use the CLI to change this property.",
"required": false,
"title": "Allow root SSH logins.",
"type": "boolean"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"enable_ssh": {
"default": false,
"description": "Enabling SSH service is not recommended for security reasons.",
"required": false,
"title": "Enable SSH.",
"type": "boolean"
},
"enable_upt_mode": {
"default": false,
"description": "Enable Uniform Passthrough ( UPT ) on VMXNET 3 devices to improve overall system performance and reduces latency. Caution: This involves restart of the edge dataplane and hence may lead to network disruption. Use GET api/v1/transport-nodes/<transport-node-id>/state to monitor realization of UPT.",
"readonly": false,
"required": false,
"title": "Enable Uniform Passthrough mode.",
"type": "boolean"
},
"hostname": {
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$",
"required": true,
"title": "Host name or FQDN for edge node.",
"type": "string"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPAddress
},
"required": false,
"title": "NTP servers.",
"type": "array"
},
"search_domains": {
"description": "List of domain names that are used to complete unqualified host names.",
"items": {
"type": "string"
},
"required": false,
"title": "Search domain names.",
"type": "array"
},
"syslog_servers": {
"description": "List of Syslog server configuration.",
"items": {
"$ref": "SyslogConfiguration
},
"maxItems": 5,
"required": false,
"title": "Syslog servers",
"type": "array"
}
},
"type": "object"
}
EdgeTransportNodeDatapathMemoryPoolUsage (type)
{
"additionalProperties": false,
"description": "Datapath memory pool usage value.",
"id": "EdgeTransportNodeDatapathMemoryPoolUsage",
"module_id": "ApplianceStats",
"properties": {
"description": {
"description": "Description of the memory pool.",
"readonly": true,
"title": "Description of the memory pool",
"type": "string"
},
"name": {
"description": "Name of the datapath memory pool as available on edge node CLI.",
"readonly": true,
"title": "Name of the datapath memory pool",
"type": "string"
},
"usage": {
"description": "Percentage of memory pool in use.",
"readonly": true,
"title": "Percentage of memory pool in use",
"type": "number"
}
},
"title": "Usage of datapath memory pool",
"type": "object"
}
EdgeTransportNodeDatapathMemoryUsage (type)
{
"additionalProperties": false,
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"id": "EdgeTransportNodeDatapathMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"datapath_heap_usage": {
"description": "Percentage of heap memory in use.",
"readonly": true,
"title": "Percentage of heap memory in use",
"type": "number"
},
"datapath_mem_pools_usage": {
"items": {
"$ref": "EdgeTransportNodeDatapathMemoryPoolUsage,
"description": "Per memory pool percentage in use.",
"readonly": true,
"title": "Per memory pool percentage in use"
},
"type": "array"
},
"highest_datapath_mem_pool_usage": {
"description": "Highest percentage usage value among datapath memory pools.",
"readonly": true,
"title": "Highest percentage usage value among datapath memory pools",
"type": "number"
},
"highest_datapath_mem_pool_usage_names": {
"items": {
"description": "List of datapath memory pool(s) with highest usage.",
"readonly": true,
"title": "Datapath memory pool(s) with highest usage",
"type": "string"
},
"type": "array"
}
},
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage",
"type": "object"
}
EdgeTransportNodeMemoryUsage (type)
{
"additionalProperties": false,
"description": "Point in time usage of system, datapath, swap and cache memory in edge node.",
"id": "EdgeTransportNodeMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"cache_usage": {
"description": "Percentage of RAM on the system that can be flushed out to disk.",
"readonly": true,
"title": "Percentage of RAM on the system that can be flushed out to disk",
"type": "number"
},
"datapath_mem_usage_details": {
"$ref": "EdgeTransportNodeDatapathMemoryUsage,
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"readonly": true,
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage"
},
"datapath_total_usage": {
"description": "Percentage of memory in use by datapath processes which includes RES and hugepage memory.",
"readonly": true,
"title": "Percentage of memory in use by datapath processes",
"type": "number"
},
"swap_usage": {
"description": "Percentage of swap disk in use.",
"readonly": true,
"title": "Percentage of swap disk in use",
"type": "number"
},
"system_mem_usage": {
"description": "Percentage of RAM in use on edge node.",
"readonly": true,
"title": "Percentage of RAM in use on edge node",
"type": "number"
}
},
"title": "Memory usage details of edge node",
"type": "object"
}
EdgeUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "EdgeUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of edge upgrade",
"type": "object"
}
EffectiveIPAddressMemberListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EffectiveIPAddressMemberListResult",
"module_id": "NSGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPElement
},
"required": true,
"title": "Paged Collection of effective ip addresses for the given NSGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveIPInfo (type)
{
"additionalProperties": false,
"id": "EffectiveIPInfo",
"module_id": "GroupingObjectsProviders",
"properties": {
"effective_ips": {
"items": {
"$ref": "IPElement
},
"required": true,
"type": "array"
},
"site_id": {
"required": true,
"title": "Id of the site to which the effective IPs belong to\n",
"type": "string"
}
},
"title": "List of effective ip address along with site id",
"type": "object"
}
EffectiveMemberResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EffectiveMemberResourceListResult",
"module_id": "NSGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ResourceReference,
"title": "effective members resource list results"
},
"required": true,
"title": "Paged Collection of resources which are the effective members of an NSGroup.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveMemberTypeListResult (type)
{
"additionalProperties": false,
"id": "EffectiveMemberTypeListResult",
"module_id": "NSGroup",
"properties": {
"result_count": {
"readonly": true,
"required": true,
"title": "Count of the member types in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSGroupValidResourceType
},
"required": true,
"title": "Collection of member types for the given NSGroup",
"type": "array"
}
},
"type": "object"
}
EffectiveProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EffectiveProfileListResult",
"module_id": "ServiceConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSXProfileReference
},
"required": true,
"title": "Paged Collection of profiles which are applied to an Entity",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveProfileRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "EffectiveProfileRequestParameters",
"module_id": "ServiceConfig",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"profile_type": {
"required": false,
"title": "Fetch effectivw profiles of the given profile_type",
"type": "string"
},
"resource_id": {
"required": true,
"title": "The resource for which the effective profiles are to be fetched",
"type": "string"
},
"resource_type": {
"$ref": "EffectiveProfileResourceType,
"required": true,
"title": "Type of the resource for which effective profiles are to be fetched"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EffectiveProfileResourceType (type)
{
"description": "This enum defines the valid Resource types to be used in effective profiles API",
"enum": [
"NSGroup",
"LogicalPort",
"VirtualMachine",
"TransportNode",
"LogicalRouter",
"LogicalSwitch"
],
"id": "EffectiveProfileResourceType",
"module_id": "ServiceConfig",
"title": "Valid Resource type in effective profiles API",
"type": "string"
}
EffectiveProfilesResponse (type)
{
"additionalProperties": false,
"id": "EffectiveProfilesResponse",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"profiles_list": {
"items": {
"$ref": "SwitchingProfileTypeIdEntry
},
"required": false,
"type": "array"
}
},
"title": "Enforcement point request entity",
"type": "object"
}
EgressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "EgressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "EgressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrption": "Set custom burst_size for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"descrption": "Set custom peak_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies egress rate properties in Mb/s",
"type": "object"
}
EgressRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper
},
"id": "EgressRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "EgressRateShaper"
},
"properties": {
"average_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies egress rate properties in Mb/s",
"type": "object"
}
EmbeddedResource (type)
{
"abstract": true,
"extends": {
"$ref": "RevisionedResource
},
"id": "EmbeddedResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"property-name": "resource_type"
},
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink,
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
}
},
"title": "Base class for resources that are embedded in other resources",
"type": "object"
}
EncapsulationType (type)
{
"additionalProperties": false,
"description": "You can choose the encapsulation type of the mirroring, now we support GRE, ERSPAN II and ERSPAN III.",
"enum": [
"GRE",
"ERSPAN_TWO",
"ERSPAN_THREE"
],
"id": "EncapsulationType",
"module_id": "PortMirroring",
"title": "Encapsulation type for L3PortMirrorSession",
"type": "string"
}
Endpoint (type)
{
"description": "An Endpoint object is part of HostSwitch configuration in TransportNode",
"id": "Endpoint",
"module_id": "TransportNode",
"properties": {
"default_gateway": {
"$ref": "IPAddress,
"readonly": true,
"title": "Gateway IP"
},
"device_name": {
"readonly": true,
"title": "Name of the virtual tunnel endpoint",
"type": "string"
},
"ip": {
"$ref": "IPAddress,
"description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.",
"readonly": true,
"title": "IP Address of this virtual tunnel endpoint"
},
"ipv6": {
"$ref": "IPv6EndPoint,
"nsx_feature": "L2Ipv6",
"readonly": true,
"required": false,
"title": "IPv6 endpoint"
},
"label": {
"readonly": true,
"required": false,
"title": "Unique label for this Endpoint",
"type": "int"
},
"mac": {
"$ref": "MACAddress,
"readonly": true,
"title": "MAC address"
},
"subnet_mask": {
"$ref": "IPAddress,
"readonly": true,
"title": "Subnet mask"
}
},
"title": "Tunnel endpoint configuration",
"type": "object"
}
EndpointPolicy (type)
{
"additionalProperties": false,
"description": "Ordered list of Endpoint Rules ordered by sequence number of the entries. The maximum number of policies is 25.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"policy_hierarchical_children": [
"ChildEndpointRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endpoint_rules": {
"items": {
"$ref": "EndpointRule
},
"required": false,
"title": "Endpoint Rules that are a part of this EndpointPolicy",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between maps across domains.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Endpoint Rules\n",
"type": "object"
}
EndpointPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EndpointPolicyListRequestParameters",
"module_id": "PolicyGuestIntrospection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "EndpointPolicy list request parameters",
"type": "object"
}
EndpointPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EndpointPolicyListResult",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EndpointPolicy
},
"required": true,
"title": "Guest Introspection Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Groups",
"type": "object"
}
EndpointRule (type)
{
"additionalProperties": false,
"description": "Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EndpointRule",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 50,
"required": true,
"title": "group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Sequence number of this Entry",
"type": "int"
},
"service_profiles": {
"description": "The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": true,
"title": "Names of service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Endpoint Rule for guest introspection.",
"type": "object"
}
EndpointRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EndpointRuleListRequestParameters",
"module_id": "PolicyGuestIntrospection",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Endpoint Rule list request parameters",
"type": "object"
}
EndpointRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EndpointRuleListResult",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EndpointRule
},
"required": true,
"title": "Endpoint Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Endpoint Rules",
"type": "object"
}
EnforcedStatusDetailsNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point. This is a detailed view of the Realized Status of an intent object from an NSX-T enforcement point perspective.",
"id": "EnforcedStatusDetailsNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status_info": {
"$ref": "EnforcedStatusInfoNsxT,
"description": "Information about the realized status of the intent on this enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info.",
"readonly": true,
"title": "Enforced Realized Status Info"
},
"pending_changes_info": {
"$ref": "PendingChangesInfoNsxT,
"description": "Information about pending changes, if any, that aren't reflected in the Enforced Realized Status.",
"readonly": true,
"title": "Pending Changes Info"
}
},
"title": "NSX-T Enforced Realized Status Details",
"type": "object"
}
EnforcedStatusInfoNsxT (type)
{
"additionalProperties": false,
"description": "Information about the realized status of the intent object on an NSX-T type of enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info. In addition to the realized status across all scopes, this information holds details about enforced realized status per scope.",
"id": "EnforcedStatusInfoNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status": {
"$ref": "EnforcedStatusNsxT,
"description": "Consolidated Realized Status of an Intent object across all scopes of an NSX-T type of enforcement point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforced_status_per_scope": {
"description": "List of Enforced Realized Status per Scope.",
"items": {
"$ref": "EnforcedStatusPerScopeNsxT
},
"readonly": true,
"title": "List of Enforced Realized Status per Scope",
"type": "array"
}
},
"title": "NSX-T Enforced Realized Status Information",
"type": "object"
}
EnforcedStatusNsxT (type)
{
"additionalProperties": false,
"description": "NSX-T Enforced Status.",
"id": "EnforcedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"status": {
"$ref": "RuntimeState,
"description": "Enforced Realized Status.",
"readonly": true,
"title": "Enforced Realized Status"
},
"status_message": {
"description": "Status Message conveying hints depending on the status value.",
"readonly": true,
"title": "Status Message",
"type": "string"
}
},
"title": "NSX-T Enforced Status",
"type": "object"
}
EnforcedStatusPerScopeNsxT (type)
{
"abstract": true,
"additionalProperties": false,
"description": "NSX-T Detailed Realized Status Per Scope.",
"id": "EnforcedStatusPerScopeNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Enforced Realized Status Per Scope Resource Type.",
"enum": [
"TransportNodeSpanEnforcedStatus"
],
"readonly": true,
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "NSX-T Enforced Realized Status Per Scope",
"type": "object"
}
EnforcedStatusPerTransportNode (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status Per Transport Node.",
"id": "EnforcedStatusPerTransportNode",
"module_id": "PolicyRealizationStatus",
"properties": {
"display_name": {
"description": "Display name of the transport node.",
"readonly": true,
"title": "Transport Node Display Name",
"type": "string"
},
"enforced_status": {
"$ref": "EnforcedStatusNsxT,
"description": "Realized Status of an Intent object on this Transport Node.",
"readonly": true,
"title": "Enforced Realized Status"
},
"nsx_id": {
"description": "UUID identifying uniquely the Transport Node.",
"readonly": true,
"title": "Transport Node Identifier",
"type": "string"
},
"path": {
"description": "Policy Path referencing the transport node.",
"readonly": true,
"title": "Transport Node Path",
"type": "string"
}
},
"title": "Enforced Realized Status Per Transport Node",
"type": "object"
}
EnforcementPoint (type)
{
"additionalProperties": false,
"description": "Enforcement point is the endpoint where policy configurations are applied.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildClusterControlPlane",
"ChildHostTransportNode",
"ChildHostTransportNodeCollection",
"ChildPolicyEdgeCluster",
"ChildPolicyTransportZone",
"ChildSubCluster"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_enforce": {
"default": true,
"description": "Auto enforce flag suggests whether the policy objects shall be automatically enforced on this enforcement point or not. When this flag is set to true, all policy objects will be automatically enforced on this enforcement point. If this flag is set to false, user shall rely on the usual means of realization, i.e., deployment maps.",
"title": "Auto Enforce Flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"$ref": "EnforcementPointConnectionInfo,
"description": "Connection Info of the Enforcement Point.",
"required": true,
"title": "Enforcement Point Connection Info"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Version of the Enforcement point.",
"readonly": true,
"title": "Enforcement point Version",
"type": "string"
}
},
"title": "Enforcement Point",
"type": "object"
}
EnforcementPointConnectionInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Contains information required to connect to enforcement point.",
"id": "EnforcementPointConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
}
},
"title": "Enforcement Point Connection Info",
"type": "object"
}
EnforcementPointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Enforcement point list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EnforcementPointListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Enforcement Point List Request Parameters",
"type": "object"
}
EnforcementPointListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of enforcement points.",
"extends": {
"$ref": "ListResult
},
"id": "EnforcementPointListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Enforcement Point list Results.",
"items": {
"$ref": "EnforcementPoint
},
"required": true,
"title": "Enforcement Point List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of EnforcementPoints",
"type": "object"
}
EnforcementPointRequest (type)
{
"additionalProperties": false,
"id": "EnforcementPointRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on request is to be made.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Enforcement point request entity",
"type": "object"
}
EntityInstanceCountConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level constraint to restrict the number of instances of an entity type that can be created. Lowering the limit on the number of instances of a given type is allowed even in cases where there are instances more than the specified limit already in the system. In this case, creation of new instances of that type will be disallowed unless the number of instances goes below the limit. One of the main usage of this expression is to implement Quotas in the multi-tenancy context. It allows to limit the number of resources which can be created inside a Project or Vpc. It also forbids consumption of specific resource by putting its entity count to 0. Note that, update/delete operations will continue to be allowed on already created instances.",
"extends": {
"$ref": "ConstraintExpression
},
"id": "EntityInstanceCountConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "EntityInstanceCountConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"count": {
"description": "Instance count.",
"required": true,
"title": "Instance count.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"required": true,
"title": "Operations supported '<' and '<='.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_resource_type": {
"description": "Target resource type accepts input as DTO Type or FQDN. It also supports dot format like SecurityPolicy.Rule in a scenario where same DTO type shared across across policy sub tree. For example DTO type Rule shared by both security policy and gateway policy rules. So to specify any constraint for Security policy rule, user can define the target resource type SecurityPolicy.Rule.",
"required": false,
"title": "Resource type of the target entity. This needs to be set for all\ncases where the target does not specify the type.\n",
"type": "string"
}
},
"title": "Represents the leaf level constraint to restrict the number instances of type.",
"type": "object"
}
EntityType (type)
{
"enum": [
"MANAGER",
"CONTROLLER",
"POLICY",
"HTTPS",
"CLUSTER_BOOT_MANAGER",
"DATASTORE",
"GLOBAL_MANAGER",
"ASYNC_REPLICATOR",
"MONITORING",
"IDPS_REPORTING",
"CORFU_NONCONFIG"
],
"id": "EntityType",
"module_id": "ClusterBootManager",
"type": "string"
}
EpochMsTimestamp (type)
{
"id": "EpochMsTimestamp",
"module_id": "Common",
"title": "Timestamp in milliseconds since epoch",
"type": "integer"
}
ErrorClass (type)
{
"additionalProperties": false,
"id": "ErrorClass",
"module_id": "Upgrade",
"properties": {
"error_code": {
"description": "Error code for the error/warning",
"readonly": true,
"required": true,
"title": "Error code",
"type": "integer"
},
"error_message": {
"description": "Error/warning message",
"readonly": true,
"required": true,
"title": "Error/warning message",
"type": "string"
}
},
"type": "object"
}
ErrorInfo (type)
{
"additionalProperties": false,
"id": "ErrorInfo",
"module_id": "InventoryCmObj",
"properties": {
"error_code": {
"description": "Error code of the error.",
"readonly": false,
"required": false,
"title": "Error code",
"type": "int"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Error message",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": true,
"title": "Timestamp when the error occurred"
}
},
"title": "Error information",
"type": "object"
}
ErrorResolverInfo (type)
{
"additionalProperties": false,
"description": "Metadata related to a given error_id",
"id": "ErrorResolverInfo",
"module_id": "ErrorResolver",
"properties": {
"error_id": {
"required": true,
"title": "The error id for which metadata information is needed",
"type": "integer"
},
"resolver_present": {
"required": true,
"title": "Indicates whether there is a resolver associated with the error or not",
"type": "boolean"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata,
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverInfoList (type)
{
"additionalProperties": false,
"id": "ErrorResolverInfoList",
"module_id": "ErrorResolver",
"properties": {
"results": {
"items": {
"$ref": "ErrorResolverInfo
},
"required": true,
"title": "ErrorResolverInfo list",
"type": "array"
}
},
"title": "Collection of all registered ErrorResolverInfo",
"type": "object"
}
ErrorResolverMetadata (type)
{
"additionalProperties": false,
"description": "Error along with its metadata",
"id": "ErrorResolverMetadata",
"module_id": "ErrorResolver",
"properties": {
"entity_id": {
"required": true,
"title": "The entity/node UUID where the error has occurred.",
"type": "string"
},
"error_id": {
"required": true,
"title": "The error id as reported by the entity where the error occurred.",
"type": "integer"
},
"system_metadata": {
"$ref": "ErrorResolverSystemMetadata,
"required": false,
"title": "This can come from some external system like syslog collector"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata,
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverMetadataList (type)
{
"additionalProperties": false,
"description": "List of errors with their metadata",
"id": "ErrorResolverMetadataList",
"module_id": "ErrorResolver",
"properties": {
"errors": {
"items": {
"$ref": "ErrorResolverMetadata
},
"required": true,
"title": "List of errors with their corresponding metadata.",
"type": "array"
}
},
"type": "object"
}
ErrorResolverSystemMetadata (type)
{
"additionalProperties": false,
"description": "Metadata fetched from an external system like Syslog or LogInsight.",
"id": "ErrorResolverSystemMetadata",
"module_id": "ErrorResolver",
"properties": {
"value": {
"required": false,
"title": "The value fetched from another system",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserInputData (type)
{
"additionalProperties": false,
"description": "Corresponds to one property entered by the user",
"id": "ErrorResolverUserInputData",
"module_id": "ErrorResolver",
"properties": {
"data_type": {
"enum": [
"TEXT",
"NUMBER",
"PASSWORD"
],
"required": true,
"title": "The datatype of the given property. Useful for data validation",
"type": "string"
},
"property_name": {
"required": true,
"title": "Name of the property supplied by the user",
"type": "string"
},
"property_value": {
"required": false,
"title": "The value associated with the above property",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserMetadata (type)
{
"additionalProperties": false,
"description": "User supplied metadata needed for resolving errors",
"id": "ErrorResolverUserMetadata",
"module_id": "ErrorResolver",
"properties": {
"user_input_list": {
"items": {
"$ref": "ErrorResolverUserInputData
},
"required": false,
"title": "List of user supplied input data.",
"type": "array"
}
},
"type": "object"
}
EsgToRouterMappingOptionSpec (type)
{
"additionalProperties": false,
"description": "Spec for NSX-V ESG to NSX-T Router mapping option.",
"id": "EsgToRouterMappingOptionSpec",
"module_id": "Migration",
"properties": {
"mapping_option": {
"description": "Mapping option can be - - UI - FILE_UPLOAD - NO_MAPPING",
"enum": [
"UI",
"FILE_UPLOAD",
"NO_MAPPING"
],
"readonly": false,
"required": true,
"title": "Mapping option",
"type": "string"
}
},
"title": "Spec for NSX-V ESG to NSX-T Router mapping option",
"type": "object"
}
EsxGlobalOpaqueConfig (type)
{
"extends": {
"$ref": "GlobalConfigs
},
"id": "EsxGlobalOpaqueConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "EsxGlobalOpaqueConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"opaque_config": {
"items": {
"$ref": "KeyValuePair
},
"required": true,
"title": "A list of global opaque configuration for ESX hosts.",
"type": "array"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "ESX global opaque configuration",
"type": "object"
}
EtherTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement
},
"id": "EtherTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "EtherTypeNSService"
},
"properties": {
"ether_type": {
"required": true,
"title": "Type of the encapsulated protocol",
"type": "integer"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "An NSService element that represents an ethertype protocol",
"type": "object"
}
EtherTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "EtherTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "EtherTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ether_type": {
"required": true,
"title": "Type of the encapsulated protocol",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an ethertype protocol",
"type": "object"
}
EthernetHeader (type)
{
"additionalProperties": false,
"id": "EthernetHeader",
"module_id": "Traceflow",
"properties": {
"dst_mac": {
"description": "The destination MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Destination MAC address of the Ethernet header",
"type": "string"
},
"eth_type": {
"default": 2048,
"description": "This field defaults to IPv4.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "The value of the type field to be put into the Ethernet header",
"type": "integer"
},
"src_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Source MAC address of the Ethernet header",
"type": "string"
}
},
"type": "object"
}
Evaluation (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Criterion Evaluation is the basic logical condition to evaluate whether the event could be potentially met.",
"id": "Evaluation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Criterion Evaluation resource type.",
"enum": [
"SourceFieldEvaluation"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Criterion Evaluation",
"type": "object"
}
Event (type)
{
"additionalProperties": false,
"description": "The Event is the criterion or criteria applied to the source and, when met, prompt Policy to run the action. All Reaction Events are constructed with reference to the object, the \"source\", that is logically deemed to be the object upon which the Event in question initially occurred upon. Some example events include: - New object was created. - Change in realization state. - Specific API is called.",
"id": "Event",
"module_id": "PolicyReaction",
"properties": {
"criteria": {
"description": "Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR).",
"items": {
"$ref": "Criterion
},
"title": "Event Criteria",
"type": "array"
},
"source": {
"$ref": "Source,
"description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon.",
"required": true,
"title": "Event Source"
}
},
"title": "Reaction Event",
"type": "object"
}
EventListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "EventListResult",
"module_id": "Monitoring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MonitoringEvent
},
"readonly": true,
"title": "List of events defined",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
EvpnConfig (type)
{
"additionalProperties": false,
"description": "Evpn Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "EvpnConfigAdvancedConfig,
"description": "Advanced configuration for evpn config.",
"required": false,
"title": "Advanced configuration for evpn config"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_method": {
"$ref": "EvpnEncapConfig,
"description": "Encapsulation method for EVPN service that is used by the transport layer.",
"required": false,
"title": "Encapsulation method for EVPN."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mode": {
"default": "DISABLE",
"description": "In INLINE mode, edge nodes participate both in the BGP EVPN control plane route exchange and in data path tunneling between edge nodes and data center gateways. In ROUTE_SERVER mode, edge nodes participate in the BGP EVPN control plane route exchanges only and do not participate in the data forwarding, i.e., the data path tunnels are directly established between the hypervisors and the data center gateways. DISABLE mode disables EVPN service capability.",
"enum": [
"INLINE",
"ROUTE_SERVER",
"DISABLE"
],
"required": false,
"title": "EVPN service mode",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Configuration",
"type": "object"
}
EvpnConfigAdvancedConfig (type)
{
"additionalProperties": false,
"description": "NSX specific configuration for evpn config",
"id": "EvpnConfigAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {},
"title": "Advanced configuration for evpn config",
"type": "object"
}
EvpnEncapConfig (type)
{
"additionalProperties": false,
"description": "Encapsulation method for EVPN.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnEncapConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evpn_tenant_config_path": {
"required": false,
"title": "EVPN tenant config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_TENANT_CONFIG_RELATIONSHIP",
"rightType": [
"EvpnTenantConfig"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"required": false,
"title": "vni pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": [
"VniPoolConfig"
]
}
]
}
},
"title": "Encapsulation method for EVPN",
"type": "object"
}
EvpnTenantConfig (type)
{
"additionalProperties": false,
"description": "This resource is relevant only when Evpn Service is configured in ROUTE-SERVER mode. The resource defines Vlans to VNIs mappings used by Evpn tenant VMs for overlay VXLAN transmission when attached to vRouter. The resource contains overlay transport_zone_path and vni_pool_path to orchestrate creation of child Logical-Switches.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnTenantConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mappings": {
"description": "This property specifies a mapping spec of incoming Evpn tenant vlan-ids to VXLAN VNIs used for overlay transmission to Physical-Gateways used by vRouters.",
"items": {
"$ref": "VlanVniRangePair
},
"maxItems": 2000,
"minItems": 1,
"required": true,
"title": "VLANs to VNIs mapping spec",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to transport zone. Only overlay transport zone is supported.",
"required": true,
"title": "Policy path to the transport zone",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_TZ_CONFIG_RELATIONSHIP",
"rightType": []
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"description": "Policy path to the vni pool used for Evpn in ROUTE-SERVER mode.",
"required": true,
"title": "Policy path to the vni pool",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Evpn Tenant Configuration for Evpn in ROUTE-SERVER mode.",
"type": "object"
}
EvpnTenantConfigListRequestParameters (type)
{
"additionalProperties": false,
"description": "Evpn Tenant Config list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EvpnTenantConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Evpn Tenant Config list request parameters",
"type": "object"
}
EvpnTenantConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of Evpn Tenant Configuration.",
"extends": {
"$ref": "ListResult
},
"id": "EvpnTenantConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Evpn Tenant Config list results",
"items": {
"$ref": "EvpnTenantConfig
},
"required": true,
"title": "Evpn Tenant Config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Evpn Tenant Configuration",
"type": "object"
}
EvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Evpn Tunnel Endpoint Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_path": {
"required": true,
"title": "edge path",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "local addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"maximum": 9100,
"minimum": 64,
"required": false,
"title": "MTU",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Tunnel Endpoint Configuration",
"type": "object"
}
EvpnTunnelEndpointConfigListRequestParameters (type)
{
"additionalProperties": false,
"description": "Evpn Tunnel Endpoint Config list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EvpnTunnelEndpointConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Evpn Tunnel Endpoint Config list request parameters",
"type": "object"
}
EvpnTunnelEndpointConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of Evpn Tunnel Endpoint Configuration.",
"extends": {
"$ref": "ListResult
},
"id": "EvpnTunnelEndpointConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Evpn Tunnel Endpoint Configuration list results",
"items": {
"$ref": "EvpnTunnelEndpointConfig
},
"required": true,
"title": "Evpn Tunnel Endpoint Configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Evpn Tunnel Endpoint Configuration",
"type": "object"
}
ExcludeList (type)
{
"description": "List of entities where Distributed Firewall will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es) to exclude Distributed Firewall enforcement.",
"extends": {
"$ref": "DSExcludeList
},
"id": "ExcludeList",
"module_id": "ExcludeList",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"description": "Total number of members present in Exclude List.",
"readonly": true,
"required": false,
"title": "Total Member Count",
"type": "integer"
},
"members": {
"description": "List of members in Exclusion List",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "Member list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Exclusion List",
"type": "object"
}
ExcludeListRequestParams (type)
{
"id": "ExcludeListRequestParams",
"module_id": "ExcludeList",
"properties": {
"deep_check": {
"default": false,
"description": "Deep check all parents of requested object_id if any of them is in exclude list. If found, makes requested entity as excluded.",
"required": false,
"title": "Check all parents",
"type": "boolean"
},
"object_id": {
"maxLength": 64,
"required": true,
"title": "identifier of the object",
"type": "string"
},
"object_type": {
"$ref": "ExcludeMemberType,
"description": "Used if requested for deep_check. Type allows ability to find its association and parent entities.",
"required": false,
"title": "Type of the object"
}
},
"title": "Parameters for filtering the exclude list",
"type": "object"
}
ExcludeMemberType (type)
{
"description": "Enum of supported excluded member types.",
"enum": [
"NSGroup",
"LogicalPort",
"LogicalSwitch"
],
"id": "ExcludeMemberType",
"module_id": "ExcludeList",
"readonly": true,
"required": false,
"title": "Object type of an entity",
"type": "string"
}
ExcludedMembersList (type)
{
"additionalProperties": false,
"description": "Represents the list of members that need to be excluded",
"id": "ExcludedMembersList",
"module_id": "Policy",
"properties": {
"ip_address_expression": {
"$ref": "IPAddressExpression,
"required": false,
"title": "IP addresses which need to be excluded"
},
"path_expression": {
"$ref": "PathExpression,
"description": "Paths can be only IP address based groups. Upto 50 paths are allowed.",
"required": false,
"title": "Paths which need to be excluded."
}
},
"title": "Represents the list of members that need to be excluded",
"type": "object"
}
ExportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke export task.",
"id": "ExportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_path": {
"description": "Policy path of a draft which is to be exported. If not provided, current firewall configuration will then be exported.",
"required": false,
"title": "Policy path of draft",
"type": "string"
},
"passphrase": {
"description": "Passphrase to sign exported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"required": true,
"sensitive": true,
"title": "Passphrase to sign exported files",
"type": "secure_string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Export task request parameters",
"type": "object"
}
ExportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the export task.",
"extends": {
"$ref": "PolicyTask
},
"id": "ExportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft if this is an export task to export draft configuration.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"exported_file": {
"description": "Name of the exported file generated after completion of export task.",
"readonly": true,
"title": "Name of the exported file",
"type": "string"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Export task information",
"type": "object"
}
Expression (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the nodes of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Expression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each node of the expression",
"type": "object"
}
ExtendDvpgWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Extend DVPG workflow spec.",
"extends": {
"$ref": "WorkflowSpec
},
"id": "ExtendDvpgWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "ExtendDvpgWorkflowSpec"
},
"properties": {
"bridge_profile_path": {
"description": "Policy path to L2 Bridge profile. Same bridge profile can be configured on different segments. Each bridge profile on a segment must be unique. It is required if bridge mode is chosen as EDGE_BRIDGE.",
"readonly": false,
"required": false,
"title": "Policy path to L2 Bridge profile",
"type": "string"
},
"bridging_mode": {
"$ref": "BridgingMode,
"default": "EDGE_BRIDGE",
"description": "Bridging mode.",
"readonly": false,
"required": false,
"title": "Bridging mode"
},
"dhcpv4_server_ips": {
"description": "IPs of DHCPv4 servers used by VMs connected to the DVPG in the subnet.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of DHCPv4 server IP addresses",
"type": "array"
},
"dhcpv6_server_ips": {
"description": "IPs of DHCPv6 servers used by VMs connected to the DVPG in the subnet.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of DHCPv6 server IP addresses",
"type": "array"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"ip_subnets": {
"$ref": "SegmentIpSubnets,
"description": "A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged.",
"readonly": false,
"required": true,
"title": "A SegmentIpSubnets for the overlay segment to which the DVPG will be bridged"
},
"overlay_transport_zone_path": {
"description": "The path of overlay transport zone in which the segment will be auto created. The default overlay-TZ will be used if it is not provided.",
"readonly": false,
"required": false,
"title": "Overlay transport zone path",
"type": "string"
},
"project_id": {
"description": "Project ID.",
"readonly": false,
"required": false,
"title": "Project ID",
"type": "string"
},
"segment_name_for_auto_creation": {
"description": "The segment name with which to auto create a segment for bridging the DVPG. Do not set this property if an existing segment will be used to bridge the DVPG. Only one of this property or the \"segment_path\" property must be set.",
"readonly": false,
"required": false,
"title": "Segment name for auto creation",
"type": "string"
},
"segment_path": {
"description": "The path of an existing segment to bridge the DVPG. Do not set this property if a new segment will be created to bridge the DVPG. Only one of this property or the \"segment_name_for_auto_creation\" property must be set.",
"readonly": false,
"required": false,
"title": "Existing segment path to bridge DVPG",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
},
"uplink_teaming_policy_name": {
"description": "The name of switching uplink teaming policy for bridge endpoint. This name corresponds to one of the switching uplink teaming policy names listed in the VLAN transport zone specified by the property \"vlan_transport_zone_path\".",
"readonly": false,
"required": false,
"title": "Uplink teaming policy name",
"type": "string"
},
"vlan_transport_zone_path": {
"description": "The path of VLAN transport zone that represents the underlay L2 domain in which the DVPGs will be bridged to overlay segments. An unique VLAN transport zone should be assigned to each underlay L2 domain when needed for bridging. If two VLANs in two underlay L2 domains are combined together as one L2 broadcast-domain by certain L2 extension, the two underlay L2 domains still should have two different VLAN transport zones assigned to them. If it is not given when the 'bridging_mode' is EDGE_BRIDGE, the VLAN transport zone path in the config spec of the edge node(s) in the bridge profile of 'bridge_profile_path' will be used, or an error will be thrown if a unique VLAN transport zone path cannot be found in the spec of the edge node(s).",
"readonly": false,
"required": false,
"title": "VLAN transport zone path",
"type": "string"
}
},
"title": "Extend DVPG workflow spec",
"type": "object"
}
ExtendedSolutionConfig (type)
{
"description": "Extended Solution Config would contain Vendor specific information required for NXGI partner Service VM.",
"extends": {
"$ref": "ManagedResource
},
"id": "ExtendedSolutionConfig",
"module_id": "Nxgi",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner which needs to be passed to host.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"title": "Servcie attributes",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_id": {
"description": "The service to which the solution config belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Extended Solution Configuration Info",
"type": "object"
}
ExternalGatewayBfdConfig (type)
{
"additionalProperties": false,
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"id": "ExternalGatewayBfdConfig",
"module_id": "Policy",
"properties": {
"bfd_profile_path": {
"title": "Policy path to Bfd Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GlobalConfig"
],
"relationshipType": "BFD_CONFIG_GLOBAL_CONFIG_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"enable": {
"default": true,
"description": "Flag to enable BFD session.",
"title": "Enable BFD session",
"type": "boolean"
}
},
"title": "External Bidirectional Flow Detection configuration",
"type": "object"
}
ExternalIDExpression (type)
{
"additionalProperties": false,
"description": "Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces, virtual machines, CloudNativeServiceInstance PhysicalServer to a group.",
"extends": {
"$ref": "Expression
},
"id": "ExternalIDExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ExternalIDExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_ids": {
"description": "This array can consist of one or more external IDs for the specified member type.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Array of external IDs for the specified member type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"CloudNativeServiceInstance",
"PhysicalServer"
],
"required": true,
"title": "External ID member type",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "External ID expression node",
"type": "object"
}
ExtraConfig (type) (Deprecated)
{
"deprecated": true,
"description": "Extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either logical switch or logical port. If it was set on logical switch, it will be inherited automatically by logical ports in it. Also logical port setting will override logical switch setting if specific key was dual set on both logical switch and logical port.",
"id": "ExtraConfig",
"module_id": "Switching",
"properties": {
"config_pair": {
"$ref": "UnboundedKeyValuePair,
"required": true,
"title": "Key value pair in string for the configuration"
}
},
"title": "Vendor specific configuration on logical switch or logical port",
"type": "object"
}
ExtraConfigHostSwitchProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseHostSwitchProfile
},
"id": "ExtraConfigHostSwitchProfile",
"module_id": "ExtraConfigHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ExtraConfigHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"items": {
"$ref": "ExtraConfig
},
"required": false,
"title": "list of extra configs",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for extra configs in host switch",
"type": "object"
}
FIPSGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"id": "FIPSGlobalConfig",
"module_id": "Policy",
"properties": {
"lb_fips_enabled": {
"default": true,
"deprecated": true,
"description": "This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.",
"readonly": true,
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.",
"type": "boolean"
},
"tls_fips_enabled": {
"default": false,
"description": "When this flag is set to true FIPS mode will be set on ssl encryptions of TLS inspection feature.",
"readonly": true,
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of TLS inspection feature.",
"type": "boolean"
}
},
"title": "Global configuration",
"type": "object"
}
FabricHostNode (type)
{
"additionalProperties": false,
"id": "FabricHostNode",
"module_id": "PolicyHostTransportNode",
"properties": {
"compute_collection_id": {
"description": "Id of the compute collection to which discovered node belongs.",
"readonly": true,
"required": false,
"title": "Compute collection id",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the transport node, version 4 or 6",
"type": "array"
},
"discovered_node_id": {
"description": "Id of discovered node which was converted to create this node.",
"readonly": true,
"required": false,
"title": "Discovered node id",
"type": "string"
},
"dpu": {
"description": "Specifies details of data processing units (DPU) present on ESXi Host.",
"items": {
"$ref": "DpuInfo
},
"readonly": true,
"required": false,
"title": "List of DPU information",
"type": "array"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the transport node",
"type": "string"
},
"host_credential": {
"$ref": "HostNodeLoginCredential,
"description": "Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node.",
"required": false,
"title": "Host login credentials"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6.",
"items": {
"$ref": "IPAddress
},
"required": true,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"maintenance_mode_state": {
"description": "Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress.",
"enum": [
"OFF",
"ENTERING",
"ON"
],
"readonly": true,
"required": false,
"title": "Maintenance mode state",
"type": "string"
},
"managed_by_server": {
"description": "The id of the vCenter server managing the ESXi type HostNode",
"readonly": true,
"required": false,
"title": "Id of vCenter server managing the HostNode",
"type": "string"
},
"os_type": {
"description": "Hypervisor type, for example ESXi or RHEL KVM",
"enum": [
"ESXI",
"RHELKVM",
"RHELSERVER",
"WINDOWSSERVER",
"RHELCONTAINER",
"UBUNTUKVM",
"UBUNTUSERVER",
"HYPERV",
"CENTOSKVM",
"CENTOSSERVER",
"CENTOSCONTAINER",
"SLESKVM",
"SLESSERVER",
"OELSERVER"
],
"required": true,
"title": "Hypervisor OS type",
"type": "string"
},
"os_version": {
"description": "Version of the hypervisor operating system",
"required": false,
"title": "Hypervisor OS version",
"type": "string"
},
"windows_install_location": {
"description": "Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\\Program Files\\VMware\\NSX\\.",
"required": false,
"title": "Install location of Windows Server on baremetal being managed by NSX",
"type": "string"
}
},
"type": "object"
}
FailedNodeSupportBundleResult (type)
{
"additionalProperties": false,
"id": "FailedNodeSupportBundleResult",
"properties": {
"error_code": {
"readonly": true,
"required": true,
"title": "Error code",
"type": "string"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Error message",
"type": "string"
},
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"node_ip": {
"readonly": true,
"required": true,
"title": "IPv4 address of node",
"type": "string"
},
"node_ipv6": {
"readonly": true,
"required": true,
"title": "IPv6 address of node",
"type": "string"
}
},
"type": "object"
}
FailedOrWarningConfig (type)
{
"additionalProperties": false,
"id": "FailedOrWarningConfig",
"properties": {
"controller": {
"title": "Controller Connection State",
"type": "string"
},
"core": {
"items": {
"type": "string"
},
"title": "Core Names",
"type": "array"
},
"dataplane": {
"title": "Dataplane State",
"type": "string"
},
"edge-agent": {
"title": "Edge Agent State",
"type": "string"
},
"manager": {
"title": "Manager Connection State",
"type": "string"
},
"nestdb": {
"title": "NestDB State",
"type": "string"
},
"nsd": {
"title": "Nsd State",
"type": "string"
},
"nsxa-edge-cluster": {
"title": "Edge Cluster State",
"type": "string"
},
"nsxa-lrouter": {
"title": "Logical Router State",
"type": "string"
},
"nsxa-service-router": {
"title": "Service Router State",
"type": "string"
},
"nsxa-state": {
"title": "NSXA State",
"type": "string"
}
},
"title": "Failed or Warning Config",
"type": "object"
}
FailureDomain (type)
{
"additionalProperties": false,
"description": "Failure Domain is engineered to be isolated from failures in other failure domains, and to provide inexpensive, low-latency network connectivity to other failure domains in the same region. We support failure domain only on edge transport node. Like you can consider one rack as one failure domain and place active-standby contexts like logical router, DHCP and MDProxy in two different failure domains (racks). So failure of a single rack (FD) does not impact any services and other rack (FD) will continue to handle traffic. Initially system creates one default failure domain. For any edge transport node, if failure domains is not given, it will be mapped to default system generated failure domain. You can't update preferred_active_edge_services flag for system generated default failure domain. It will be unset which means that failure domain can be used for both active and standby allocation.",
"extends": {
"$ref": "ManagedResource
},
"id": "FailureDomain",
"module_id": "FailureDomain",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"preferred_active_edge_services": {
"description": "Set preference for edge transport node failure domain which will be considered while doing auto placement of logical router, DHCP and MDProxy on edge node. true: For preemptive failover mode, active edge cluster member allocation preferes this failure domain. false: For preemptive failover mode, standby edge cluster member allocation preferes this failure domain. Default will be unset. It means no explicit preference.",
"required": false,
"title": "Set preference for failure domain",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Failure Domain for edge transport node",
"type": "object"
}
FailureDomainListResult (type)
{
"additionalProperties": false,
"description": "It will have list of failure domains which also includes system generated failure domain.",
"extends": {
"$ref": "ListResult
},
"id": "FailureDomainListResult",
"module_id": "FailureDomain",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of all failure domains including system generated default failure domain",
"items": {
"$ref": "FailureDomain
},
"required": true,
"title": "Failure Domain Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Failure Domain queries result",
"type": "object"
}
FastPathLcoreUsageStats (type)
{
"id": "FastPathLcoreUsageStats",
"module_id": "ObservabilityCounters",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
},
"lcore_rank_01_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 1.",
"required": false,
"type": "int"
},
"lcore_rank_01_lcore_usage": {
"description": "Rank 1 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_02_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 2.",
"required": false,
"type": "int"
},
"lcore_rank_02_lcore_usage": {
"description": "Rank 2 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_03_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 3.",
"required": false,
"type": "int"
},
"lcore_rank_03_lcore_usage": {
"description": "Rank 3 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_04_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 4.",
"required": false,
"type": "int"
},
"lcore_rank_04_lcore_usage": {
"description": "Rank 4 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_05_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 5.",
"required": false,
"type": "int"
},
"lcore_rank_05_lcore_usage": {
"description": "Rank 5 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_06_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 6.",
"required": false,
"type": "int"
},
"lcore_rank_06_lcore_usage": {
"description": "Rank 6 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_07_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 7.",
"required": false,
"type": "int"
},
"lcore_rank_07_lcore_usage": {
"description": "Rank 7 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_08_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 8.",
"required": false,
"type": "int"
},
"lcore_rank_08_lcore_usage": {
"description": "Rank 8 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_09_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 9.",
"required": false,
"type": "int"
},
"lcore_rank_09_lcore_usage": {
"description": "Rank 9 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_10_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 10.",
"required": false,
"type": "int"
},
"lcore_rank_10_lcore_usage": {
"description": "Rank 10 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_11_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 11.",
"required": false,
"type": "int"
},
"lcore_rank_11_lcore_usage": {
"description": "Rank 11 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_12_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 12.",
"required": false,
"type": "int"
},
"lcore_rank_12_lcore_usage": {
"description": "Rank 12 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_13_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 13.",
"required": false,
"type": "int"
},
"lcore_rank_13_lcore_usage": {
"description": "Rank 13 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_14_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 14.",
"required": false,
"type": "int"
},
"lcore_rank_14_lcore_usage": {
"description": "Rank 14 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_15_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 15.",
"required": false,
"type": "int"
},
"lcore_rank_15_lcore_usage": {
"description": "Rank 15 Lcore usage.",
"required": false,
"type": "number"
},
"lcore_rank_16_lcore_id": {
"description": "Lcore ID of Lcore Usage Rank 16.",
"required": false,
"type": "int"
},
"lcore_rank_16_lcore_usage": {
"description": "Rank 16 Lcore usage.",
"required": false,
"type": "number"
},
"number_of_lcores": {
"description": "number of valid lcores",
"required": false,
"type": "int"
}
},
"type": "object"
}
FastPathStats (type)
{
"id": "FastPathStats",
"module_id": "ObservabilityCounters",
"properties": {
"flow_table_occupancy_0_pct": {
"description": "The number of flow tables in which up to 25% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_25_pct": {
"description": "The number of flow tables in which 25-50% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_50_pct": {
"description": "The number of flow tables in which 50-75% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_75_pct": {
"description": "The number of flow tables in which 75-90% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_90_pct": {
"description": "The number of flow tables in which 90-95% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_occupancy_95_pct": {
"description": "The number of flow tables in which 95% of entries are filled.",
"required": false,
"type": "int"
},
"flow_table_size": {
"description": "The number of flow table entries in a flow table.",
"required": false,
"type": "int"
},
"hits": {
"description": "Number of flow hits.",
"required": false,
"type": "integer"
},
"insertion_errors": {
"description": "The number of flow insertion failures.",
"required": false,
"type": "integer"
},
"miss": {
"description": "Packets that are processed by slowpath because of a flow miss. This has no overlap with the slowpath counters.",
"required": false,
"type": "integer"
},
"num_flow_tables": {
"description": "Num of flow tables on the host.",
"required": false,
"type": "int"
},
"num_flows": {
"description": "Total number of flows in all flow tables.",
"required": false,
"type": "int"
},
"num_flows_created": {
"description": "Total number of flows created.",
"required": false,
"type": "integer"
},
"slowpath": {
"description": "Packets that are always targeted to be processed by slowpath such as broadcast/multicast packets.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
FastPathSysStats (type)
{
"id": "FastPathSysStats",
"module_id": "ObservabilityCounters",
"properties": {
"host_enhanced_fastpath": {
"$ref": "FastPathStats,
"description": "Fast path stats for enhanced datapath module.",
"required": false
},
"host_standard_fastpath": {
"$ref": "FastPathStats,
"description": "Fast path stats for legacy datapath module.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
}
},
"type": "object"
}
Fastpath (type)
{
"id": "Fastpath",
"module_id": "ObservabilityCounters",
"properties": {
"rx_drops": {
"description": "Count of rx packet drops of ENS Fastpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"rx_drops_sp": {
"description": "Count of rx pkts drops of slowpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"rx_drops_uplink": {
"description": "Count of rx packet drops of ENS Uplink / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"tx_drops": {
"description": "Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic.",
"required": false,
"type": "integer"
},
"tx_drops_sp": {
"description": "Count of tx pkts drops by slowpath / Not applicable for FC Module.",
"required": false,
"type": "integer"
},
"tx_drops_uplink": {
"description": "Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
FeatureFlagGetRequestParam (type)
{
"additionalProperties": false,
"id": "FeatureFlagGetRequestParam",
"module_id": "PolicyFeatureFlags",
"properties": {
"site_path": {
"required": false,
"title": null,
"type": "string"
}
},
"title": "Full site path. If site path is not provided, result for default NSX+ site will be returned",
"type": "object"
}
FeaturePermission (type)
{
"id": "FeaturePermission",
"module_id": "AAA",
"properties": {
"feature": {
"required": true,
"title": "Feature Id",
"type": "string"
},
"feature_description": {
"title": "Feature Description",
"type": "string"
},
"feature_name": {
"title": "Feature Name",
"type": "string"
},
"is_execute_recommended": {
"readonly": true,
"title": "Is execute recommended",
"type": "boolean"
},
"is_internal": {
"readonly": true,
"title": "Is internal",
"type": "boolean"
},
"permission": {
"enum": [
"crud",
"read",
"execute",
"none"
],
"required": true,
"title": "Permission",
"type": "string"
}
},
"title": "Feature Permission",
"type": "object"
}
FeaturePermissionArray (type)
{
"additionalProperties": false,
"id": "FeaturePermissionArray",
"module_id": "AAA",
"properties": {
"feature_permissions": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "Array of FeaturePermission",
"type": "array"
}
},
"type": "object"
}
FeaturePermissionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FeaturePermissionListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FeatureSet (type)
{
"additionalProperties": false,
"description": "Represents list of features required to view the widget.",
"id": "FeatureSet",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"feature_list": {
"description": "List of features required for to view widget.",
"items": {
"type": "string"
},
"title": "List of features required for to view wdiget",
"type": "array"
},
"require_all_permissions": {
"description": "Flag for specifying if permission to all features is required If set to false, then if there is permission for any of the feature from feature list, widget will be available.",
"title": "Flag for specifying if permission to all features is required",
"type": "boolean"
}
},
"title": "List of features required to view the widget",
"type": "object"
}
FeatureStackCollectionConfiguration (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "FeatureStackCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"client_type_collection_configurations": {
"description": "The set of client type data collection configurations",
"items": {
"$ref": "ClientTypeCollectionConfiguration
},
"title": "Client type collection configurations",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"feature_stack_name": {
"description": "The name of the feature stack",
"required": true,
"title": "Feature stack name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "HPM feature stack data collection frequency configuration",
"type": "object"
}
FeatureStackCollectionConfigurationList (type)
{
"id": "FeatureStackCollectionConfigurationList",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"results": {
"description": "The complete set of feature stack data collection configurations",
"items": {
"$ref": "FeatureStackCollectionConfiguration
},
"readonly": true,
"title": "Feature stack configurations",
"type": "array"
}
},
"title": "Feature stack collection configuration list result",
"type": "object"
}
FeatureUsage (type)
{
"description": "feature usage result item",
"extends": {
"$ref": "Resource
},
"id": "FeatureUsage",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"capacity_usage": {
"items": {
"$ref": "CapacityUsage
},
"readonly": true,
"required": true,
"title": "Capacity Usage List",
"type": "array"
},
"feature": {
"readonly": true,
"title": "name of the feature",
"type": "string"
}
},
"type": "object"
}
FeatureUsageCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "FeatureUsageCsvRecord",
"module_id": "License",
"properties": {
"ccu_usage_count": {
"readonly": true,
"title": "count of number of concurrent users",
"type": "integer"
},
"core_usage_count": {
"readonly": true,
"title": "Number of CPU cores used by this feature",
"type": "integer"
},
"cpu_usage_count": {
"readonly": true,
"title": "count of number of cpu sockets used by this feature",
"type": "integer"
},
"feature": {
"readonly": true,
"title": "name of the feature",
"type": "string"
},
"vcpu_usage_count": {
"readonly": true,
"title": "count of number of vcpus of public cloud VMs",
"type": "integer"
},
"vm_usage_count": {
"readonly": true,
"title": "count of number of vms used by this feature",
"type": "integer"
}
},
"type": "object"
}
FeatureUsageList (type)
{
"description": "list of feature usage items",
"extends": {
"$ref": "Resource
},
"id": "FeatureUsageList",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"feature_usage_info": {
"items": {
"$ref": "FeatureUsage
},
"readonly": true,
"required": true,
"title": "Feature Usage List",
"type": "array"
}
},
"type": "object"
}
FeatureUsageListInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "FeatureUsageListInCsvFormat",
"module_id": "License",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "FeatureUsageCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
FeatureUsages (type)
{
"additionalProperties": false,
"id": "FeatureUsages",
"module_id": "SecurityLicenseUsage",
"properties": {
"DISTRIBUTED_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed Firewall on Bare Metal feature count.",
"readonly": true,
"title": "Distributed Firewall on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_FIREWALL": {
"default": "UNAVAILABLE",
"description": "Distributed Firewall feature count.",
"readonly": true,
"title": "Distributed Firewall feature count",
"type": "string"
},
"DISTRIBUTED_IDPS": {
"default": "UNAVAILABLE",
"description": "Distributed IDPS feature count.",
"readonly": true,
"title": "Distributed IDPS feature count",
"type": "string"
},
"DISTRIBUTED_INTELLIGENCE": {
"default": "UNAVAILABLE",
"description": "Distributed Intelligence feature count.",
"readonly": true,
"title": "Distributed Intelligence feature count",
"type": "string"
},
"DISTRIBUTED_INTELLIGENCE_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed Intelligence on Bare Metal feature count.",
"readonly": true,
"title": "Distributed Intelligence on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_IPFIX": {
"default": "UNAVAILABLE",
"description": "Distributed IPFIX feature count.",
"readonly": true,
"title": "Distributed IPFIX feature count",
"type": "string"
},
"DISTRIBUTED_IPFIX_BAREMETAL": {
"default": "UNAVAILABLE",
"description": "Distributed IPFIX on Bare Metal feature count.",
"readonly": true,
"title": "Distributed IPFIX on Bare Metal feature count",
"type": "string"
},
"DISTRIBUTED_MPS": {
"default": "UNAVAILABLE",
"description": "Distributed MPS feature count.",
"readonly": true,
"title": "Distributed MPS feature count",
"type": "string"
},
"GATEWAY_FIREWALL": {
"default": "UNAVAILABLE",
"description": "Gateway stateful firewall feature count",
"readonly": true,
"title": "Gateway stateful firewall feature count",
"type": "string"
},
"GATEWAY_IDPS": {
"default": "UNAVAILABLE",
"description": "Gateway IDPS feature count.",
"readonly": true,
"title": "Gateway IDPS feature count",
"type": "string"
},
"GATEWAY_MPS": {
"default": "UNAVAILABLE",
"description": "Gateway MPS feature count",
"readonly": true,
"title": "Gateway MPS feature count",
"type": "string"
},
"GATEWAY_TLS": {
"default": "UNAVAILABLE",
"description": "Gateway TLS feature count.",
"readonly": true,
"title": "Gateway TLS feature count",
"type": "string"
},
"NETWORK_DETECTION_RESPONSE": {
"default": "UNAVAILABLE",
"description": "Network Detection Response feature count.",
"readonly": true,
"title": "Network Detection Response feature count",
"type": "string"
}
},
"type": "object"
}
FederationConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation configuration. This configuration is distributed to all Sites participating in federation.",
"id": "FederationConfig",
"module_id": "PolicySiteGM",
"properties": {
"site_config": {
"items": {
"$ref": "SiteFederationConfig
},
"readonly": true,
"title": "Federation configurations of all Sites",
"type": "array"
}
},
"title": "Global Manager federation configuration",
"type": "object"
}
FederationConfiguration (type)
{
"additionalProperties": false,
"description": "Federation configuration.",
"id": "FederationConfiguration",
"module_id": "SiteManagerModule",
"properties": {
"epoch": {
"required": true,
"title": "Epoch",
"type": "integer"
},
"id": {
"required": true,
"title": "Federation id",
"type": "string"
},
"sites": {
"items": {
"$ref": "FederationSite
},
"required": true,
"title": "Sites",
"type": "array"
}
},
"title": "Federation configuration",
"type": "object"
}
FederationConnectivityConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation.",
"id": "FederationConnectivityConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
}
},
"title": "Federation connectivity configuration",
"type": "object"
}
FederationGatewayConfig (type)
{
"additionalProperties": false,
"description": "Additional gateway configuration required for federation",
"extends": {
"$ref": "FederationConnectivityConfig
},
"id": "FederationGatewayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
},
"inter_site_transit_vlan_id": {
"nsx_feature": "FedVrf",
"readonly": true,
"required": false,
"title": "inter site transit vlan id\n",
"type": "int"
},
"site_allocation_indices": {
"description": "Indicies for cross site allocation for edge cluster and its members referred by gateway.",
"items": {
"$ref": "SiteAllocationIndexForEdge
},
"readonly": true,
"title": "Indicies for cross site allocation\n",
"type": "array"
},
"transit_segment_id": {
"description": "Global UUID for transit segment id to be used by Layer2 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global id for transit segment",
"type": "string"
}
},
"title": "Federation gateway configuration",
"type": "object"
}
FederationQueueInfo (type)
{
"description": "Provides insights into details of a specific queue in the flows. For example Global Manager to Local Manager flow, there is a queue on the Global Manager for sending and a queue on Local Manager for receiving.",
"id": "FederationQueueInfo",
"module_id": "FederationObservability",
"properties": {
"current_size": {
"read_only": true,
"title": "Number of messages in the queue",
"type": "integer"
},
"max_size": {
"read_only": true,
"title": "Maixmum capacity of the queue",
"type": "integer"
},
"name": {
"read_only": true,
"title": "Queue name",
"type": "string"
},
"namespace": {
"description": "Every persistent queue has name and namespace. For more debugging like dumping queue, namespace is needed.",
"read_only": true,
"title": "Queue namespace",
"type": "string"
},
"type": {
"enum": [
"TRANSMITTER",
"RECEIVER"
],
"read_only": true,
"title": "Queue type - sender or receiver side",
"type": "string"
}
},
"title": "Details about a specific queue in the flow",
"type": "object"
}
FederationSite (type)
{
"additionalProperties": false,
"description": "Site information.",
"id": "FederationSite",
"module_id": "SiteManagerModule",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"required": true,
"title": "Does site have active GM",
"type": "string"
},
"aph_list": {
"items": {
"$ref": "AphInfo
},
"required": true,
"title": "Aph services in the site",
"type": "array"
},
"cert_hash": {
"required": false,
"title": "Hash of the trustManagerCert",
"type": "string"
},
"cluster_id": {
"required": false,
"title": "Cluster id",
"type": "string"
},
"config_version": {
"required": false,
"title": "Site config version",
"type": "integer"
},
"id": {
"required": true,
"title": "Id of the site",
"type": "string"
},
"is_federated": {
"required": true,
"title": "Is site federated",
"type": "boolean"
},
"is_local": {
"required": true,
"title": "Is site local",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the site",
"type": "string"
},
"node_type": {
"enum": [
"GM",
"LM",
"GM_AND_LM"
],
"required": true,
"title": "Type of node",
"type": "string"
},
"site_version": {
"required": true,
"title": "Version of the site",
"type": "string"
},
"split_brain": {
"required": false,
"title": "Split brain",
"type": "boolean"
},
"system_id": {
"required": true,
"title": "System id",
"type": "integer"
},
"trust_manager_cert": {
"required": false,
"title": "Cert string from trust manager",
"type": "string"
},
"vip_ip": {
"required": false,
"title": "Vip ip",
"type": "string"
}
},
"title": "Site information",
"type": "object"
}
FederationSiteMigrationState (type)
{
"additionalProperties": false,
"id": "FederationSiteMigrationState",
"module_id": "Migration",
"properties": {
"site_migration_state": {
"description": "Key-value pair of federation site-id and its migration-state i.e. 'ENABLED' or 'DISABLED'.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Federation site-id and it's migration state map",
"type": "array"
}
},
"type": "object"
}
FederationStatus (type)
{
"id": "FederationStatus",
"module_id": "SiteManagerModule",
"properties": {
"active_standby_sync_statuses": {
"items": {
"$ref": "ActiveStandbySyncStatus
},
"required": true,
"title": "Status of synchronization between active and standby sites.",
"type": "array"
},
"remote_connections": {
"items": {
"$ref": "SiteStatus
},
"title": "Site connection status",
"type": "array"
}
},
"type": "object"
}
FeedBack (type)
{
"additionalProperties": false,
"description": "Provide details of validation/errors occurred during collection ,translation and apply phase in MP to Policy promotion.",
"id": "FeedBack",
"module_id": "MPPolicyMigration",
"properties": {
"error_list": {
"items": {
"$ref": "FeedBackErrorMessage
},
"required": true,
"title": "Error array list",
"type": "array"
},
"mp_display_name": {
"required": true,
"title": "Manager resource display name",
"type": "string"
},
"mp_id": {
"required": true,
"title": "Manager resource id",
"type": "string"
},
"type": {
"required": true,
"title": "Manager resource type",
"type": "string"
}
},
"title": "Provide details related to feeback for MP to Policy promotion.\n",
"type": "object"
}
FeedBackErrorMessage (type)
{
"additionalProperties": false,
"description": "Provide details of error_id and error description for errors occurred during collection ,translation and apply phase in MP to Policy promotion.",
"id": "FeedBackErrorMessage",
"module_id": "MPPolicyMigration",
"properties": {
"error_desc": {
"required": true,
"title": "Error description due to which promotion is not successful.",
"type": "string"
},
"error_id": {
"required": true,
"title": "Error Id due to which promotion is not successful.",
"type": "string"
}
},
"title": "FeedBackErrorMessage",
"type": "object"
}
FeedBackListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "FeedBackListRequestParameters",
"module_id": "MPPolicyMigration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"location": {
"default": "CURRENT",
"description": "Location flag corresponds to the version of feedback. It can be CURRENT - feedback of current promotion ARCHIVED - feedback of previous sucessful promotion",
"enum": [
"CURRENT",
"ARCHIVED"
],
"required": false,
"title": "Location flag",
"type": "string"
},
"mp_display_name": {
"description": "Specify the mp resource display name to filter corresponding feedbacks.",
"required": false,
"title": "Specify the mp resource display name to filter corresponding feedbacks.",
"type": "string"
},
"mp_id": {
"description": "Specify the mp resource id to filter corresponding feedbacks.",
"required": false,
"title": "Specify the mp resource id to filter corresponding feedbacks.",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"description": "Specify the mp resource type to filter corresponding feedbacks.",
"required": false,
"title": "Specify the mp resource type to filter corresponding feedbacks.",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "FeedBack List Request Parameters",
"type": "object"
}
FeedBackListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FeedBackListResult",
"module_id": "MPPolicyMigration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Feedback object list results.",
"items": {
"$ref": "FeedBack
},
"required": false,
"title": "Feedback object list results.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
Feedback (type)
{
"additionalProperties": false,
"description": "Feedback details.",
"id": "Feedback",
"module_id": "OverlayAdoption",
"properties": {
"id": {
"description": "Feedback ID.",
"readonly": true,
"required": false,
"title": "Feedback ID",
"type": "string"
},
"message": {
"description": "Feedback message.",
"readonly": true,
"required": false,
"title": "Feedback message",
"type": "string"
},
"severity": {
"$ref": "ColorCode,
"description": "Feedback severity.",
"readonly": true,
"required": false,
"title": "Feedback severity"
}
},
"title": "Feedback details",
"type": "object"
}
FeedbackListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "FeedbackListRequestParameters",
"module_id": "Migration",
"properties": {
"category": {
"readonly": false,
"required": false,
"title": "Category on which feedback request should be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"hash": {
"readonly": false,
"required": false,
"title": "Hash based on which feedback request should be filtered",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"state": {
"default": "ALL",
"enum": [
"ALL",
"RESOLVED",
"UNRESOLVED"
],
"readonly": false,
"required": false,
"title": "Filter based on current state of the feedback request",
"type": "string"
},
"sub_category": {
"readonly": false,
"required": false,
"title": "Sub category based on which feedback request should be filtered",
"type": "string"
}
},
"type": "object"
}
FeedbackListResult (type)
{
"additionalProperties": false,
"description": "Feedback list.",
"extends": {
"$ref": "ListResult
},
"id": "FeedbackListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of feedbacks.",
"items": {
"$ref": "Feedback
},
"readonly": true,
"required": true,
"title": "Paged collection of feedbacks",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Feedback list",
"type": "object"
}
FeedbackResponseRequestParameters (type)
{
"additionalProperties": false,
"id": "FeedbackResponseRequestParameters",
"module_id": "Migration",
"properties": {
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
}
},
"type": "object"
}
FeedbackSummaryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "FeedbackSummaryListRequestParameters",
"module_id": "Migration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_layer": {
"description": "Network layer for which feedback is generated. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for which feedback is generated",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FeedbacksRequestParameters (type)
{
"description": "Feedback list request parameters.",
"id": "FeedbacksRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"workflow_resource": {
"$ref": "WorkflowResource,
"description": "Workflow resource.",
"readonly": false,
"required": true,
"title": "Workflow resource"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "Feedback list request parameters",
"type": "object"
}
FieldSanityConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the field value constraint to constrain specified field value based on defined sanity checks. Example - For DNS.upstream_servers, all the IP addresses must either be public or private. { \"target\": { \"target_resource_type\": \"DnsForwarderZone\", \"attribute\": \"upstreamServers\", \"path_prefix\": \"/infra/dns-forwarder-zones/\" }, \"constraint_expression\": { \"resource_type\": \"FieldSanityConstraintExpression\", \"operator\": \"OR\", \"checks\": [\"ALL_PUBLIC_IPS\", \"ALL_PRIVATE_IPS\"] } }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "FieldSanityConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "FieldSanityConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"checks": {
"description": "List of sanity checks.",
"items": {
"enum": [
"ALL_PUBLIC_IPS",
"ALL_PRIVATE_IPS",
"ALL_IPV6_CIDRS",
"ALL_IPV6_IPS",
"ALL_IPV4_CIDRS",
"ALL_IPV4_IPS"
],
"type": "string"
},
"required": true,
"title": "Array of sanity checks to be performed on field value",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "A conditional operator",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the field value sanity constraint",
"type": "object"
}
FieldSetting (type)
{
"additionalProperties": false,
"description": "Field Setting.",
"id": "FieldSetting",
"module_id": "PolicyReaction",
"properties": {
"field_pointer": {
"description": "Field Pointer.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"value": {
"$ref": "FieldSettingValue,
"description": "Value that the field must be set to.",
"required": true,
"title": "Value"
}
},
"title": "FieldSetting",
"type": "object"
}
FieldSettingValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Field Setting Value.",
"id": "FieldSettingValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Field Setting Value",
"type": "object"
}
FieldsFilterData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LiveTraceFilterData
},
"id": "FieldsFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsFilterData"
},
"properties": {
"ip_info": {
"$ref": "IpInfo,
"deprecated": true,
"description": "This property is deprecated. Please use the property network_info instead.",
"required": false,
"title": "IP address information"
},
"network_info": {
"$ref": "NetworkInfo,
"description": "Network layer information.",
"required": false,
"title": "Network layer information"
},
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
},
"transport_info": {
"$ref": "TransportInfo,
"description": "Transport layer information.",
"required": false,
"title": "Transport layer information"
}
},
"type": "object"
}
FieldsPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData
},
"id": "FieldsPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsPacketData"
},
"properties": {
"arp_header": {
"$ref": "ArpHeader,
"required": false,
"title": "The ARP header"
},
"eth_header": {
"$ref": "EthernetHeader,
"required": false,
"title": "The ethernet header"
},
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"ip_header": {
"$ref": "Ipv4Header,
"required": false,
"title": "The IPv4 header"
},
"ipv6_header": {
"$ref": "Ipv6Header,
"required": false,
"title": "The IPv6 header"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64-encoded payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"description": "When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate.",
"required": false,
"title": "Awareness of logical routing",
"type": "boolean"
},
"transport_header": {
"$ref": "TransportProtocolHeader,
"description": "This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported).",
"required": false,
"title": "The transport header"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "Transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
FileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "FileProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"created_epoch_ms": {
"required": true,
"title": "File creation time in epoch milliseconds",
"type": "integer"
},
"modified_epoch_ms": {
"required": true,
"title": "File modification time in epoch milliseconds",
"type": "integer"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"path": {
"readonly": true,
"title": "File path",
"type": "string"
},
"size": {
"required": true,
"title": "Size of the file in bytes",
"type": "integer"
}
},
"title": "File properties",
"type": "object"
}
FilePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "FilePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FileProperties
},
"required": true,
"title": "File property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "File properties query results",
"type": "object"
}
FileThumbprint (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "FileThumbprint",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"sha1": {
"deprecated": true,
"deprecation_advice": "Deprecated by EAL4. Please use the sha256 thumbprint instead.",
"required": true,
"title": "File's SHA1 thumbprint",
"type": "string"
},
"sha256": {
"required": true,
"title": "File's SHA256 thumbprint",
"type": "string"
}
},
"title": "File thumbprint",
"type": "object"
}
FileTransferAuthenticationScheme (type)
{
"additionalProperties": false,
"id": "FileTransferAuthenticationScheme",
"module_id": "BackupConfiguration",
"properties": {
"identity_file": {
"sensitive": true,
"title": "SSH private key data",
"type": "secure_string"
},
"password": {
"sensitive": true,
"title": "Password to authenticate with",
"type": "secure_string"
},
"scheme_name": {
"enum": [
"PASSWORD",
"KEY"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\\\\){0,1}\\w[\\w.-]+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"title": "Remote server authentication details",
"type": "object"
}
FileTransferProtocol (type)
{
"additionalProperties": false,
"id": "FileTransferProtocol",
"module_id": "BackupConfiguration",
"properties": {
"authentication_scheme": {
"$ref": "FileTransferAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"protocol_name": {
"default": "sftp",
"enum": [
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"description": "The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated. Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' | awk '{print \"SHA256:\"$1}'",
"pattern": "^SHA256:.*$",
"required": true,
"title": "SSH fingerprint of server",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.fingerprint_pattern.message"
}
},
"title": "Protocol to transfer backup file to remote server",
"type": "object"
}
FileType (type)
{
"enum": [
"DOCUMENT",
"EXECUTABLE",
"MEDIA",
"ARCHIVE",
"DATA",
"SCRIPT",
"OTHER"
],
"id": "FileType",
"module_id": "PolicyAntiMalware",
"title": "MalwarePrevention File type",
"type": "string"
}
Filter (type)
{
"id": "Filter",
"module_id": "AggSvcL2Types",
"properties": {
"name": {
"required": true,
"title": "The name of the filter.",
"type": "string"
},
"value": {
"required": true,
"title": "The value of the filter.",
"type": "string"
}
},
"type": "object"
}
FilterRequest (type)
{
"additionalProperties": false,
"description": "Filter request parameters",
"id": "FilterRequest",
"module_id": "Search",
"properties": {
"case_sensitive": {
"default": true,
"description": "Set this flag to true to make filtering case-sensitive.",
"required": false,
"title": "Flag to indicate whether filtering is case-sensitive or not",
"type": "boolean"
},
"field_names": {
"description": "Comma separated fields to be filtered on",
"required": true,
"title": "Field Names",
"type": "string"
},
"value": {
"description": "Filter value",
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Filter request",
"type": "object"
}
FilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for filter widget. This is abstract representation of filter widget.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "FilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "FilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Filter widget Configuration",
"type": "object"
}
FipsGlobalConfig (type)
{
"description": "Policy api will overwrite the fipsGlobalConfig set using MP api. Always use https://<policyIp>/policy/api/v1/infra/global-config to update fips configuration.",
"extends": {
"$ref": "GlobalConfigs
},
"id": "FipsGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "FipsGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lb_fips_enabled": {
"default": true,
"deprecated": true,
"description": "This is a deprecated property which is always set as true. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.",
"readonly": true,
"title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.",
"type": "boolean"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for FIPS compliance settings",
"type": "object"
}
FireWallServiceAssociationListResult (type)
{
"extends": {
"$ref": "ServiceAssociationListResult
},
"id": "FireWallServiceAssociationListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Firewall rule list result with pagination support.",
"items": {
"$ref": "FirewallRule
},
"readonly": true,
"required": true,
"title": "Firewall rule list result",
"type": "array"
},
"service_type": {
"enum": [
"FireWallServiceAssociationListResult",
"IpfixServiceAssociationListResult"
],
"required": true,
"type": "string"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallCategory (type)
{
"description": "Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.",
"enum": [
"L2DFW",
"L3DFW",
"L3BRIDGEPORTFW",
"L3LOGICALROUTERFW"
],
"id": "FirewallCategory",
"module_id": "Firewall",
"readonly": true,
"required": false,
"title": "Firewall Category",
"type": "string"
}
FirewallConfiguration (type)
{
"additionalProperties": false,
"description": "For Multi-tenancy, only disable_auto_draft field applies, the other fields have no effect.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To deactivate auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft deactivate flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_macset_optimization_mode_enabled": {
"default": false,
"description": "MACSet optimization is turned on when this flag is set to true. By default it is set to false.",
"title": "Global MACSet Optimization Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Firewall related configurations",
"type": "object"
}
FirewallContextType (type)
{
"description": "Types of firewall contexts.",
"enum": [
"transport_nodes",
"logical_routers",
"bridge_ports"
],
"id": "FirewallContextType",
"module_id": "FirewallStatus",
"title": "Firewall Context Type",
"type": "string"
}
FirewallCpuMemThresholdsProfile (type)
{
"description": "A profile holding CPU and memory threshold configuration.",
"extends": {
"$ref": "BaseFirewallProfile
},
"id": "FirewallCpuMemThresholdsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallCpuMemThresholdsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cpu_threshold_percentage": {
"default": 90,
"description": "CPU utilization threshold percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"readonly": false,
"required": true,
"title": "CPU utilization threshold percentage",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mem_threshold_percentage": {
"default": 90,
"description": "Heap memory threshold percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Heap memory threshold utilization percentage",
"type": "integer"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Firewall CPU and memory threshold profile",
"type": "object"
}
FirewallDnsProfile (type)
{
"description": "A profile holding DNS configuration which allows firewall to use DNS response packets and manage firewall cache. e.g. TTL used to expire snooped entries from cache.",
"extends": {
"$ref": "BaseFirewallProfile
},
"id": "FirewallDnsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallDnsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_ttl_config": {
"$ref": "DnsTtlConfig,
"description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.",
"required": false,
"title": "DNS TTL config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Firewall DNS profile",
"type": "object"
}
FirewallFilterByRequestParameters (type)
{
"additionalProperties": false,
"id": "FirewallFilterByRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"enforcement_point_path": {
"description": "Path of the enforcement point from where the result need to be fetched. If not provided, default enforcement point will be considered. It is mandatory parameter on global manager.",
"required": false,
"title": "Path of the enforcement point",
"type": "string"
},
"parent_path": {
"description": "The path of the parent object of entities that are need to be filtered based in the given criteria. Parent path is required for filtering rules of particular policy.",
"required": false,
"title": "Path of the parent object of the entities",
"type": "string"
},
"scope": {
"description": "All those firewall entities, policies/rules, will be returned whose scope value satisfies the given criteria. The value for scope can be, - virtual machine id or - logical router id. Based on the given scope value, the entities will be filtered.",
"required": true,
"title": "Scope filter criteria",
"type": "string"
}
},
"title": "Request parameters for filtering entities based on the given criteria",
"type": "object"
}
FirewallFloodProtectionProfile (type)
{
"description": "A profile holding protection configuration for SYN flood, UDP flood, ICMP flood and other flood attack.",
"extends": {
"$ref": "BaseFirewallProfile
},
"id": "FirewallFloodProtectionProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rst_spoofing": {
"default": false,
"description": "The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled.",
"readonly": false,
"title": "Flag to indicate RST spoofing is enabled or not",
"type": "boolean"
},
"enable_syncache": {
"default": false,
"description": "The flag to indicate syncache is enabled or not. This option does not apply to EDGE components.",
"readonly": false,
"title": "Flag to indicate syncache is enabled or not",
"type": "boolean"
},
"icmp_active_flow_limit": {
"description": "The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active icmp connections",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nat_active_conn_limit": {
"default": 4294967295,
"description": "The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.",
"maximum": 4294967295,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active NAT connections",
"type": "integer"
},
"other_active_conn_limit": {
"description": "The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of other active connections besides udp, icmp and tcp half open connections",
"type": "integer"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of half open tcp connections",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component.",
"maximum": 1000000,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active udp connections",
"type": "integer"
}
},
"title": "Firewall flood protection profile",
"type": "object"
}
FirewallGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs
},
"id": "FirewallGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"global_fastpath_mode_enabled": {
"default": true,
"deprecated": true,
"description": "This property is deprecated. The fast path mode is always enabled in Distributed Firewall.",
"title": "A flag to indicate if fast path searching is enabled in DFW",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for Distributed Firewall",
"type": "object"
}
FirewallIdentitySearchFilterValue (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FirewallIdentityStoreListRequestParameters
},
"id": "FirewallIdentitySearchFilterValue",
"module_id": "PolicyIdentity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"filter_value": {
"description": "Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.",
"required": true,
"title": "Name search filter value",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Searching domain entities using a matching filter value",
"type": "object"
}
FirewallIdentityStoreLdapServerTestParameters (type)
{
"id": "FirewallIdentityStoreLdapServerTestParameters",
"module_id": "PolicyIdentity",
"properties": {
"action": {
"description": "Type of LDAP server test to perform.",
"enum": [
"CONNECTIVITY"
],
"required": true,
"title": "LDAP server test requested",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Parameters for performing LDAP server test",
"type": "object"
}
FirewallIdentityStoreListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "FirewallIdentityStoreListRequestParameters",
"module_id": "PolicyIdentity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Firewall identity store list request parameters",
"type": "object"
}
FirewallIdentityStoreSyncRequest (type)
{
"extends": {
"$ref": "PolicyIdfwEnforcementPointRequestParameters
},
"id": "FirewallIdentityStoreSyncRequest",
"module_id": "PolicyIdentity",
"properties": {
"action": {
"description": "Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time. FULL_SYNC - Perform a full synchronization, where the local state of all AD objects is updated. DELTA_SYNC - Perform a delta synchronization, where local AD objects that have changed since the last synchronization are updated. STOP_SYNC - Stop the synchronization process.",
"enum": [
"FULL_SYNC",
"DELTA_SYNC",
"STOP_SYNC"
],
"required": true,
"title": "Sync type requested",
"type": "string"
},
"delay": {
"default": 0,
"description": "The delay can be added to execute the sync action in the future.",
"minimum": 0,
"required": false,
"title": "Request to execute the sync with some delay in seconds",
"type": "integer"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Firewall identity store synchronization request",
"type": "object"
}
FirewallInsertParameters (type)
{
"extends": {
"$ref": "DSInsertParameters
},
"id": "FirewallInsertParameters",
"module_id": "Firewall",
"properties": {
"id": {
"maxLength": 64,
"required": false,
"title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.",
"type": "object"
}
FirewallListRequestParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections/rules.",
"extends": {
"$ref": "DSListRequestParameters
},
"id": "FirewallListRequestParameters",
"module_id": "Firewall",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"context_profiles": {
"description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Context Profiles.",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deep_search": {
"default": false,
"description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.",
"required": false,
"title": "Toggle to search with direct or indirect references.",
"type": "boolean"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"extended_sources": {
"description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Extended Sources.",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_invalid_references": {
"default": false,
"description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).",
"required": false,
"title": "Return invalid references in results.",
"type": "boolean"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
}
},
"title": "Parameters to filter list of sections/rules.",
"type": "object"
}
FirewallProfileListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "FirewallProfileListParameters",
"module_id": "FirewallProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"description": "Profile resource type",
"readonly": false,
"required": true,
"title": "Profile resource type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "FirewallProfileListResult",
"module_id": "FirewallProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of firewall profiles.",
"items": {
"$ref": "BaseFirewallProfile
},
"readonly": true,
"required": false,
"title": "List of the firewall profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallRule (type)
{
"extends": {
"$ref": "DSRule
},
"id": "FirewallRule",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink,
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"action": {
"description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"REDIRECT",
"DO_NOT_REDIRECT",
"DETECT",
"ALLOW_CONTINUE",
"DETECT_PREVENT"
],
"readonly": false,
"required": true,
"title": "Action",
"type": "string"
},
"applied_tos": {
"description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"context_profiles": {
"description": "NS Profile object which accepts attributes and sub-attributes of various network services (ex. L7 AppId, domain name, encryption algorithm) as key value pairs.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"title": "Context Profiles",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Destination List",
"type": "array"
},
"destinations_excluded": {
"default": false,
"description": "Negation of the destination.",
"readonly": false,
"required": false,
"title": "Negation of destination",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": false,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": false,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extended_sources": {
"description": "List of NSGroups that have end point attributes like AD Groups(SID), process name, process hash etc. For Flash release, only NSGroups containing AD Groups are supported.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"title": "Extended Sources",
"type": "array"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"ip_protocol": {
"default": "IPV4_IPV6",
"description": "Type of IP packet that should be matched while enforcing the rule.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "Flag to indicate whether rule is default.",
"readonly": true,
"required": false,
"title": "Default rule",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"notes": {
"description": "User notes specific to the rule.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Notes",
"type": "string"
},
"priority": {
"description": "Priority of the rule.",
"readonly": true,
"required": false,
"title": "Rule priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"readonly": false,
"required": false,
"title": "Tag",
"type": "string"
},
"section_id": {
"description": "Section Id of the section to which this rule belongs to.",
"readonly": true,
"required": false,
"title": "Section Id",
"type": "string"
},
"services": {
"description": "List of the services. Null will be treated as any.",
"items": {
"$ref": "FirewallService
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service List",
"type": "array"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Source List",
"type": "array"
},
"sources_excluded": {
"default": false,
"description": "Negation of the source.",
"readonly": false,
"required": false,
"title": "Negation of source",
"type": "boolean"
}
},
"type": "object"
}
FirewallRuleList (type)
{
"id": "FirewallRuleList",
"module_id": "Firewall",
"properties": {
"rules": {
"description": "List of firewall rules in the section. Only homogenous rules are supported.",
"items": {
"$ref": "FirewallRule
},
"maxItems": 1000,
"required": true,
"title": "List of the firewall rules",
"type": "array"
}
},
"type": "object"
}
FirewallRuleListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "FirewallRuleListResult",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Firewall rule list result with pagination support.",
"items": {
"$ref": "FirewallRule
},
"readonly": true,
"required": true,
"title": "Firewall rule list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallSection (type)
{
"extends": {
"$ref": "DSSection
},
"id": "FirewallSection",
"module_id": "Firewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"autoplumbed": {
"default": false,
"description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.",
"readonly": true,
"required": false,
"title": "Tells if a section is auto-plumbed or not",
"type": "boolean"
},
"category": {
"description": "Category from policy framework.",
"readonly": true,
"title": "Section category",
"type": "string"
},
"comments": {
"description": "Comments for section lock/unlock.",
"readonly": true,
"required": false,
"title": "Section lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforced_on": {
"description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.",
"readonly": true,
"required": false,
"title": "Firewall Section Enforcement type",
"type": "string"
},
"firewall_schedule": {
"$ref": "ResourceReference,
"description": "Reference of the firewall schedule during which this section will be valid.",
"required": false,
"title": "Firewall Schedule Reference"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the section.",
"readonly": true,
"required": false,
"title": "Lock modified by user",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "Section locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Section locked/unlocked time"
},
"locked": {
"default": false,
"description": "Section is locked/unlocked.",
"readonly": true,
"required": false,
"title": "Section Locked",
"type": "boolean"
},
"priority": {
"description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.",
"readonly": true,
"required": false,
"title": "Section priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"type": "object"
}
FirewallSectionFilterParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections.",
"extends": {
"$ref": "FirewallListRequestParameters
},
"id": "FirewallSectionFilterParameters",
"module_id": "Firewall",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"context_profiles": {
"description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Context Profiles.",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deep_search": {
"default": false,
"description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.",
"required": false,
"title": "Toggle to search with direct or indirect references.",
"type": "boolean"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"enforced_on": {
"$ref": "AttachmentTypeQueryString,
"description": "Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported.",
"required": false,
"title": "Limit result to sections having a specific kind of enforcement point"
},
"exclude_applied_to_type": {
"$ref": "DSAppliedToType,
"description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections not having a specific AppliedTo type"
},
"extended_sources": {
"description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.",
"title": "Limits results to sections having rules with specific Extended Sources.",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"include_applied_to_type": {
"$ref": "DSAppliedToType,
"description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections having a specific AppliedTo type"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"locked": {
"description": "Used to filter out locked or unlocked sections.",
"required": false,
"title": "Limit results to sections which are locked/unlocked",
"type": "boolean"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_invalid_references": {
"default": false,
"description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).",
"required": false,
"title": "Return invalid references in results.",
"type": "boolean"
},
"search_scope": {
"description": "This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall.",
"required": false,
"title": "Limit result to sections of a specific enforcement point",
"type": "string"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
},
"type": {
"default": "LAYER3",
"description": "Section Type with values layer2 or layer3",
"enum": [
"LAYER2",
"LAYER3"
],
"required": false,
"title": "Section Type",
"type": "string"
}
},
"title": "Parameters to filter section from list of sections",
"type": "object"
}
FirewallSectionListResult (type)
{
"extends": {
"$ref": "DSSectionListResult
},
"id": "FirewallSectionListResult",
"module_id": "Firewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the firewall sections. The list has to be homogenous.",
"items": {
"$ref": "FirewallSection
},
"readonly": true,
"required": true,
"title": "Section list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FirewallSectionLock (type)
{
"id": "FirewallSectionLock",
"module_id": "Firewall",
"properties": {
"comments": {
"description": "Comments for section lock/unlock.",
"maxLength": 4096,
"minLength": 4,
"readonly": false,
"required": true,
"title": "Comments",
"type": "string"
},
"section_revision": {
"description": "Revision of the section.",
"readonly": false,
"required": true,
"title": "Section revision",
"type": "integer"
}
},
"type": "object"
}
FirewallSectionRuleList (type)
{
"extends": {
"$ref": "FirewallSection
},
"id": "FirewallSectionRuleList",
"module_id": "Firewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"autoplumbed": {
"default": false,
"description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.",
"readonly": true,
"required": false,
"title": "Tells if a section is auto-plumbed or not",
"type": "boolean"
},
"category": {
"description": "Category from policy framework.",
"readonly": true,
"title": "Section category",
"type": "string"
},
"comments": {
"description": "Comments for section lock/unlock.",
"readonly": true,
"required": false,
"title": "Section lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforced_on": {
"description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.",
"readonly": true,
"required": false,
"title": "Firewall Section Enforcement type",
"type": "string"
},
"firewall_schedule": {
"$ref": "ResourceReference,
"description": "Reference of the firewall schedule during which this section will be valid.",
"required": false,
"title": "Firewall Schedule Reference"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the section.",
"readonly": true,
"required": false,
"title": "Lock modified by user",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "Section locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Section locked/unlocked time"
},
"locked": {
"default": false,
"description": "Section is locked/unlocked.",
"readonly": true,
"required": false,
"title": "Section Locked",
"type": "boolean"
},
"priority": {
"description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.",
"readonly": true,
"required": false,
"title": "Section priority",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"rules": {
"description": "List of firewall rules in the section. Only homogenous rules are supported.",
"items": {
"$ref": "FirewallRule
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "List of the firewall rules",
"type": "array"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"type": "object"
}
FirewallSectionState (type)
{
"extends": {
"$ref": "DSSectionState
},
"id": "FirewallSectionState",
"module_id": "Firewall",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Pending changes to be realized.",
"items": {
"$ref": "PendingChange
},
"maxItems": 100,
"required": true,
"title": "List of pending changes",
"type": "array"
},
"revision_desired": {
"description": "This attribute represents revision number of section's desired state.",
"readonly": true,
"required": false,
"title": "Section's desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
FirewallSectionsSummary (type)
{
"extends": {
"$ref": "Resource
},
"id": "FirewallSectionsSummary",
"module_id": "FirewallSummary",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"rule_count": {
"description": "Total number of rules in the section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_count": {
"description": "Total number of sections for the section type.",
"readonly": true,
"required": false,
"title": "Section count",
"type": "integer"
},
"section_type": {
"$ref": "FirewallCategory,
"description": "Type of rules which a section can contain.",
"readonly": true,
"required": false,
"title": "Section Type"
}
},
"type": "object"
}
FirewallSectionsSummaryList (type)
{
"id": "FirewallSectionsSummaryList",
"module_id": "FirewallSummary",
"properties": {
"last_compute_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp of the last computation, in epoch milliseconds."
},
"sections_summary": {
"description": "List of firewall sections summary.",
"items": {
"$ref": "FirewallSectionsSummary
},
"readonly": true,
"required": false,
"title": "List of the firewall sections summary",
"type": "array"
}
},
"type": "object"
}
FirewallService (type)
{
"extends": {
"$ref": "DSService
},
"id": "FirewallService",
"module_id": "Firewall",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"service": {
"$ref": "NSServiceElement,
"description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.",
"readonly": false,
"required": false,
"title": "Distributed Service Network and Security Service element"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
FirewallSessionTimerProfile (type)
{
"description": "A profile holding TCP, UDP and ICMP session timeout configuration.",
"extends": {
"$ref": "BaseFirewallProfile
},
"id": "FirewallSessionTimerProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FirewallSessionTimerProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_error_reply": {
"default": 10,
"description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after ICMP error",
"type": "integer"
},
"icmp_first_packet": {
"default": 20,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "First packet connection timeout",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_closed": {
"default": 20,
"description": "The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after RST",
"type": "integer"
},
"tcp_closing": {
"default": 120,
"description": "The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after first TN",
"type": "integer"
},
"tcp_established": {
"default": 43200,
"description": "The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 120,
"readonly": false,
"required": true,
"title": "Connection timeout",
"type": "integer"
},
"tcp_finwait": {
"default": 45,
"description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after FINs exchanged",
"type": "integer"
},
"tcp_first_packet": {
"default": 120,
"description": "The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"tcp_opening": {
"default": 30,
"description": "The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after second packet",
"type": "integer"
},
"udp_first_packet": {
"default": 60,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"udp_multiple": {
"default": 60,
"description": "The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after hosts sent packet",
"type": "integer"
},
"udp_single": {
"default": 30,
"description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timeout for destination",
"type": "integer"
}
},
"title": "Firewall Session timeout profile",
"type": "object"
}
FirewallStats (type)
{
"extends": {
"$ref": "Resource
},
"id": "FirewallStats",
"module_id": "FirewallStatsRule",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of firewall rule",
"type": "integer"
},
"rule_id": {
"description": "Rule Identifier of the Firewall rule. This is a globally unique number.",
"readonly": true,
"required": false,
"title": "Firewall rule Id",
"type": "string"
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "Sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by the all firewall rules. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total sessions count",
"type": "integer"
}
},
"type": "object"
}
FirewallStatsList (type)
{
"id": "FirewallStatsList",
"module_id": "FirewallStatsRule",
"properties": {
"result_count": {
"description": "Total count for firewall rule statistics in results set",
"readonly": true,
"required": true,
"title": "Firewall rules stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics",
"items": {
"$ref": "FirewallStats
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Firewall rules stats",
"type": "array"
},
"section_id": {
"description": "Corresponding firewall section identifier for list of rule statistics",
"readonly": true,
"required": true,
"title": "Firewall section ID",
"type": "string"
}
},
"type": "object"
}
FirewallStatus (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "FirewallStatus",
"module_id": "FirewallStatus",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"context": {
"$ref": "FirewallContextType,
"description": "Types of firewall contexts.",
"readonly": false,
"required": true,
"title": "Firewall Context Type"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_status": {
"$ref": "FirewallStatusType,
"description": "Firewall status for a fabric entity or in global context where firewall is supported.",
"readonly": false,
"required": true,
"title": "Firewall Status Type"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_statuses": {
"description": "List of firewall status on various target logical resources. This will override the global status of corresponding firewall context (e.g it will override the gloabal status of logical_routers).",
"items": {
"$ref": "TargetResourceStatus
},
"readonly": false,
"required": false,
"title": "List of target resource status",
"type": "array"
}
},
"title": "Firewall Status Response",
"type": "object"
}
FirewallStatusListResult (type)
{
"description": "List of firewall statuses for a context or all context",
"extends": {
"$ref": "ListResult
},
"id": "FirewallStatusListResult",
"module_id": "FirewallStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FirewallStatus
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Firewall Statuses",
"type": "object"
}
FirewallStatusType (type)
{
"description": "Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).",
"enum": [
"DISABLED",
"ENABLED"
],
"id": "FirewallStatusType",
"module_id": "FirewallStatus",
"title": "Firewall Status Type",
"type": "string"
}
FirstNSampling (type)
{
"extends": {
"$ref": "SamplingArgument
},
"id": "FirstNSampling",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "FirstNSampling"
},
"properties": {
"match_number": {
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Number of packets to be sampled",
"type": "integer"
},
"sampling_type": {
"enum": [
"FirstNSampling",
"PacketNumberSampling",
"IntervalSampling"
],
"required": true,
"title": "Sampling type",
"type": "string"
}
},
"type": "object"
}
FloodProtectionProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding TCP, UDP and ICMP and other protcol connection limits.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Flood Protection profile",
"type": "object"
}
FloodProtectionProfileBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FloodProtectionProfileBindingListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfileBindingMap
},
"required": true,
"title": "Flood protection profile binding maps list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profile binding maps",
"type": "object"
}
FloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Flood Protection profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "FloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FloodProtectionProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Flood Protection Profile binding map",
"type": "object"
}
FloodProtectionProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "FloodProtectionProfileListRequestParameters",
"module_id": "PolicyProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Flood Protection profile list request parameters",
"type": "object"
}
FloodProtectionProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FloodProtectionProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfile
},
"required": true,
"title": "Flood protection profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profiles",
"type": "object"
}
FloodProtectionProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes.",
"enum": [
"GatewayFloodProtectionProfile",
"DistributedFloodProtectionProfile"
],
"id": "FloodProtectionProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of flood protection profiles",
"type": "string"
}
FlowCacheStatistics (type)
{
"additionalProperties": false,
"id": "FlowCacheStatistics",
"properties": {
"active": {
"description": "Number of active entries.",
"title": "Active",
"type": "string"
},
"bucket_collisions": {
"description": "Number of cache bucket collisions.",
"title": "Bucket Collisions",
"type": "string"
},
"dont_cache": {
"description": "Number of packets that cannot be cached",
"title": "Dont Cache",
"type": "string"
},
"hit_rate": {
"description": "Hit percentage",
"title": "Hit rate",
"type": "string"
},
"hits": {
"description": "Number of packets forwarded",
"title": "Hits",
"type": "string"
},
"insertions": {
"description": "Number of times new entries have been added.",
"title": "Insertions",
"type": "string"
},
"key_collisions": {
"description": "Number of cache key collisions.",
"title": "Key Collisions",
"type": "string"
},
"max_seen_percentage": {
"description": "Percentage of maximum entries with respect to total size.",
"title": "Max Seen Percentage",
"type": "string"
},
"misses": {
"description": "Number of entries passed on to the next layer due to cache miss.",
"title": "Misses",
"type": "string"
},
"skipped": {
"description": "Number of unsupported packets or disabled cache misses.",
"title": "Skipped",
"type": "string"
}
},
"type": "object"
}
FlowInfo (type)
{
"description": "Provides details of config flow in federation Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "FlowInfo",
"module_id": "FederationObservability",
"properties": {
"cross_site_flow_info": {
"$ref": "CrossSiteFlowInfo,
"read_only": true,
"title": "Corss site flow information for the flow"
},
"flow_type": {
"enum": [
"GM_TO_LM",
"LM_TO_GM",
"GM_TO_GM",
"LM_TO_LM",
"GM_WORK_QUEUE",
"GM_DELETE_QUEUE"
],
"read_only": true,
"title": "Flow identifier",
"type": "string"
},
"id": {
"read_only": true,
"title": "System identifier for the flow",
"type": "string"
},
"queue_infos": {
"description": "Every flow will have transmitter and receiver queues.",
"items": {
"$ref": "FederationQueueInfo
},
"read_only": true,
"title": "Queue information for the flow",
"type": "array"
}
},
"title": "Details of config flow",
"type": "object"
}
Flows (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Flows",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Flow information",
"items": {
"$ref": "FlowInfo
},
"title": "Flow information",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Flows",
"type": "object"
}
Footer (type)
{
"additionalProperties": false,
"description": "Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "Footer",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"actions": {
"description": "Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "FooterAction
},
"minItems": 0,
"title": "Footer Actions",
"type": "array"
},
"condition": {
"description": "If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
}
},
"title": "Widget Footer",
"type": "object"
}
FooterAction (type)
{
"additionalProperties": false,
"description": "Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "FooterAction",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"dock_to_container_footer": {
"default": true,
"description": "If true, the footer will appear in the underlying container that holds the widget.",
"title": "Dock the footer at container",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Label to be displayed against the footer action.",
"required": true,
"title": "Label for action"
},
"url": {
"description": "Hyperlink to the UI page that provides details of action.",
"maxLength": 1024,
"title": "Clickable hyperlink, if any",
"type": "string"
}
},
"title": "Widget Footer Action",
"type": "object"
}
ForceRevisionCheckRequestParameter (type)
{
"description": "Forces revision check before updating",
"id": "ForceRevisionCheckRequestParameter",
"module_id": "Policy",
"properties": {
"enforce_revision_check": {
"default": false,
"description": "If this is set to true, each child object in the request needs to have _revision property set correctly. System will honor the revision numbers while updating the resources.",
"readonly": false,
"required": false,
"title": "Force revision check",
"type": "boolean"
}
},
"title": "Parameter to enforce revision check before updating objects",
"type": "object"
}
FormFactorDetail (type)
{
"additionalProperties": false,
"description": "Form factor contains, resources required to deploy NSX Application Platform deployment and available features for a given form factor.",
"id": "FormFactorDetail",
"module_id": "PolicyCloudNative",
"properties": {
"node_resources": {
"$ref": "NodeResources,
"description": "Required node resources to deploy NSX Application Platform deployment.",
"title": "Node resources"
},
"supported_features": {
"description": "Features supported in this form factor.",
"items": {
"type": "string"
},
"title": "Supported features",
"type": "array"
}
},
"title": "Detail about form factor",
"type": "object"
}
FormFactorType (type)
{
"description": "Form factor types. standard - Deployment with standard configuration. advanced - Deployment with advanced configuration. evaluation - Deployment with evaluation configuration.",
"enum": [
"standard",
"advanced",
"evaluation"
],
"id": "FormFactorType",
"module_id": "PolicyCloudNative",
"title": "Form factor types",
"type": "string"
}
FormFactors (type)
{
"additionalProperties": false,
"description": "Different form factor for deployment.",
"id": "FormFactors",
"module_id": "PolicyCloudNative",
"properties": {
"advanced": {
"$ref": "FormFactorDetail,
"description": "Advanced form factor to deploy charts.",
"title": "Advanced form factor"
},
"evaluation": {
"$ref": "FormFactorDetail,
"description": "Evaluation form factor to deploy charts.",
"title": "Evaluation form factor"
},
"standard": {
"$ref": "FormFactorDetail,
"description": "Standard form factor to deploy charts.",
"title": "Standard form factor"
}
},
"title": "NSX Application Platform deployment platform form factors",
"type": "object"
}
ForwarderZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "ForwarderZone",
"module_id": "DnsForwarder",
"properties": {
"source_ip": {
"$ref": "IPv4Address,
"description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.",
"required": false,
"title": "Source ip of the forwarder"
},
"upstream_servers": {
"description": "Ip address of the upstream DNS servers the DNS forwarder accesses.",
"items": {
"$ref": "IPv4Address
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Ips of upsteam DNS servers",
"type": "array"
}
},
"type": "object"
}
ForwardingMode (type)
{
"enum": [
"IPV4_ONLY",
"IPV6_ONLY",
"IPV4_AND_IPV6"
],
"id": "ForwardingMode",
"module_id": "Switching",
"nsx_feature": "L2Ipv6",
"type": "string"
}
ForwardingPolicy (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contains ordered list of forwarding rules that determine when to forward traffic to / from the underlay for accessing cloud native services.",
"extends": {
"$ref": "Policy
},
"id": "ForwardingPolicy",
"module_id": "PolicyForwarding",
"policy_hierarchical_children": [
"ChildForwardingRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "ForwardingRule
},
"required": false,
"title": "Rules that are a part of this ForwardingPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Forwarding Policy\n",
"type": "object"
}
ForwardingPolicyListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "PolicyListResult
},
"id": "ForwardingPolicyListResult",
"module_id": "PolicyForwarding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingPolicy
},
"required": true,
"title": "ForwardingPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of ForwardingPolicy objects",
"type": "object"
}
ForwardingPolicyStatisticsForEnforcementPoint (type) (Deprecated)
{
"deprecated": true,
"description": "Forwarding policy statistics for a specfic enforcement point.",
"id": "ForwardingPolicyStatisticsForEnforcementPoint",
"module_id": "PolicyForwardingStats",
"properties": {
"enforcement_point": {
"description": "Path for a specific enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "ForwardingPolicyStats,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Forwarding Policy Statistics"
}
},
"title": "Forwarding Policy statistics for an enforcement point",
"type": "object"
}
ForwardingPolicyStatisticsListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "ForwardingPolicyStatisticsListResult",
"module_id": "PolicyForwardingStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingPolicyStatisticsForEnforcementPoint
},
"required": true,
"title": "Forwarding Policy statistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Forwarding Policy statistics",
"type": "object"
}
ForwardingPolicyStats (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "ForwardingPolicyStats",
"module_id": "PolicyForwardingStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of rule statistics.",
"items": {
"$ref": "ForwardingRuleStats
},
"readonly": true,
"required": false,
"title": "Forwarding rules stats",
"type": "array"
},
"section_id": {
"description": "Forwarding policy identifier.",
"readonly": true,
"required": true,
"title": "Forwarding Policy ID",
"type": "string"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ForwardingRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Forwarding rule that determine how to forward traffic from a VM. Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port. Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay ROUTE_TO_OVERLAY - Access a service on overlay space from a VM connected to hybrid port. ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM ROUTE_FROM_OVERLAY - Access a service hosted on a VM (that is connected to hybrid port) from overlay space NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP",
"extends": {
"$ref": "BaseRule
},
"id": "ForwardingRule",
"module_id": "PolicyForwarding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services",
"enum": [
"ROUTE_TO_UNDERLAY",
"ROUTE_TO_OVERLAY",
"ROUTE_FROM_UNDERLAY",
"ROUTE_FROM_OVERLAY",
"NAT_FROM_UNDERLAY",
"NAT_TO_UNDERLAY"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Forwarding rule",
"type": "object"
}
ForwardingRuleListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "RuleListRequestParameters
},
"id": "ForwardingRuleListRequestParameters",
"module_id": "PolicyForwarding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ForwardingRule list request parameters",
"type": "object"
}
ForwardingRuleListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "ForwardingRuleListResult",
"module_id": "PolicyForwarding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingRule
},
"required": true,
"title": "Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of ForwardingRules",
"type": "object"
}
ForwardingRuleStatisticsForEnforcementPoint (type) (Deprecated)
{
"deprecated": true,
"description": "Forwarding Rule statistics for a specfic enforcement point.",
"id": "ForwardingRuleStatisticsForEnforcementPoint",
"module_id": "PolicyForwardingStats",
"properties": {
"enforcement_point": {
"description": "Path for a specific enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "ForwardingRuleStats,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Forwarding Rule Statistics"
}
},
"title": "Forwarding Policy Rule statistics for an enforcement point",
"type": "object"
}
ForwardingRuleStatisticsListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "ForwardingRuleStatisticsListResult",
"module_id": "PolicyForwardingStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingRuleStatisticsForEnforcementPoint
},
"required": true,
"title": "ForwardingRuleStatistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Forwarding rule statistics",
"type": "object"
}
ForwardingRuleStats (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "FP Rule Statistics.",
"extends": {
"$ref": "RuleStatistics
},
"id": "ForwardingRuleStats",
"module_id": "PolicyForwardingStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"internal_rule_id": {
"description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.",
"readonly": true,
"required": false,
"title": "NSX internal rule id",
"type": "string"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Edge FW.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum Sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of rule",
"type": "integer"
},
"rule": {
"description": "Path of the rule.",
"readonly": true,
"required": false,
"title": "Rule path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total Sessions count",
"type": "integer"
}
},
"title": "Forwarding Policy Rule Statistics",
"type": "object"
}
FpCounters (type)
{
"id": "FpCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"rx_bytes": {
"description": "Count of rx bytes of ENS-Fastpath/FC-lookup.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops": {
"description": "Count of rx packet drops of ENS Fastpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops_sp": {
"description": "Count of rx pkts drops of slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_drops_uplink": {
"description": "Count of rx packet drops of ENS Uplink / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts": {
"description": "Count of rx packets of ENS Fastpath / Count of rx packets at FC lookup of vnic.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts_sp": {
"description": "Count of rx pkt of slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkts_uplink": {
"description": "Count of rx packets of ENS Uplink / Count of rx packets at FC lookup of Uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_bytes": {
"description": "Count of tx bytes of ENS/FC Fastpath",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops": {
"description": "Count of tx packet drops of ENS Fastpath / Count of packets dropped at FC lookup of vnic",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops_sp": {
"description": "Count of tx pkts drops by slowpath / Not applicable for FC Module.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_drops_uplink": {
"description": "Count of tx packet drops of ENS Uplink / Count of packets dropped at FC lookup of Uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts": {
"description": "Count of tx packets of ENS Fastpath / Count of packets going through FC fastpath at vnic.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts_sp": {
"description": "Count of tx pkts of ENS/FC slowpath",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_pkts_uplink": {
"description": "Count of tx packets of ENS Uplink / Count of packets going through FC fastpath at Uplink.",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
FqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "The type contains information about the configuration of the FqdnAnalysis feature for a specific node.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Property which specifies the enabling/disabling of the feature.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "FQDN Analysis feature configuration entity",
"type": "object"
}
FullSyncInfo (type)
{
"description": "Represents details of the last full sync if full sync is not running, otherwise returns the status of current full sync.",
"id": "FullSyncInfo",
"module_id": "FederationObservability",
"properties": {
"data_streaming_from_source_end_time": {
"read_only": true,
"title": "End time of streaming full state from source",
"type": "integer"
},
"data_streaming_from_source_progress": {
"read_only": true,
"title": "Details about full sync on sender side",
"type": "string"
},
"data_streaming_from_source_start_time": {
"read_only": true,
"title": "Start time of streaming full state from source",
"type": "integer"
},
"end_time": {
"read_only": true,
"title": "Full sync end time",
"type": "integer"
},
"errors": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
},
"fullSyncId": {
"read_only": true,
"title": "Full sync id",
"type": "string"
},
"reason": {
"read_only": true,
"title": "Description of full sync reason",
"type": "string"
},
"reason_code": {
"description": "Full sync can happen for various internal reasons, as well user can request for one. The code provides the classification of possible reasons to start a full sync.",
"enum": [
"QUEUE_OVERFLOW_ON_TRANSMITTER",
"QUEUE_OVERFLOW_ON_RECEIVER",
"CONNECTION_RESTORED",
"LM_ONBOARDED",
"GM_SWITCHOVER",
"RESTORED_GM_FROM_BACKUP",
"RESTORED_LM_FROM_BACKUP",
"BROWNFIELD_CONFIG_MIGRATION_FROM_LM_TO_GM",
"GM_REQUESTED_OVERSIZED_PAYLOAD",
"GM_REQUESTED_SITE_ONBOARDING",
"GM_REQUESTED_OTHER",
"LM_REQUSTED_OVERSIZED_PAYLOAD",
"LM_REQUESTED_OTHER",
"USER_REQUSTED",
"OTHER_AR_INTERNAL",
"POST_UPGRADE_GM",
"POST_UPGRADE_LM",
"UNKNOWN"
],
"read_only": true,
"title": "Reason code for full sync",
"type": "string"
},
"receiver_end_time": {
"read_only": true,
"title": "End time of completing applying full state on receiver side",
"type": "integer"
},
"receiver_start_time": {
"read_only": true,
"title": "Start time of applying full state on receiver side",
"type": "integer"
},
"receiver_state": {
"description": "This is optional information, provides useful insights on receiver side once async channel hands over full state data to receiver.",
"read_only": true,
"title": "Internal receiver state",
"type": "string"
},
"receiver_time_to_apply_in_millis": {
"read_only": true,
"title": "Time taken by application receiver to apply the full state received",
"type": "integer"
},
"stage": {
"description": "This provides the insights into current full sync stage if in progress.",
"enum": [
"NOT_STARTED",
"REQUESTED_FULL_STATE_FROM_SOURCE",
"TRANSFERRING_FULL_STATE",
"COMPLETED_TRANSFERRING_FULL_STATE",
"DESTINATION_APPLYING_FULL_STATE",
"COMPLETED_SUCCESSFUL",
"TIMEOUT_ON_SOURCE_RECEIVE_FULL_STATE",
"TIMEOUT_ON_DESTINATION_APPLY",
"COMPLETED_FAILED"
],
"read_only": true,
"title": "Current stage details if full sync in progress",
"type": "string"
},
"start_time": {
"read_only": true,
"title": "Full sync start time",
"type": "integer"
},
"status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"read_only": true,
"title": "Full sync status",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
}
},
"title": "Full sync details for the flow",
"type": "object"
}
FullSyncState (type)
{
"additionalProperties": false,
"description": "Provides FullSync state for Local Manager from Global Manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FullSyncState",
"module_id": "PolicyFullSync",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"errors": {
"description": "Errors occurred during full sync.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Errors occurred during full sync",
"type": "array"
},
"full_sync_id": {
"description": "Full sync id generated by Async Replicator (AR) service.",
"readonly": true,
"title": "Full sync id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_completed_stage": {
"description": "The current stage of full sync completion for ongoing sync. When Local Manager (LM) receives full sync data from AR, LM starts with workflow to prserve the state and restore the full sync from where it has left off in case of change of leadership of the service to different NSX node or LM is restarted. LM starts the full sync workflow with state INITIAL capturing the AR full sync id and data location details. The stage/state transition follows the order given below INITIAL - Full sync started PROCESSED_FULLSYNC_DATA - Compelted processing the full state data provided by AR PRCESSED_DELTAS - Completed processing pending delta changes provided by AR. DELETED_STALE_ENTITIES - Completed deletion of all global entities on LM that are not in GM anymore COMPLETED - Full sync handling is completed on LM ERROR - Full sync failed with errors on LM, in which case AR will re-attempt full sync later point in time for the LM ABORTED - Indicates that the full sync cancelled as per user request",
"enum": [
"INITIAL",
"PAUSE_DCNS",
"DELETED_STALE_ENTITIES",
"PROCESSED_FULLSYNC_DATA",
"PROCESSED_DELTAS",
"UNPAUSE_DCNS",
"COMPLETED",
"ERROR",
"ABORTED"
],
"readonly": true,
"title": "Full sync stage that is last completed for this request.",
"type": "string"
},
"last_upate_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"deprecated": true,
"description": "Deprecated, refer to last_update_time for the last update time stamp.",
"readonly": true
},
"last_update_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last update, could be progress or success or error.",
"readonly": true
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of Full Sync start.",
"readonly": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Full sync state",
"type": "object"
}
FullSyncStateListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of FullSync states.",
"extends": {
"$ref": "ListResult
},
"id": "FullSyncStateListResult",
"module_id": "PolicyFullSync",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "FullSync states list.",
"items": {
"$ref": "FullSyncState
},
"required": true,
"title": "FullSync states list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of FullSync states.",
"type": "object"
}
FullSyncStatus (type)
{
"id": "FullSyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"completed_at": {
"required": true,
"title": "Time at which the full sync was completed.",
"type": "string"
},
"snapshot_version": {
"required": true,
"title": "Snapshot version targeted by full sync.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"COMPLETE",
"NOT_STARTED"
],
"required": true,
"title": "Status of full sync.",
"type": "string"
},
"sync_id": {
"required": true,
"title": "Identifier for the full sync.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"STANDARD",
"FORCED"
],
"required": true,
"title": "Type of full sync.",
"type": "string"
}
},
"type": "object"
}
FwContexts (type)
{
"additionalProperties": false,
"id": "FwContexts",
"properties": {
"ICMP Active/Max": {
"description": "ICMP active/max connections",
"readonly": true,
"title": "ICMP Active/Max Connections",
"type": "string"
},
"Other Active/Max": {
"description": "Other active/max connections",
"readonly": true,
"title": "Other Active/Max Connections",
"type": "string"
},
"TCP Half Opened Active/Max": {
"description": "TCP active/max connections",
"readonly": true,
"title": "TCP Active/Max Connections",
"type": "string"
},
"UDP Active/Max": {
"description": "UDP active/max connections",
"readonly": true,
"title": "UDP Active/Max Connections",
"type": "string"
},
"config-loaded": {
"description": "Configuration is loaded",
"readonly": true,
"title": "Configuration Loaded",
"type": "string"
},
"connection-count": {
"description": "Connection count",
"readonly": true,
"title": "Connection Count",
"type": "string"
},
"connections": {
"description": "Connections",
"readonly": true,
"title": "Connections",
"type": "object"
},
"name": {
"description": "Name",
"readonly": true,
"title": "Name",
"type": "string"
},
"ports": {
"description": "Ports",
"items": {
"type": "object"
},
"readonly": true,
"title": "Ports",
"type": "array"
},
"pvi": {
"description": "Peer VRF",
"readonly": true,
"title": "Peer VRF",
"type": "integer"
},
"rule-flag": {
"description": "Rule flag",
"readonly": true,
"title": "Rule Flag",
"type": "string"
},
"sync-enabled": {
"description": "HA enabled",
"readonly": true,
"title": "HA Enabled",
"type": "string"
},
"sync-total-stats": {
"description": "HA total statistics",
"readonly": true,
"title": "HA Total Statistics",
"type": "object"
},
"total-stats": {
"description": "Total statistics",
"readonly": true,
"title": "Total Statistics",
"type": "object"
},
"type": {
"description": "Type",
"readonly": true,
"title": "Type",
"type": "string"
},
"uuid": {
"description": "UUID",
"readonly": true,
"title": "UUID",
"type": "string"
},
"vrf": {
"description": "VRF",
"readonly": true,
"title": "VRF",
"type": "integer"
}
},
"type": "object"
}
GatewayFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile
},
"id": "GatewayFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nat_active_conn_limit": {
"default": 4294967295,
"description": "The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.",
"maximum": 4294967295,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active NAT connections",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayGeneralSecurityProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GeneralSecurityProfile
},
"id": "GatewayGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayGeneralSecurityProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_double_flow": {
"default": false,
"description": "The flag to indicate double flow check is enabled or not. This option applies only to EDGE components.",
"readonly": false,
"title": "Flag to indicate double flow check is enabled or not",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayInterfaceReference (type)
{
"additionalProperties": false,
"description": "Contains gateway interface details.",
"id": "GatewayInterfaceReference",
"module_id": "PolicyConnectivity",
"properties": {
"interface_path": {
"description": "Absolute policy path of member interface.",
"required": true,
"title": "interface path",
"type": "string"
}
},
"title": "Gateway interface reference",
"type": "object"
}
GatewayL2ForwarderSiteSpanInfo (type)
{
"additionalProperties": false,
"experimental": true,
"id": "GatewayL2ForwarderSiteSpanInfo",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"gateway_path": {
"description": "Policy path of a gateway.",
"readonly": true,
"required": true,
"title": "Gateway path",
"type": "string"
},
"inter_site_forwarder_status": {
"description": "Inter-site forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode
},
"readonly": true,
"title": "Inter-site forwarder status per node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the L2 forwarder remote mac addresses was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"remote_macs_per_site": {
"description": "L2 forwarder remote mac addresses per site for logical switch.",
"items": {
"$ref": "L2ForwarderRemoteMacsPerSite
},
"readonly": true,
"title": "L2 forwarder remote mac addresses per site",
"type": "array"
}
},
"type": "object"
}
GatewayPolicy (type)
{
"extends": {
"$ref": "Policy
},
"id": "GatewayPolicy",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule
},
"required": false,
"title": "Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for GatewayPolicy",
"type": "object"
}
GatewayPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "GatewayPolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayPolicy
},
"required": true,
"title": "GatewayPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of gateway policies",
"type": "object"
}
GatewayQosProfile (type)
{
"additionalProperties": false,
"description": "QoS profile contains configuration of rate limiting properties which can be applied in ingress and egress directions at Tier1 gateways",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GatewayQosProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"burst_size": {
"default": 1,
"description": "Burst size in bytes.",
"minimum": 1,
"title": "Burst size in bytes",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"committed_bandwidth": {
"default": 1,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"committed_bandwitdth": {
"default": 1,
"deprecated": true,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate. This property is deprecated, use committed_bandwidth instead.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"excess_action": {
"description": "Action on traffic exceeding bandwidth.",
"enum": [
"DROP"
],
"required": false,
"title": "Action on traffic exceeding bandwidth.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "QoS configuration of Tier1 gateway",
"type": "object"
}
GatewayQosProfileConfig (type)
{
"additionalProperties": false,
"id": "GatewayQosProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"egress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in egress direction.",
"required": false,
"title": "Egress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SERVICE_GATEWAY_EGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
},
"ingress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in ingress direction.",
"required": false,
"title": "Ingress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SERVICE_GATEWAY_INGRESS_QOS_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
}
},
"title": "Gateway QoS profile configuration",
"type": "object"
}
GatewayQosProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GatewayQosProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayQosProfile
},
"required": true,
"title": "Paginated list of GatewayQosProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GatewayRecoverySiteConfig (type)
{
"additionalProperties": false,
"description": "Recovery site config",
"id": "GatewayRecoverySiteConfig",
"module_id": "PolicyConnectivity",
"properties": {
"failover_linked_tier1_gateway": {
"default": true,
"description": "Linked Tier1 gateway whose primary site matches from_site_path and are stretched to new primary site are recovered on new primary site path.",
"required": false,
"title": "Failover Linked Tier-1 Gateway",
"type": "boolean"
},
"tier0_gateway_path": {
"description": "Path of Tier-0 gateway",
"required": true,
"title": "Tier-0 gateway path",
"type": "string"
},
"to_primary_site_path": {
"description": "Recovery site path",
"required": true,
"title": "Recovery site path",
"type": "string"
}
},
"title": "Recovery site config",
"type": "object"
}
GatewayRouteCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "GatewayRouteCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"admin_distance": {
"required": false,
"title": "The admin distance of the next hop",
"type": "integer"
},
"black_hole": {
"description": "Value of this field will be true if given routes are null routes",
"readonly": true,
"required": false,
"title": "BlackHole",
"type": "boolean"
},
"edge_path": {
"description": "Edge node policy path.",
"readonly": true,
"title": "Edge path",
"type": "string"
},
"interface": {
"required": false,
"title": "The policy path of the interface which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"required": false,
"title": "The IP of the next hop"
},
"next_hop_gateway": {
"required": false,
"title": "Next hop gateway path",
"type": "string"
},
"route_type": {
"required": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"type": "object"
}
GatewayRouteTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "GatewayRouteTableInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "GatewayRouteCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
GatewaySiteFailoverActionConfig (type)
{
"additionalProperties": false,
"description": "configuration to trigger site failover for one or more Tier0 and linked Tier1 gateway(s).",
"id": "GatewaySiteFailoverActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"from_site_path": {
"description": "Source site path for failover. Gateway whose primary site path matches from_site_path are considered for recovery.",
"required": true,
"title": "Source site path",
"type": "string"
},
"to_primary_site_config": {
"description": "Recovery stie for Tier-0 gateway and linked Tier-1 gateway.",
"items": {
"$ref": "GatewayRecoverySiteConfig
},
"maxItems": 200,
"required": true,
"title": "Recovery site for gateway",
"type": "array"
}
},
"title": "Gateway site failover action",
"type": "object"
}
GeneralSecurityProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding general security settings.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "General Security profile",
"type": "object"
}
GeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between General Security profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "GeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GeneralSecurityProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy General Security profile binding map",
"type": "object"
}
GeneralSecurityProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayGeneralSecurityProfile is used for all Tier0 and Tier1 gateways.",
"enum": [
"GatewayGeneralSecurityProfile"
],
"id": "GeneralSecurityProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of General Security profiles",
"type": "string"
}
GeneralSecuritySettingsProfile (type)
{
"description": "A profile holding general security settings.",
"extends": {
"$ref": "BaseFirewallProfile
},
"id": "GeneralSecuritySettingsProfile",
"module_id": "FirewallProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GeneralSecuritySettingsProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_double_flow": {
"default": false,
"description": "The flag to indicate double flow check is enabled or not. This option applies only to EDGE components.",
"readonly": false,
"title": "Flag to indicate double flow check is enabled or not",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"GeneralSecuritySettingsProfile"
],
"help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile',\n'FirewallDnsProfile',\n'GeneralSecuritySettingsProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "General security settings profile",
"type": "object"
}
GenericDhcpOption (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Define DHCP options other than option 121.",
"id": "GenericDhcpOption",
"module_id": "Dhcp",
"properties": {
"code": {
"description": "Code of the dhcp option.",
"maximum": 255,
"minimum": 0,
"required": true,
"title": "DHCP option code, [0-255]",
"type": "integer"
},
"values": {
"description": "Value of the option.",
"items": {
"type": "string"
},
"maxItems": 10,
"minItems": 1,
"required": true,
"title": "DHCP option value",
"type": "array"
}
},
"title": "Generic DHCP option",
"type": "object"
}
GenericPolicyRealizedResource (type)
{
"description": "Represents realized entity",
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "GenericPolicyRealizedResource",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point.",
"readonly": true,
"title": "Enforcement Point Path",
"type": "string"
},
"entity_type": {
"readonly": true,
"title": "Type of realized entity",
"type": "string"
},
"extended_attributes": {
"items": {
"$ref": "AttributeVal
},
"readonly": true,
"required": false,
"title": "Collection of type specific properties",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_paths": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Collection of intent paths",
"type": "array"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"site_path": {
"description": "The site where this entity resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Generic realized entity",
"type": "object"
}
GenericPolicyRealizedResourceListRequestParameters (type)
{
"additionalProperties": false,
"description": "GenericPolicyRealizedResource list request parameters",
"extends": {
"$ref": "ListRequestParameters
},
"id": "GenericPolicyRealizedResourceListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "GenericPolicyRealizedResource list request parameters",
"type": "object"
}
GenericPolicyRealizedResourceListResult (type)
{
"additionalProperties": false,
"description": "GenericPolicyRealizedResource list result",
"extends": {
"$ref": "ListResult
},
"id": "GenericPolicyRealizedResourceListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of realized resources",
"items": {
"$ref": "GenericPolicyRealizedResource
},
"required": false,
"title": "Paged Collection of GenericPolicyRealizedResources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "GenericPolicyRealizedResource list result",
"type": "object"
}
GetBackupUiFramesInfoRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "GetBackupUiFramesInfoRequestParameters",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"ui_tab_type": {
"default": "LOCAL_MANAGER_TAB",
"enum": [
"LOCAL_MANAGER_TAB",
"GLOBAL_MANAGER_TAB"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
GetCertParameter (type)
{
"additionalProperties": false,
"id": "GetCertParameter",
"module_id": "CertificateManager",
"properties": {
"details": {
"default": false,
"required": false,
"title": "whether to expand the pem data and show all its details",
"type": "boolean"
}
},
"type": "object"
}
GetSNMPParameters (type)
{
"additionalProperties": false,
"description": "Get SNMP request parameters.",
"id": "GetSNMPParameters",
"properties": {
"show_sensitive_data": {
"default": false,
"description": "Whether to show SNMP service properties including community strings if any applicable.",
"required": false,
"title": "Show SNMP sensitive data or not",
"type": "boolean"
}
},
"title": "Get SNMP request parameters",
"type": "object"
}
GiServiceProfile (type)
{
"description": "GI Specific service profile",
"extends": {
"$ref": "BaseServiceProfile
},
"id": "GiServiceProfile",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "GiServiceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'",
"required": true,
"title": "Service Profile Resource type.",
"type": "string"
},
"service_id": {
"description": "The service to which the service profile belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vendor_template_id": {
"description": "ID of the vendor template, created by partner while registering the service.",
"readonly": false,
"required": true,
"title": "Vendor template Id",
"type": "string"
},
"vendor_template_key": {
"description": "Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.",
"readonly": true,
"required": false,
"title": "Vendor template key",
"type": "string"
}
},
"title": "GI sepcific Service Profile",
"type": "object"
}
GlobalCollectionConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "GlobalCollectionConfiguration",
"module_id": "AggSvcDataCollectionConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"aggregated_data_collection_frequency": {
"description": "The frequency in seconds at which data, which is subject to the aggregation function, is collected.",
"maximum": 86400,
"minimum": 60,
"required": true,
"title": "Aggregated Data Collection Frequency In Seconds",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_data_collection_enabled": {
"description": "Indicates whether data collection required by the aggregation service is enabled. If false, no aggregation service data will be collected. Changing this property will not affect the existing data collection frequency settings.",
"required": true,
"title": "Is data collection enabled",
"type": "boolean"
},
"modified_feature_stack_collection_configurations": {
"$ref": "FeatureStackCollectionConfigurationList,
"description": "The list of the locally modified feature stack data collection frequency settings. If all feature stack data collection configurations are set to their default values, this list will be empty.",
"readonly": true,
"title": "Modified feature stack collection configurations"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
GlobalCollectorConfig (type)
{
"abstract": true,
"description": "The GlobalCollectorConfig is the base class for global collector configurations for different types in a NSX domain.",
"id": "GlobalCollectorConfig",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "collector_type"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
}
},
"title": "Abstract base type for Global collector configurations of different types",
"type": "object"
}
GlobalCollectorType (type)
{
"enum": [
"VRNI",
"WAVE_FRONT"
],
"id": "GlobalCollectorType",
"module_id": "Policy",
"title": "Valid Global collector types",
"type": "string"
}
GlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_changing_vdr_mac_in_use": {
"default": false,
"description": "When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has \"nested_nsx\" property set to true, the MAC in \"vdr_mac_nested\" is used; otherwise the MAC in \"vdr_mac\" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose \"nested_nsx\" property is true but is in an OVERLAY transport zone, the first way is updating the \"vdr_mac\" property. The 2nd way is updating one of the OVERLAY transport zones joined by the host switch to set \"nested_nsx\" property true which will make the host switch use the VDR MAC in \"vdr_mac_nested\". The third way is directly updating the transport node to add an OVERLAY transport zone whose \"nested_nsx\" property is true into the host switch which will also make the host switch use the VDR MAC in \"vdr_mac_nested\". If the host switch is in some OVERLAY transport zone(s) whose \"nested_nsx\" property is true, the first way is updating the \"vdr_mac_nested\" property. The 2nd way is updating all those OVERLAY transport zones to set \"nested_nsx\" property false which will make the host switch use the VDR MAC in \"vdr_mac\". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in \"vdr_mac\". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage!",
"title": "A flag to indicate if changing the VDR MAC being used is allowed",
"type": "boolean"
},
"arp_limit_per_gateway": {
"default": 50000,
"description": "Global configuration of maximum number of ARP entries per transport node at each Tier0/Tier1 gateway.",
"maximum": 50000,
"minimum": 5000,
"title": "ARP limit per Tier0/Tier1 gateway",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_gateway_bfd": {
"$ref": "ExternalGatewayBfdConfig,
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"title": "External Bidirectional Flow Detection configuration"
},
"fips": {
"$ref": "FIPSGlobalConfig,
"description": "Contains the FIPSGlobalConfig object.",
"required": false,
"title": "FIPS enabled config"
},
"global_replication_mode_enabled": {
"default": false,
"description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.",
"title": "A flag to indicate if global replication mode is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_inherited": {
"description": "if True, meaning that this is a copy version of GM if False, meaning that this is a local version on LM",
"required": false,
"title": "This field indicates whether this is a copy version of GM/NSX+ or not",
"type": "boolean"
},
"l3_forwarding_mode": {
"default": "IPV4_ONLY",
"description": "Configure forwarding mode for routing. This setting does not restrict configuration for other modes.",
"enum": [
"IPV4_ONLY",
"IPV4_AND_IPV6"
],
"required": false,
"title": "L3 forwarding mode",
"type": "string"
},
"lb_ecmp": {
"default": false,
"deprecated": true,
"description": "Flag to activate/deactivate ECMP load balancing. By default ECMP load balancing is deactivated.",
"title": "Flag for controlling equal-cost multi-path(ECMP) load balancing.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. This is the global default MTU for all the EXTERNAL (uplink) and SERVICE (CSP) interfaces in the NSX domain. There is no option to override this value at the transport zone level or transport node level.",
"minimum": 1280,
"required": false,
"title": "MTU size",
"type": "int"
},
"operation_collectors": {
"deprecated": true,
"description": "This property is a part of OpsGlobalConfig object. Use /infra/ops-global-config instead. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.",
"items": {
"$ref": "GlobalCollectorConfig
},
"required": false,
"title": "Operation global collector config",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"physical_uplink_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.",
"readonly": false,
"title": "MTU for the physical uplinks",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"remote_tunnel_physical_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used.",
"readonly": false,
"title": "The physical MTU for the remote tunnel endpoints",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_infos": {
"description": "Information related to sites applicable for given config.",
"items": {
"$ref": "SiteInfo
},
"maxItems": 16,
"required": false,
"title": "Collection of Site information",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tep_group_config": {
"$ref": "TepGroupConfig,
"description": "Indicates if the TEP Grouping is supported in Transport Nodes.",
"title": "VTEP Group Configuration."
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uplink_mtu_threshold": {
"default": 9000,
"description": "This value defines the upper threshold for the Maximum Transmission Unit (MTU) value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU.",
"required": false,
"title": "Upper threshold for MTU on physical and logical uplinks",
"type": "int"
},
"vdr_mac": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:52",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system. It can be changed only when there is no transport node in the NSX system. This value cannot be same as vdr_mac_nested. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has \"nested_nsx\" property being true.",
"title": "MAC address of the Virtual Distributed Router (VDR) port"
},
"vdr_mac_nested": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:53",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. It can be changed only when there is no transport node in the NSX system. All transport zones in such a nested NSX system will have the \"nested_nsx\" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose \"nested_nsx\" property is true.",
"title": "The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment."
}
},
"title": "Global configuration",
"type": "object"
}
GlobalConfigType (type)
{
"enum": [
"SwitchingGlobalConfig",
"RoutingGlobalConfig",
"OperationCollectorGlobalConfig",
"FirewallGlobalConfig",
"EsxGlobalOpaqueConfig",
"SecurityGlobalConfig",
"FipsGlobalConfig",
"FederationGlobalConfig",
"IdsGlobalConfig"
],
"id": "GlobalConfigType",
"module_id": "GlobalConfigs",
"title": "Valid Global configuration types",
"type": "string"
}
GlobalConfigs (type)
{
"abstract": true,
"description": "The GlobalConfigs is the base class for global configurations for different types in a NSX domain.",
"extends": {
"$ref": "ManagedResource
},
"id": "GlobalConfigs",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Abstract base type for Global configurations of different types",
"type": "object"
}
GlobalConfigsListResult (type)
{
"description": "A list of global configurations grouped by their types",
"extends": {
"$ref": "ListResult
},
"id": "GlobalConfigsListResult",
"module_id": "GlobalConfigs",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GlobalConfigs
},
"required": false,
"title": "Domain specific global configuration.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Global configurations query result",
"type": "object"
}
GlobalDfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalDfwConfiguration",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, distributed firewall is enabled on a specified site.",
"title": "Distributed firewall enable flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global distributed firewall configuration for a specific site",
"type": "object"
}
GlobalDfwConfigurationListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of global distributed firewall configurations for all the sites.",
"extends": {
"$ref": "ListResult
},
"id": "GlobalDfwConfigurationListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Global distributed firewall configuration list results.",
"items": {
"$ref": "GlobalDfwConfiguration
},
"required": true,
"title": "Global distributed firewall configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of global distributed firewall configurations for all the sites",
"type": "object"
}
GlobalIdsSettings (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System settings for NSX+.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalIdsSettings",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"default": false,
"description": "Parameter to let the user decide whether to update the IDS Signatures automatically or not.",
"required": false,
"title": "Auto update signatures flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Intrusion Detection System settings\n",
"type": "object"
}
GlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Global IDS signature.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalIdsSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Activate/Deactivate a Signature at Global Level.",
"title": "Flag to Activate/Deactivate a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_custom_signature": {
"description": "It represents whether the overridden signature is custom or system signature.",
"nsx_feature": "IDSCustomSignatures",
"readonly": true,
"title": "Flag to determine custom signature",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global IDS signature",
"type": "object"
}
GlobalIdsSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GlobalIdsSignatureListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Global IDS signature request parameters",
"type": "object"
}
GlobalIdsSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GlobalIdsSignatureListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GlobalIdsSignature
},
"required": true,
"title": "Global IDS signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Global IDS signatures",
"type": "object"
}
GlobalInheritedRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameter for GET/PUT/PATCH call then the local resource copy will be shown/modified",
"id": "GlobalInheritedRequestParameters",
"module_id": "Policy",
"properties": {
"apply_locally": {
"default": false,
"description": "If the user sets apply_locally to GET/PUT/PATCH call then the local resource copy will be shown/modified. This will only be acceptable on LM. In case LM only has it's copy, the apply_local = false will still have effect on local copy.",
"required": false,
"title": "Flag to check reaching NSX+ or LM resource",
"type": "boolean"
}
},
"title": "Request Parameters for Global Configs",
"type": "object"
}
GlobalManager (type)
{
"additionalProperties": false,
"description": "Global Manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalManager",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"description": "To create a standby GM, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the GM has been successfully onboarded, the connection_info is discarded and authentication to the standby GM occurs using an X.509 client certificate.",
"items": {
"$ref": "SiteNodeConnectionInfo
},
"maxItems": 3,
"title": "Connection information",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fail_if_rtt_exceeded": {
"default": true,
"description": "Fail onboarding if maximum RTT exceeded.",
"title": "Fail onboarding if maximum RTT exceeded",
"type": "boolean"
},
"federation_id": {
"description": "Internally generated UUID to the federation of Global Manager.",
"readonly": true,
"title": "Global manager federation UUID",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_rtt": {
"default": 250,
"description": "If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value.",
"maximum": 1000,
"minimum": 0,
"title": "Maximum acceptable packet round trip time (RTT)",
"type": "integer"
},
"mode": {
"description": "There can be at most one ACTIVE global manager and one STANDBY global manager. In order to add a STANDBY manager, there must be an ACTIVE manager defined.",
"enum": [
"ACTIVE",
"STANDBY"
],
"required": true,
"title": "Mode of the global manager",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "UUID of the site where Global manager is running. This is the Site Manager generated UUID for every NSX deployment.",
"readonly": true,
"title": "UUID of the site where Global manager is running",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager",
"type": "object"
}
GlobalManagerConfig (type)
{
"additionalProperties": false,
"description": "This configuration is distributed to all Sites participating in federation.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalManagerConfig",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rtep_config": {
"$ref": "GmRtepConfig,
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"required": false,
"title": "Global Manager federation RTEP configuration"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager configuration",
"type": "object"
}
GlobalManagerListRequestParameters (type)
{
"additionalProperties": false,
"description": "Site list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GlobalManagerListRequestParameters",
"module_id": "PolicySiteGM",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Site List Request Parameters",
"type": "object"
}
GlobalManagerListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Global Managers.",
"extends": {
"$ref": "ListResult
},
"id": "GlobalManagerListResult",
"module_id": "PolicySiteGM",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Global Manager List Result.",
"items": {
"$ref": "GlobalManager
},
"required": true,
"title": "Global Manager List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Global Managers",
"type": "object"
}
GlobalRestoreStatus (type)
{
"id": "GlobalRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "A description of the restore status",
"type": "string"
},
"value": {
"enum": [
"INITIAL",
"SUCCESS",
"FAILED",
"RUNNING",
"SUSPENDED_BY_USER",
"SUSPENDED_FOR_USER_ACTION",
"SUSPENDED",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Global rolled-up restore status value",
"type": "string"
}
},
"title": "Overall restore process status",
"type": "object"
}
GmFederationSiteConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation at Site.",
"id": "GmFederationSiteConfig",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"transit_subnet": {
"description": "IP Addresses to be allocated for transit segment when the gateway is stretched. Note that Global Manager will carve out the IP Pool for each site to be used for edge nodes when gateway is stretched based on the user provided subnet and maximum number of edge nodes allowed per site.",
"format": "ip-cidr-block",
"readlony": true,
"title": "Transit subnet in CIDR format",
"type": "string"
}
},
"title": "Federation configuration for the site",
"type": "object"
}
GmRtepConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"id": "GmRtepConfig",
"module_id": "PolicySiteGM",
"properties": {
"ibgp_password": {
"description": "Password to authenticate IBGP session between remote tunnel endpoints created on federated sites. This is applied to inter-site underlay IBGP neighbors created over remote tunnel endpoints on all sites. Empty string (\"\") clears existing password.",
"maxLength": 20,
"required": false,
"sensitive": true,
"title": "Password for IBGP sessions between federated sites",
"type": "secure_string"
}
},
"title": "Global Manager federation RTEP configuration",
"type": "object"
}
GracefulRestartConfig (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart configuration parameters",
"id": "GracefulRestartConfig",
"module_id": "Routing",
"properties": {
"graceful_restart_mode": {
"$ref": "GracefulRestartMode,
"default": "HELPER_ONLY",
"description": "BGP Graceful Restart mode",
"required": false,
"title": "Graceful Restart Mode"
},
"graceful_restart_timer": {
"$ref": "GracefulRestartTimer,
"description": "Graceful Restart timers configuration",
"required": false,
"title": "Graceful Restart Timer"
}
},
"title": "BGP Graceful Restart Configuration",
"type": "object"
}
GracefulRestartMode (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart modes. DISABLE Disables Graceful Restart capability. HELPER_ONLY Enables as Helper only in Graceful Restart mechanism. GR_AND_HELPER Enables Graceful Restart capability along with HELPER mode.",
"enum": [
"DISABLE",
"HELPER_ONLY",
"GR_AND_HELPER"
],
"id": "GracefulRestartMode",
"module_id": "Routing",
"type": "string"
}
GracefulRestartTimer (type)
{
"additionalProperties": false,
"description": "BGP Graceful Restart timers configuration",
"id": "GracefulRestartTimer",
"module_id": "Routing",
"properties": {
"restart_timer": {
"default": 180,
"description": "Maximum time BGP speaker will take for the BGP session to be re-established after a restart. Ranges from 1 sec to 3600 sec. This can be used to speed up routing convergence by its peer in case that the BGP speaker does not come back after a restart. If the session does not get re-established within the \"Restart Time\" that the Restarting Speaker advertised previously, the Receiving Speaker will delete all the stale routes from that peer.",
"maximum": 3600,
"minimum": 1,
"required": false,
"title": "Restart Timer",
"type": "integer"
},
"stale_timer": {
"default": 600,
"description": "Maximum time before stale routes are removed from the RIB when the local BGP process restarts. Ranges from 1 sec to 3600 sec.",
"maximum": 3600,
"minimum": 1,
"required": false,
"title": "Stale Timer",
"type": "integer"
}
},
"title": "BGP Graceful Restart Timer",
"type": "object"
}
GraphConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a graph widget",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "GraphConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GraphConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"axes": {
"$ref": "Axes,
"desription": "Represents the Axes of a graph. If axes is not specified, labels are not applied to the axes.",
"title": "Axes of a graph"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"display_x_value": {
"default": false,
"description": "If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis.",
"title": "Show or hide the value of a point on X axis",
"type": "boolean"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"graphs": {
"decription": "Array of graphs to be plotted on the Axes. If more than 1 graph needs to be shown on the same axes, each graph will be distinguished by its color and legend.",
"items": {
"$ref": "GraphDefinition
},
"minItems": 1,
"required": true,
"title": "Graphs",
"type": "array"
},
"graphs_colors": {
"description": "An array of graphs colors which will be applied to each graph seperately. if number of provided colors are smaller than number of graph in the widget then colors are applied in circular manner.",
"items": {
"type": "string"
},
"title": "A colors for the graph",
"type": "array"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"line_chart_plot_configs": {
"description": "List of line chart plotting configuration. This plotting configuration will be applicable for the LINE_GRAPH only.",
"items": {
"$ref": "LineChartPlotConfiguration
},
"required": false,
"title": "List of line chart plotting configuration",
"type": "array"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"sub_type": {
"default": "BAR_GRAPH",
"description": "Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart",
"enum": [
"LINE_GRAPH",
"BAR_GRAPH",
"STACKED_BAR_GRAPH"
],
"title": "Subtype of a graph",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"x_value_type": {
"default": "string",
"description": "x value type.",
"enum": [
"string",
"number",
"date",
"millisecond",
"second"
],
"required": false,
"title": "x value type",
"type": "string"
},
"y_value_type": {
"description": "y value type.",
"enum": [
"integer",
"double"
],
"required": false,
"title": "y value type",
"type": "string"
}
},
"title": "Graph Configuration",
"type": "object"
}
GraphDefinition (type)
{
"additionalProperties": false,
"description": "Defines a graph",
"id": "GraphDefinition",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"id": {
"description": "Identifier of graph. It can be used to differentiate multiple graph series present in GraphWidgetConfiguration.",
"title": "Identifier of graph",
"type": "string"
},
"label": {
"$ref": "Label,
"description": "Describes the graph. It labels the entities of graph. If the label is not provided then it is not shown for a graph. For example, for a single graph, the title of widget can describe the graph and a label may not be necessary to be shown.",
"title": "Label of a graph"
},
"point_definition": {
"$ref": "PointDefinition,
"description": "Defines the points of a graph.",
"required": true,
"title": "Definition for points of a graph"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"row_list_field": {
"description": "An expression that represents the series of the graph",
"required": false,
"title": "Expression for series of the graph",
"type": "string"
}
},
"title": "Definition of a graph",
"type": "object"
}
GreTunnel (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Tunnel
},
"id": "GreTunnel",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnel"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_address": {
"$ref": "IPv4Address,
"description": "Destination IP address of P2P GRE Tunnel. The IP address that the NSX Edge will connect to.",
"required": true,
"title": "Destination IPv4 address"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable Tunnel",
"required": false,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"default": 1476,
"description": "Maximum transmission unit(MTU) in bytes specifies the size of the largest packet that a tunnel can transmit.",
"minimum": 64,
"required": false,
"title": "Maximum transmission unit",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Indicates Resource type of tunnel, GreTunnel - Resource type as GreTunnel will be used to configure P2P GRE Tunnel.",
"enum": [
"GreTunnel"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tunnel_address": {
"description": "Specify list of IP address per every edge node for tunnel interface. Supports both IPv4 and IPv6 address.",
"items": {
"$ref": "TunnelAddress
},
"maxItems": 8,
"minItems": 1,
"required": true,
"title": "Tunnel Address object parameter",
"type": "array"
},
"tunnel_keepalive": {
"$ref": "TunnelKeepAlive,
"description": "GRE Tunnel's keepalive configuration",
"required": false,
"title": "tunnel keep alive object"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "GRE Tunnel",
"type": "object"
}
GreTunnelAggregateTrafficStatistics (type)
{
"extends": {
"$ref": "AggregateTunnelTrafficStatistics
},
"id": "GreTunnelAggregateTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"destination": {
"$ref": "IPAddress,
"description": "Tunnel destination address",
"readonly": true,
"title": "Tunnel destination address"
},
"resource_type": {
"description": "GreTunnelAggregateTrafficStatistics - Resource type as GreTunnelAggregateTrafficStatistics will be used to populate P2P GRE Aggregate Tunnel traffic statistics",
"enum": [
"GreTunnelAggregateTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
},
"traffic_summary": {
"$ref": "LogicalRouterPortStatisticsSummary,
"description": "Aggregate Tunnel interface traffic statistics across all edge nodes",
"title": "Tunnel interface traffic summary"
},
"tunnel_policy_path": {
"description": "Policy path for the tunnel interface",
"title": "Policy path for the tunnel interface",
"type": "string"
}
},
"type": "object"
}
GreTunnelEndpointStatusPerEdgeNode (type)
{
"id": "GreTunnelEndpointStatusPerEdgeNode",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Edge node policy path",
"readonly": true,
"title": "edge path",
"type": "string"
},
"keepalive_ack": {
"description": "The keepalive_ack indicates Tunnel keepalive ACK is administratively enabled or disabled",
"enum": [
"KEEPALIVE_ACK_ENABLE",
"KEEPALIVE_ACK_DISABLE"
],
"readonly": true,
"title": "keep alive acknowledge",
"type": "string"
},
"keepalive_ack_sent_count": {
"description": "Total number of keepalive ack packets sent",
"readonly": true,
"title": "keep alive ack sent count",
"type": "integer"
},
"keepalive_admin_state": {
"description": "Tunnel Keepalive Admin State",
"enum": [
"ENABLED",
"DISABLED"
],
"readonly": true,
"title": "Tunnel Keepalive Admin State",
"type": "string"
},
"keepalive_dead_multiplier": {
"description": "Tunnel keepalive dead multiplier",
"readonly": true,
"title": "tunnel keep alive dead multiplier",
"type": "integer"
},
"keepalive_interval": {
"description": "Tunnel keepalive interval in seconds",
"readonly": true,
"title": "tunnel keep alive interval",
"type": "integer"
},
"keepalive_last_ack_time": {
"description": "Timestamp when the last keepalive ack sent",
"readonly": true,
"title": "keep alive last ack time",
"type": "integer"
},
"keepalive_last_rx_time": {
"description": "Timestamp when the last keepalive received",
"readonly": true,
"title": "keep alive last rx timestamp",
"type": "integer"
},
"keepalive_last_tx_time": {
"description": "Timestamp when the last keepalive sent",
"readonly": true,
"title": "keep alive last tx timestamp",
"type": "integer"
},
"keepalive_rx_count": {
"description": "Total number of keepalive packets received",
"readonly": true,
"title": "keep alive rx count",
"type": "integer"
},
"keepalive_status": {
"description": "The keepalive_status indicates Tunnel keepalive is administratively enabled or disabled",
"enum": [
"KEEPALIVE_STATUS_ENABLE",
"KEEPALIVE_STATUS_DISABLE"
],
"readonly": true,
"title": "keep alive status",
"type": "string"
},
"keepalive_tx_count": {
"description": "Total number of keepalive packets sent",
"readonly": true,
"title": "keep alive tx count",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated",
"readonly": true,
"title": "Epoch timestamp"
},
"runtime_status": {
"description": "Tunnel run time status",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "runtime status",
"type": "string"
},
"source": {
"$ref": "IPAddress,
"description": "Tunnel source address",
"readonly": true,
"title": "source"
},
"tunnel_down_count": {
"description": "Count of Tunnel run time status as \"DOWN\"",
"readonly": true,
"title": "tunnel down time count",
"type": "integer"
},
"tunnel_last_down_time": {
"description": "Timestamp when the tunnel status was last updated as \"DOWN\"",
"readonly": true,
"title": "tunnel last down time count",
"type": "integer"
},
"tunnel_last_up_time": {
"description": "Timestamp when the tunnel status was last updated as \"UP\"",
"readonly": true,
"title": "tunnel last up time count",
"type": "integer"
},
"tunnel_port_id": {
"description": "ID of the tunnel router port",
"readonly": true,
"title": "tunnel port id",
"type": "string"
},
"tunnel_up_count": {
"description": "Count of Tunnel run time status as \"UP\"",
"readonly": true,
"title": "tunnel up time count",
"type": "integer"
}
},
"type": "object"
}
GreTunnelStatus (type)
{
"extends": {
"$ref": "TunnelStatus
},
"id": "GreTunnelStatus",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnelStatus"
},
"properties": {
"destination": {
"$ref": "IPAddress,
"description": "Tunnel destination address",
"readonly": true,
"title": "Tunnel destination address"
},
"endpoint_status_per_edge_node": {
"items": {
"$ref": "GreTunnelEndpointStatusPerEdgeNode
},
"maxItems": 8,
"minItems": 1,
"readonly": true,
"type": "array"
},
"resource_type": {
"description": "Indicates Resource type of TunnelStatus, GreTunnelStatus - Resource type as GreTunnelStatus will be used to populate P2P GRE Tunnel status",
"enum": [
"GreTunnelStatus"
],
"required": true,
"title": "resource type",
"type": "string"
}
},
"type": "object"
}
GreTunnelTrafficStatistics (type)
{
"extends": {
"$ref": "TunnelTrafficStatistics
},
"id": "GreTunnelTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "GreTunnelTrafficStatistics"
},
"properties": {
"destination": {
"$ref": "IPAddress,
"description": "GreTunnelTrafficStatistics - Resource type as GreTunnelTrafficStatistics will be used to populate P2P GRE Tunnel traffic statistics",
"readonly": true,
"title": "Indicates Resource type of tunnel"
},
"per_edge_node_statistics": {
"description": "Set of Tunnel statistics per edge node",
"items": {
"$ref": "TunnelPortStatisticsPerNode
},
"maxItems": 8,
"minItems": 1,
"readonly": true,
"title": "Per Edge Node Statistics",
"type": "array"
},
"resource_type": {
"description": "GreTunnelTrafficStatistics - Resource type as GreTunnelTrafficStatistics will be used to populate P2P GRE Tunnel traffic statistics",
"enum": [
"GreTunnelTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
}
},
"type": "object"
}
GridConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Grid or Table widget.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "GridConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GridConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"columns": {
"description": "Array of columns of a Grid widget",
"items": {
"$ref": "ColumnItem
},
"required": true,
"title": "Columns",
"type": "array"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"page_size": {
"default": 30,
"description": "Number of records per page. page_size will be effective only when the urls provided in the datasource support paging.",
"title": "Page Size",
"type": "int"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"row_list_fields": {
"description": "Rows of grid or table are formed from the list of objects returned by a row list field.",
"items": {
"$ref": "RowListField
},
"minItems": 1,
"required": true,
"title": "List of fields from which rows are formed",
"type": "array"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Grid Configuration",
"type": "object"
}
Group (type)
{
"additionalProperties": false,
"description": "Group.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Group",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildDnsSecurityProfileBindingMap",
"ChildGroupDiscoveryProfileBindingMap",
"ChildGroupMonitoringProfileBindingMap",
"ChildPolicyFirewallFloodProtectionProfileBindingMap",
"ChildPolicyFirewallSessionTimerProfileBindingMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expression": {
"description": "The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed the defined Config Max limit for the form-factor of Manager nodes. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.",
"items": {
"$ref": "Expression
},
"required": false,
"title": "Expression",
"type": "array"
},
"extended_expression": {
"description": "Extended Expression allows additional higher level context to be specified for grouping criteria. (e.g. user AD group) This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression. The extended expression list must follow below criteria: 1. Contains a single IdentityGroupExpression. No conjunction expression is supported. 2. No other non-conjunction expression is supported, except for IdentityGroupExpression. 3. Each expression must be a valid Expression. See the definition of the Expression type for more information. 4. Extended expression are implicitly AND with expression. 5. No nesting can be supported if this value is used. 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map.",
"items": {
"$ref": "Expression
},
"maxItems": 1,
"required": false,
"title": "Extended Expression",
"type": "array"
},
"group_type": {
"description": "Group type can be specified during create and update of a group. Empty group type indicates a 'generic' group, ie group can include any entity from the valid GroupMemberType.",
"items": {
"$ref": "GroupTypes
},
"maxItems": 1,
"required": false,
"title": "Indicates the group type.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"reference": {
"default": false,
"description": "If true, indicates that this is a remote reference group. Such group will have span different from the its parent domain. Default value is false.",
"readonly": true,
"title": "Indicates if the group is a reference.",
"type": "boolean"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"state": {
"enum": [
"IN_PROGRESS",
"SUCCESS",
"FAILURE"
],
"readonly": true,
"title": "Realization state of this group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group",
"type": "object"
}
GroupDeleteRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "GroupDeleteRequestParameters",
"module_id": "Policy",
"properties": {
"fail_if_subtree_exists": {
"default": false,
"description": "Check if the group sub-tree has any entities. These primarily include the binding maps that point to various profiles. If this flag is passed as true, the group delete fails if any binding maps exist in the group sub-tree. By default, this flag is false, which means that the group is deleted along with the group sub-tree.",
"title": "Do not delete if the group subtree has any entities",
"type": "boolean"
},
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Group delete request parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Group. With this entity, user can specify intent for applying discovery profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "GroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number group discovery profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Map for binding group with discovery profile",
"type": "object"
}
GroupDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Discovery Profile Binding Map List Request Parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupDiscoveryProfileBindingMap
},
"requried": true,
"title": "Group Discovery Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Discovery Profile Binding Map",
"type": "object"
}
GroupInfo (type)
{
"description": "GroupInfo contains information about a particular Group used in Redirection Rules. It also contains information about policy path, if the group is created from Policy.",
"id": "GroupInfo",
"module_id": "PolicyServiceInsertion",
"properties": {
"group": {
"$ref": "ResourceReference,
"description": "Group Data.",
"readonly": true,
"required": false,
"title": "Group"
},
"group_policy_path": {
"description": "Policy path of a particular Group.",
"readonly": true,
"required": false,
"title": "Policy path of Group",
"type": "string"
}
},
"title": "GroupInfo",
"type": "object"
}
GroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"member_types": {
"description": "Optionally, specify valid member types as request parameter to filter NSGroups.",
"required": false,
"title": "Comma Separated Member types",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group list request parameters",
"type": "object"
}
GroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Group
},
"required": true,
"title": "Group list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Groups",
"type": "object"
}
GroupMemberActionParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter to either add or remove the Group members.",
"id": "GroupMemberActionParameters",
"module_id": "Policy",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove the group members.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove group members.",
"type": "string"
}
},
"title": "Request Parameters for Group members",
"type": "object"
}
GroupMemberList (type)
{
"additionalProperties": false,
"description": "List of same type members to either add or remove from a group.",
"id": "GroupMemberList",
"module_id": "Policy",
"properties": {
"members": {
"description": "This array contains group members of similar types.",
"items": {
"type": "string"
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Groups members collection",
"type": "array"
}
},
"title": "Members to add or remove for a Group.",
"type": "object"
}
GroupMemberTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group for a particular member type",
"id": "GroupMemberTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"member_type": {
"required": true,
"title": "Member type for which we will list the tags",
"type": "string"
},
"tags": {
"items": {
"type": "string"
},
"required": true,
"title": "List of tags for the member type",
"type": "array"
}
},
"title": "Group tags list for a particular member type",
"type": "object"
}
GroupMemberType (type)
{
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"SegmentPort",
"Segment",
"CloudNativeServiceInstance",
"IPAddress",
"MACAddress",
"IPSet",
"IdentityGroup",
"PhysicalServer",
"Pod",
"Service",
"Namespace",
"Cluster",
"TransportNode",
"Group",
"DVPG",
"DVPort",
"KubernetesCluster",
"KubernetesNamespace",
"AntreaEgress",
"AntreaIPPool",
"KubernetesIngress",
"KubernetesGateway",
"KubernetesService",
"KubernetesNode",
"VpcSubnet",
"VpcSubnetPort"
],
"id": "GroupMemberType",
"module_id": "Policy",
"title": "Valid Group member type",
"type": "string"
}
GroupMemberTypeListResult (type)
{
"additionalProperties": false,
"id": "GroupMemberTypeListResult",
"module_id": "Policy",
"properties": {
"result_count": {
"readonly": true,
"required": true,
"title": "Count of the member types in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMemberType
},
"required": true,
"title": "Collection of member types for the given Group",
"type": "array"
}
},
"type": "object"
}
GroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Group. Using this entity, you can specify intent for applying monitoring profile to particular Group. Group with membership criteria vm only supported as source group. Port mirroring is only supported on group with five vms. For the IPFIX profile, only Segment and Segment Port types are supported in the group.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "GroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_profile_path": {
"description": "PolicyPath of associated IPFIX DFW Profile",
"required": false,
"title": "IPFIX DFW Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_DFW_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXDFWProfile"
]
}
]
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXL2Profile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group Monitoring Profile binding map",
"type": "object"
}
GroupMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Monitoring Profile Binding Map list request parameters",
"type": "object"
}
GroupMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMonitoringProfileBindingMap
},
"required": true,
"title": "Group Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Monitoring Profile Binding Maps",
"type": "object"
}
GroupScopeExpression (type)
{
"additionalProperties": false,
"description": "Represents scope of the workloads that needs to be added to the Group.",
"extends": {
"$ref": "Expression
},
"id": "GroupScopeExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "GroupScopeExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"scope_path": {
"required": true,
"title": "Path of the scope",
"type": "string"
},
"scope_type": {
"enum": [
"PROJECT",
"VPC"
],
"required": true,
"title": "Scope type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Scope association expression node",
"type": "object"
}
GroupStatusListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "GroupStatusListRequestParameters",
"module_id": "Upgrade",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GroupTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group listed per member type",
"id": "GroupTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"results": {
"items": {
"$ref": "GroupMemberTagsList
},
"required": true,
"title": "Collection of tags used in a policy group listed per member type",
"type": "array"
}
},
"title": "Group tags list listed per member type",
"type": "object"
}
GroupTypes (type)
{
"description": "ANTREA group type includes IPAddress, Pod, NameSpace and Service group member types.",
"enum": [
"IPAddress",
"ANTREA"
],
"id": "GroupTypes",
"module_id": "Policy",
"title": "Valid Group Types.",
"type": "string"
}
GroupedMigrationFeedbackRequest (type)
{
"additionalProperties": false,
"description": "Detailed feedback requests from the migration tool where user input is required.",
"id": "GroupedMigrationFeedbackRequest",
"module_id": "Migration",
"properties": {
"accepted_actions": {
"description": "List of acceptable actions for this feedback request.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Acceptable actions for this feedback request",
"type": "array"
},
"accepted_value_type": {
"description": "Data type of the items listed in acceptable values list.",
"readonly": true,
"required": true,
"title": "Data type of the items listed in acceptable values",
"type": "string"
},
"accepted_values": {
"description": "List of acceptable values for this feedback request.",
"items": {
"type": "string"
},
"required": false,
"title": "Acceptable values for this feedback request",
"type": "array"
},
"hash": {
"description": "Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.",
"readonly": true,
"required": false,
"title": "Identifier for a feedback request type",
"type": "string"
},
"message": {
"description": "Detailed feedback request with options.",
"readonly": true,
"required": true,
"title": "Content of feedback request",
"type": "string"
},
"multi_value": {
"description": "Indicates if multiple values can be selected as response from the list of acceptable value.",
"readonly": true,
"required": true,
"title": "Indicates if multiple values can be selected as response",
"type": "boolean"
},
"objects": {
"items": {
"$ref": "SummaryMigrationFeedbackRequest
},
"readonly": false,
"required": true,
"title": "Collection of feedback requests of a given type",
"type": "array"
},
"resolved": {
"description": "Indicates if a valid response already exist for all feedback requests in this group.",
"readonly": true,
"required": false,
"title": "Indicates if all feedback requests in this group are resolved",
"type": "boolean"
},
"sub_vertical": {
"description": "Functional sub-area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional sub-area for the feedback query",
"type": "string"
},
"suggested_action": {
"description": "The suggested action to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested action for this feedback request",
"type": "string"
},
"suggested_value": {
"description": "The suggested value to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested value for this feedback request",
"type": "string"
},
"vertical": {
"description": "Functional area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional area for the feedback query",
"type": "string"
}
},
"title": "Grouped Feedback detail required for Migration",
"type": "object"
}
GroupedMigrationFeedbackRequestListResult (type)
{
"additionalProperties": false,
"description": "Groups of detailed feedback requests from the migration tool where user input is required.",
"extends": {
"$ref": "ListResult
},
"id": "GroupedMigrationFeedbackRequestListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupedMigrationFeedbackRequest
},
"readonly": false,
"required": true,
"title": "Paged Collection of groups of feedback requests",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "groups of feedback required for Migration",
"type": "object"
}
GuestInfo (type)
{
"additionalProperties": false,
"description": "Guest virtual machine details include OS name and computer name of guest VM.",
"id": "GuestInfo",
"module_id": "Inventory",
"properties": {
"computer_name": {
"description": "Computer name of guest virtual machine, which is set inside guest OS. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "Computer name",
"type": "string"
},
"os_name": {
"description": "OS name of guest virtual machine. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "OS name",
"type": "string"
}
},
"title": "Guest virtual machine details",
"type": "object"
}
HaInfo (type)
{
"id": "HaInfo",
"properties": {
"failover_mode": {
"description": "Logical router failover mode",
"enum": [
"PREEMPTIVE",
"NON-PREEMPTIVE"
],
"readonly": true,
"title": "Logical router failover mode",
"type": "string"
},
"ha_mode": {
"description": "Logical router HA mode",
"enum": [
"ACTIVE-STANDBY",
"ACTIVE-ACTIVE"
],
"readonly": true,
"title": "Logical router HA mode",
"type": "string"
},
"ha_state": {
"description": "Logical router HA state DOWN - Logical router is not in good health SYNC - Logical router is synchronizing data from peer logical router STANDBY - Logical router is available to go Active ACTIVE - Logical router is forwarding traffic",
"enum": [
"DOWN",
"SYNC",
"STANDBY",
"ACTIVE"
],
"readonly": true,
"title": "Logical router HA state",
"type": "string"
},
"rank": {
"description": "Rank of logical router",
"readonly": true,
"title": "Rank of logical router",
"type": "integer"
},
"state-history": {
"$ref": "LogicalRouterHaHistory,
"description": "Logical router high-availability history",
"readonly": true,
"title": "Logical router high-availability history"
}
},
"type": "object"
}
HaVipConfig (type)
{
"additionalProperties": false,
"id": "HaVipConfig",
"module_id": "LogicalRouter",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this ha vip config.",
"type": "boolean"
},
"ha_vip_subnets": {
"description": "Array of IP address subnets which will be used as floating IP addresses. | Note - this configuration is applicable only for Active-Standby LogicalRouter. | For Active-Active LogicalRouter this configuration will be rejected.",
"items": {
"$ref": "VIPSubnet
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "Floating IP address subnets",
"type": "array"
},
"redundant_uplink_port_ids": {
"description": "Identifiers of logical router uplink ports which are to be paired to provide | redundancy. Floating IP will be owned by one of these uplink ports (depending upon | which node is Active).",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 2,
"required": true,
"title": "Identifiers of uplink ports for providing redundancy",
"type": "array"
}
},
"type": "object"
}
Header (type)
{
"additionalProperties": false,
"description": "Header of a widget that provides additional information. This will be shown at the container level. It includes details as label value pairs.",
"id": "Header",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the header will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"content_alignment": {
"default": "RIGHT",
"description": "Alignment of header labels.",
"enum": [
"LEFT",
"RIGHT"
],
"title": "alignment for labelvalue pair",
"type": "string"
},
"sub_header_widgets": {
"description": "An array of widgets which will appear inside the container header Instead of 'sub_headers' property use this property.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"title": "An array of widgets inside the container header",
"type": "array"
},
"sub_headers": {
"deprecated": true,
"description": "An array of label-value properties. This field is deprecated instead used 'sub_header_widgets' property to define header widgets.",
"items": {
"$ref": "PropertyItem
},
"minItems": 0,
"title": "Rows",
"type": "array"
}
},
"title": "Widget Header",
"type": "object"
}
HealthCheckResult (type)
{
"description": "Result of health check.",
"id": "HealthCheckResult",
"module_id": "HealthCheck",
"properties": {
"results_per_transport_node": {
"description": "List of health check results on specific transport node.",
"items": {
"$ref": "HealthCheckResultPerTransportNode
},
"readonly": true,
"required": false,
"title": "Health Check Results Per Transport Node",
"type": "array"
},
"updated_time": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp of check result updated.",
"readonly": true
},
"vlan_mtu_status": {
"$ref": "VlanMtuHealthCheckResultStatus,
"description": "Overall status of VLAN-MTU health check result.",
"readonly": true
}
},
"title": "Health Check Result",
"type": "object"
}
HealthCheckResultOnHostSwitch (type)
{
"description": "Health check result on specific host switch of specific transport node.",
"id": "HealthCheckResultOnHostSwitch",
"module_id": "HealthCheck",
"properties": {
"host_switch_name": {
"description": "Name of the host switch.",
"readonly": true,
"title": "Host Switch Name",
"type": "string"
},
"results_per_uplink": {
"description": "List of health check results per uplink on current host switch of specific transport node.",
"items": {
"$ref": "HealthCheckResultPerUplink
},
"readonly": true,
"required": false,
"title": "Health Check Results Per uplink",
"type": "array"
},
"updated_time": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp of check result updated.",
"readonly": true
},
"vlan_mtu_status": {
"$ref": "VlanMtuHealthCheckResultStatus,
"description": "Status of VLAN-MTU health check result on host switch.",
"readonly": true
}
},
"title": "Health Check Result On Host Switch",
"type": "object"
}
HealthCheckResultPerTransportNode (type)
{
"description": "Health check result on specific transport node",
"id": "HealthCheckResultPerTransportNode",
"module_id": "HealthCheck",
"properties": {
"result_on_host_switch": {
"$ref": "HealthCheckResultOnHostSwitch,
"readonly": true
},
"transport_node_id": {
"description": "ID of the Transport Node.",
"readonly": true,
"title": "Transport Node ID",
"type": "string"
}
},
"title": "Health Check Result Per Transport Node",
"type": "object"
}
HealthCheckResultPerUplink (type)
{
"description": "Health check result for specific uplink.",
"id": "HealthCheckResultPerUplink",
"module_id": "HealthCheck",
"properties": {
"mtu_disallowed": {
"description": "List of VLAN ID ranges which are allowed by VLAN settings but may be disallowed by MTU settings.",
"items": {
"$ref": "HealthCheckVlanRange
},
"readonly": true,
"required": false,
"title": "MTU Disallowed",
"type": "array"
},
"uplink_name": {
"description": "Name of the uplink.",
"readonly": true,
"title": "Uplink Name",
"type": "string"
},
"vlan_and_mtu_allowed": {
"description": "List of VLAN ID ranges which are allowed by VLAN and MTU settings.",
"items": {
"$ref": "HealthCheckVlanRange
},
"readonly": true,
"required": false,
"title": "VLAN and MTU Allowed",
"type": "array"
},
"vlan_disallowed": {
"description": "List of VLAN ID ranges which may be disallowed by VLAN settings.",
"items": {
"$ref": "HealthCheckVlanRange
},
"readonly": true,
"required": false,
"title": "VLAN Disallowed",
"type": "array"
}
},
"title": "Health Check Result Per Uplink",
"type": "object"
}
HealthCheckSpecVlans (type)
{
"description": "HealthCheckSpecVlan is used for specifying VLAN ID ranges for healthcheck.",
"id": "HealthCheckSpecVlans",
"module_id": "HealthCheck",
"properties": {
"vlan_ranges": {
"items": {
"$ref": "HealthCheckVlanRange
},
"minItems": 1,
"required": true,
"title": "VLAN ID ranges",
"type": "array"
}
},
"title": "VLAN Range Specification",
"type": "object"
}
HealthCheckVlanRange (type)
{
"id": "HealthCheckVlanRange",
"module_id": "HealthCheck",
"properties": {
"end": {
"$ref": "VlanID,
"required": true
},
"start": {
"$ref": "VlanID,
"required": true
}
},
"title": "VLAN ID range",
"type": "object"
}
HeatMapTransportNodesAggregateStatus (type)
{
"additionalProperties": false,
"id": "HeatMapTransportNodesAggregateStatus",
"module_id": "Heatmap",
"properties": {
"degraded_count": {
"title": "Number of transport nodes that are degraded",
"type": "int"
},
"down_count": {
"title": "Number of transport nodes that are down",
"type": "int"
},
"unknown_count": {
"title": "Number of transport nodes with unknown status",
"type": "int"
},
"up_count": {
"title": "Number of transport nodes that are up",
"type": "int"
}
},
"type": "object"
}
HeatMapTransportZoneStatus (type)
{
"additionalProperties": false,
"id": "HeatMapTransportZoneStatus",
"module_id": "Heatmap",
"properties": {
"degraded_count": {
"title": "Number of transport nodes that are degraded",
"type": "int"
},
"down_count": {
"title": "Number of transport nodes that are down",
"type": "int"
},
"unknown_count": {
"title": "Number of transport nodes with unknown status",
"type": "int"
},
"up_count": {
"title": "Number of transport nodes that are up",
"type": "int"
}
},
"type": "object"
}
HighPerformanceConfig (type)
{
"abstract": true,
"id": "HighPerformanceConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "high_performance_config_type"
},
"properties": {
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "Configuration supported to configure high performance.",
"type": "object"
}
HighPerformanceConfigParams (type)
{
"id": "HighPerformanceConfigParams",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"properties": {
"key": {
"required": true,
"title": "Key used to configure high performance.",
"type": "string"
},
"value": {
"required": true,
"title": "Value corresponding to the key.",
"type": "string"
}
},
"title": "Configuration parameters required to configure high performance.",
"type": "object"
}
HostInfraTrafficType (type) (Deprecated)
{
"deprecated": true,
"description": "The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned.",
"id": "HostInfraTrafficType",
"module_id": "NiocProfile",
"nsx_feature": "Nioc",
"properties": {
"dynamic_res_pool_name": {
"required": false,
"title": "Dynamic resource pool traffic name",
"type": "string"
},
"traffic_name": {
"enum": [
"FAULT_TOLERANCE",
"HBR",
"ISCSI",
"MANAGEMENT",
"NFS",
"VDP",
"VIRTUAL_MACHINE",
"VMOTION",
"VSAN"
],
"required": false,
"title": "Traffic types",
"type": "string"
}
},
"title": "Enumerate all types of traffic",
"type": "object"
}
HostKeyAlgorithms (type)
{
"enum": [
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521",
"ssh-dss",
"ssh-ed25519",
"ssh-rsa"
],
"id": "HostKeyAlgorithms",
"title": "SSH key type",
"type": "string"
}
HostMovementSpec (type)
{
"id": "HostMovementSpec",
"module_id": "SubCluster",
"properties": {
"destination": {
"description": "This is the policy path of destination sub-cluster to which hosts will be moved to. If this value is null, then we assume the host is moved into the cluster.",
"title": "Destination sub-cluster of hosts",
"type": "string"
},
"discovered_node_ids": {
"description": "Discovered node IDs to be moved.",
"items": {
"type": "string"
},
"required": true,
"title": "Discovered node IDs",
"type": "array"
},
"source": {
"description": "This is the policy path of source sub-cluster from which hosts are moved out",
"required": true,
"title": "Source sub-cluster of hosts",
"type": "string"
}
},
"title": "Fields required for host movement across sub-clusters",
"type": "object"
}
HostNode (type)
{
"additionalProperties": false,
"description": "Host node",
"extends": {
"$ref": "Node
},
"id": "HostNode",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"type-identifier": "HostNode"
},
"properties": {
"compute_collection_id": {
"description": "Id of the compute collection to which discovered node belongs.",
"readonly": true,
"required": false,
"title": "Compute collection id",
"type": "string"
},
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"discovered_node_id": {
"description": "Id of discovered node which was converted to create this node",
"readonly": true,
"required": false,
"title": "Discovered node id",
"type": "string"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpu": {
"description": "Specify list of DPU information.",
"items": {
"$ref": "DpuInfo
},
"readonly": true,
"required": false,
"title": "List of DPU information",
"type": "array"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"host_credential": {
"$ref": "HostNodeLoginCredential,
"description": "Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node.",
"required": false,
"title": "Host login credentials"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"maintenance_mode_state": {
"description": "Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress.",
"enum": [
"OFF",
"ENTERING",
"ON"
],
"readonly": true,
"required": false,
"title": "Maintenance mode state",
"type": "string"
},
"managed_by_server": {
"description": "The id of the vCenter server managing the ESXi type HostNode",
"readonly": true,
"required": false,
"title": "Id of vCenter server managing the HostNode",
"type": "string"
},
"os_type": {
"description": "Hypervisor type, for example ESXi or RHEL Container",
"enum": [
"ESXI",
"RHELSERVER",
"WINDOWSSERVER",
"RHELCONTAINER",
"UBUNTUSERVER",
"HYPERV",
"CENTOSSERVER",
"CENTOSCONTAINER",
"SLESSERVER",
"OELSERVER"
],
"required": true,
"title": "Hypervisor OS type",
"type": "string"
},
"os_version": {
"description": "Version of the hypervisor operating system",
"required": false,
"title": "Hypervisor OS version",
"type": "string"
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"windows_install_location": {
"description": "Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\\Program Files\\VMware\\NSX\\.",
"required": false,
"title": "Install location of Windows Server on baremetal being managed by NSX",
"type": "string"
}
},
"title": "Host node",
"type": "object"
}
HostNodeLoginCredential (type)
{
"additionalProperties": false,
"id": "HostNodeLoginCredential",
"module_id": "FabricNode",
"properties": {
"password": {
"required": false,
"sensitive": true,
"title": "The authentication password of the host node",
"type": "secure_string"
},
"thumbprint": {
"description": "For ESXi hosts, the thumbprint of the ESXi management service. For KVM hosts, the SSH key fingerprint. If thumbprint is not provided then connection to host may not be established and API call will fail.",
"required": false,
"title": "ESXi thumbprint or SSH key fingerprint of the host node",
"type": "string"
},
"username": {
"required": false,
"title": "The username of the account on the host node",
"type": "string"
}
},
"title": "The credentials to login into the host node",
"type": "object"
}
HostNodeStatus (type)
{
"id": "HostNodeStatus",
"module_id": "ComputeCollectionDeployment",
"properties": {
"config_status": {
"description": "Gives details of state of desired configuration. This property is available only if Tranport Node exists for the host. Following are the supported values pending - Transport Node configuration status is pending in_progress - Transport Node configuration status is in progress success - Transport Node configuration status is successful failed - Transport Node configuration status is failed partial_success - Transport Node configuration status is partial success orphaned - Transport Node configuration status is orphaned unknown - Transport Node configuration status is unknown error - Error occured during Transport Node configuration",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error"
],
"readonly": true,
"required": false,
"title": "Configuration status of host node",
"type": "string"
},
"deployment_status": {
"description": "This specifies the current nsx install status for host node. Following are the supported values INSTALL_IN_PROGRESS - NSX installation is in progress on the host INSTALL_FAILED - NSX installation failed on the host INSTALL_SUCCESSFUL - NSX installation successful on the host UNINSTALL_IN_PROGRESS - NSX uninstallation in progress on the host UNINSTALL_FAILED - NSX uninstallation failed on the host UNINSTALL_SUCCESSFUL - NSX uninstallation successful on the host UNINSTALL_SCHEDULED - NSX uninstallation is scheduled on the host UPGRADE_IN_PROGRESS - NSX upgrade is in progress on the host UPGRADE_FAILED - NSX upgrade failed on the host DEPLOYMENT_QUEUED - Deployment is queued on the DEPLOYMENT_IN_PROGRESS - Deployment is in progress DEPLOYMENT_FAILED - Deployment is failed DEPLOYMENT_SUCCESSFUL - Deployment is successful UNDEPLOYMENT_QUEUED - Undeployment is queued UNDEPLOYMENT_IN_PROGRESS - Undeployment is in progress UNDEPLOYMENT_FAILED - Undeployment failed UNDEPLOYMENT_SUCCESSFUL - Undeployment is successful UPGRADE_QUEUED - Upgrade is queued HOST_DISCONNECTED - Host is disconnected POWERED_OFF - Host is powered off",
"enum": [
"INSTALL_IN_PROGRESS",
"INSTALL_FAILED",
"INSTALL_SUCCESSFUL",
"UNINSTALL_IN_PROGRESS",
"UNINSTALL_FAILED",
"UNINSTALL_SUCCESSFUL",
"UNINSTALL_SCHEDULED",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"DEPLOYMENT_QUEUED",
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_QUEUED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_QUEUED",
"HOST_DISCONNECTED",
"POWERED_OFF"
],
"readonly": true,
"title": "Deployment progress status of host node",
"type": "string"
},
"node_id": {
"readonly": true,
"title": "Unique Id of the host node",
"type": "string"
}
},
"title": "Host Node Status",
"type": "object"
}
HostNodeStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "HostNodeStatusListResult",
"module_id": "ComputeCollectionDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostNodeStatus
},
"readonly": true,
"required": false,
"title": "HostNodeStatus Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HostNodeStatus queries result",
"type": "object"
}
HostSwitchConfigOption (type)
{
"id": "HostSwitchConfigOption",
"module_id": "TransportNode",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_id": {
"description": "This field is writable only in case of VDS type HostSwitch and system generated for NVDS type. For VDS type host switch, This field is used to lookup a VDS from corresponding Compute Manager and then can be configured for logical networking. For NVDS type host switch, This field is system generated and if provided will be overwritten.",
"required": false,
"title": "The host switch id. This ID will be used to reference a host switch.",
"type": "string"
},
"host_switch_profile_ids": {
"description": "Host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch. If transport node is created using Policy APIs, use policyPaths instead of UUIDs.",
"items": {
"$ref": "HostSwitchProfileTypeIdEntry
},
"required": false,
"title": "Identifiers of host switch profiles to be associated with this host switch.",
"type": "array"
},
"ip_assignment_spec": {
"$ref": "IpAssignmentSpec,
"description": "IPs can come from either a static IP pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"readonly": false,
"required": false,
"title": "Specification for IPs to be used with host switch virtual tunnel endpoints"
},
"ipv6_assignment_spec": {
"$ref": "Ipv6AssignmentSpec,
"description": "IPs can come from either a static IPv6 pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"nsx_feature": "L2Ipv6",
"readonly": false,
"required": false,
"title": "Specification for IPv6 IPs to be used with host switch virtual tunnel endpoints"
},
"uplinks": {
"description": "If VDS is used as a HostSwitch this attribute must be specified. You can associate uplinks from UplinkHostSwitchProfile to either VDS uplink or LAG. VDS uplink or LAG will inherit the global VDS level teaming policy from vSphere. NSX managed uplink or LAG will have NSX teaming policy configured through UplinkHostSwitchProfile.",
"items": {
"$ref": "VdsUplink
},
"required": false,
"title": "Uplink/LAG of VMware vSphere Distributed Switch connected to the HostSwitch",
"type": "array"
}
},
"title": "Host Switch configuration option specification",
"type": "object"
}
HostSwitchConfigSource (type)
{
"description": "This object contains references to transport node profile sub configurations that will be used to generate overridden host switch configuration.Such overridden configuration can be applied to a sub-cluster defined within vSphere managed cluster.",
"id": "HostSwitchConfigSource",
"module_id": "HostTransportNodeCollection",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_id": {
"required": true,
"title": "HostSwitch Id",
"type": "string"
},
"transport_node_profile_sub_config_name": {
"required": true,
"title": "Name of the TransportNodeProfile sub configuration to be used.",
"type": "string"
}
},
"title": "Overridden HostSwitch Configuration",
"type": "object"
}
HostSwitchInfo (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchInfo",
"module_id": "TransportZone",
"nsx_feature": "NsxtOnVds",
"properties": {
"host_switch_id": {
"readonly": true,
"required": true,
"title": "Unique ID of a host switch",
"type": "string"
},
"host_switch_mode": {
"enum": [
"STANDARD",
"ENS",
"ENS_INTERRUPT",
"LEGACY"
],
"readonly": true,
"required": true,
"title": "Mode of host switch",
"type": "string"
},
"host_switch_name": {
"readonly": true,
"required": true,
"title": "Name of a host switch",
"type": "string"
},
"host_switch_type": {
"enum": [
"NVDS",
"VDS"
],
"readonly": true,
"required": true,
"title": "Type of a host switch",
"type": "string"
}
},
"title": "Information of host switch participating in transport zone",
"type": "object"
}
HostSwitchProfileListParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "HostSwitchProfileListParameters",
"module_id": "BaseHostSwitchProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deployment_type": {
"$ref": "EdgeDeploymentType,
"description": "If the node_type is specified, then deployment_type may be specified to filter uplink profiles applicable to only PHYSICAL_MACHINE or VIRTUAL_MACHINE deployments of these nodes.",
"required": false,
"title": "Deployment type of EdgeNode or PublicCloudGatewayNode"
},
"hostswitch_profile_type": {
"$ref": "HostSwitchProfileType,
"required": false,
"title": "Type of host switch profile"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_type": {
"description": "The fabric node type is the resource_type of the Node such as EdgeNode and PublicCloudGatewayNode. If a fabric node type is given, uplink profiles that apply for nodes of the given type will be returned.",
"enum": [
"EdgeNode",
"PublicCloudGatewayNode"
],
"required": false,
"title": "Fabric node type for which uplink profiles are to be listed",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.",
"required": false,
"title": "The host switch profile's uplink teaming policy name",
"type": "string"
}
},
"title": "HostSwitchProfile List Parameters",
"type": "object"
}
HostSwitchProfileType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"UplinkHostSwitchProfile",
"LldpHostSwitchProfile",
"NiocProfile",
"ExtraConfigHostSwitchProfile",
"VtepHAHostSwitchProfile",
"HighPerformanceHostSwitchProfile"
],
"id": "HostSwitchProfileType",
"module_id": "BaseHostSwitchProfile",
"title": "Supported HostSwitch profiles.",
"type": "string"
}
HostSwitchProfileTypeIdEntry (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchProfileTypeIdEntry",
"module_id": "BaseHostSwitchProfile",
"properties": {
"key": {
"$ref": "HostSwitchProfileType
},
"value": {
"description": "key value",
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
HostSwitchProfilesListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "HostSwitchProfilesListResult",
"module_id": "BaseHostSwitchProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BaseHostSwitchProfile
},
"readonly": true,
"required": false,
"title": "HostSwitch Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HostSwitch Profile queries result",
"type": "object"
}
HostSwitchSpec (type)
{
"abstract": true,
"description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications.",
"id": "HostSwitchSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StandardHostSwitchSpec",
"PreconfiguredHostSwitchSpec"
],
"required": true,
"type": "string"
}
},
"title": "Abstract base type for transport node host switch specification",
"type": "object"
}
HostSwitchState (type) (Deprecated)
{
"deprecated": true,
"id": "HostSwitchState",
"module_id": "TransportNode",
"properties": {
"endpoints": {
"items": {
"$ref": "Endpoint
},
"readonly": true,
"title": "List of virtual tunnel endpoints which are configured on this switch",
"type": "array"
},
"host_switch_id": {
"readonly": true,
"title": "External ID of the HostSwitch",
"type": "string"
},
"host_switch_name": {
"description": "The name must be unique among all host switches specified in a given Transport Node.",
"readonly": true,
"title": "HostSwitch name. This name will be used to reference this HostSwitch.",
"type": "string"
},
"host_switch_type": {
"default": "NVDS",
"description": "VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX.",
"enum": [
"NVDS",
"VDS"
],
"nsx_feature": "NsxtOnVds",
"required": false,
"title": "Type of HostSwitch",
"type": "string"
},
"transport_zone_ids": {
"items": {
"type": "string"
},
"readonly": true,
"title": "List of Ids of TransportZones this HostSwitch belongs to",
"type": "array"
}
},
"title": "Host Switch State",
"type": "object"
}
HostTransportNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "HostTransportNode",
"module_id": "PolicyHostTransportNode",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_node_id_for_create": {
"description": "Specify discovered node id to create Host Transport Node for Discovered Node. This field is required during Host Transport Node create from vCenter server managing the ESXi type HostNode. No need to provide node_deployment_info while creating Host Transport Node for Discovered Node. If both node_deployment_info and discovered_node_id_for_create provided during Host TransportNode create payload then it will create Host Transport Node from the discovered node id provided in this field.",
"readonly": false,
"required": false,
"title": "Discovered node id to create Host Transport Node",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_switch_spec": {
"$ref": "HostSwitchSpec,
"description": "This property is used to either create standard host switches or to inform NSX about preconfigured host switches that already exist on the transport node. Pass an array of either StandardHostSwitchSpec objects or PreconfiguredHostSwitchSpec objects. It is an error to pass an array containing different types of HostSwitchSpec objects.",
"required": false,
"title": "Transport node host switch specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_overridden": {
"description": "This flag is relevant to only those hosts which are part of a compute collection which has transport node profile (TNP) applied on it. If through any update, the transport node configuration is found to be different than TNP configuration, then this field is set to true. If through any update, the transport node configuration is found to be same as TNP configuration, then this field is set to false. Updates here include all kinds of updates to the TNP, updates to transport node collection (TNC) or updates to transport node (TN)",
"readonly": true,
"required": false,
"title": "Indicates if config is different than compute collection.",
"type": "boolean"
},
"maintenance_mode": {
"description": "The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call.",
"enum": [
"ENABLED",
"FORCE_ENABLED",
"DISABLED"
],
"readonly": true,
"title": "transport node maintenance mode desired state",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_deployment_info": {
"$ref": "FabricHostNode,
"required": false
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Transport Node",
"type": "object"
}
HostTransportNodeCollection (type)
{
"description": "Entity to indicate relation between Compute collection and Transport node template.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "HostTransportNodeCollection",
"module_id": "HostTransportNodeCollection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compute_collection_id": {
"required": true,
"title": "Compute collection id",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_nsx_on_dvpg": {
"description": "If this is set to true, NSX on DVPG will be enabled on the Transport Node Collection. DVPGs and ports will be detected to create Discovered Segments and Discovered Ports. If this flag is set from true to false, all Discovered Segments and Discovered Ports will be removed from NSX and NSX configuration will be removed from DVPortgroups on DVS DVPGs. If this is changed from false to true, NSX will begin creating all applicable Discovered Segments and Discovered Ports. This field is ignored if used with the API to Configure Transport Node Collection for Security, i.e., POST /infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-node-collections/<transport-node-collection-id>?action=install_for_microseg. The API will always treat this field as set to true.",
"nsx_feature": "HybridHostSwitchMode",
"required": false,
"title": "Enable NSX on DVPG",
"type": "boolean"
},
"has_nvds": {
"deprecated": true,
"required": false,
"title": "Flag indicating if applied profile has NVDS",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_cluster_config": {
"items": {
"$ref": "SubClusterConfig
},
"nsx_feature": "HostSwitchSubset",
"required": false,
"title": "List of sub-cluster configuration",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_node_profile_id": {
"required": false,
"title": "Transport Node Profile Path",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Compute collection transport node template",
"type": "object"
}
HostTransportNodeCollectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "HostTransportNodeCollectionListResult",
"module_id": "HostTransportNodeCollection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostTransportNodeCollection
},
"readonly": true,
"title": "Transport Node collection results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport Node collections list result",
"type": "object"
}
HostTransportNodeListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "HostTransportNodeListParameters",
"module_id": "PolicyHostTransportNode",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_node_id": {
"description": "This property can be used by itself or along with 'transport_zone_path'. This applies only to vCenter Managed hosts. For Unmanaged hosts use node_ip instead. These hosts are discovered by Nsx manager after adding a vCenter as Compute Manager. Refer to fabric discovered-nodes api to get discoverednode_id. eg. 6ab2278f-951d-471b-8d0f-510c825945f1:host-14",
"required": false,
"title": "discovered node id",
"type": "string"
},
"in_maintenance_mode": {
"description": "If the flag is true, transport node with 'ENABLED' or 'FORCE_ENABLED' desired state will be returned, otherwise transport nodes in 'DISABLED' will be returned.",
"required": false,
"title": "maintenance mode flag",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_ip": {
"description": "This property can only be used alone. It can not be combined with other filtering properties. If the ESX host has both IPv4 and IPv6 addresses, and the NSX Manager has both IPv4 and IPv6 addresses, then this filter will work only on the IPv6 address of the ESX host. In all other cases, this filter will work only on the IPv4 address of ESX host.",
"required": false,
"title": "Transport node IP address",
"type": "string"
},
"node_types": {
"description": "Specify types from [HostNode, EdgeNode, PublicCloudGatewayNode]. If a list of node types is given, all transport nodes of given types will be returned.",
"required": false,
"title": "a list of node types separated by comma or a single type",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"transport_zone_path": {
"description": "This property can be used along with 'node_id'. Valid Policy Tz path should be given, eg. /infra/sites/default/enforcement-points/default/transport-zones/web-tz1",
"required": false,
"title": "Transport zone path",
"type": "string"
}
},
"title": "Host Transport Node list parameters",
"type": "object"
}
HostTransportNodeListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "HostTransportNodeListResult",
"module_id": "PolicyHostTransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "HostTransportNode
},
"readonly": true,
"required": false,
"title": "Host TransportNode Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Host Transport Node queries result",
"type": "object"
}
HostUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "HostUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of host upgrade",
"type": "object"
}
HostUplink (type)
{
"id": "HostUplink",
"module_id": "ObservabilityCounters",
"properties": {
"num_pnics": {
"description": "Number of PNICs in the host.",
"required": false,
"type": "int"
},
"rx_error_total": {
"description": "Total RX drop (including errors) reported by the driver.",
"required": false,
"type": "integer"
},
"rx_missed": {
"description": "RX missed reported by the driver.",
"required": false,
"type": "integer"
},
"rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
HostVnic (type)
{
"id": "HostVnic",
"module_id": "ObservabilityCounters",
"properties": {
"num_vnics": {
"description": "Number of VNICs in the host.",
"required": false,
"type": "int"
},
"rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
HostedEntityInfo (type)
{
"id": "HostedEntityInfo",
"module_id": "ClusterManagement",
"properties": {
"entity_type": {
"description": "The type of entity hosted could be MP, CCP, VMC App etc.",
"readonly": true,
"required": true,
"title": "Type of entity",
"type": "string"
},
"entity_uuid": {
"readonly": true,
"required": true,
"title": "Unique identifier of entity",
"type": "string"
}
},
"type": "object"
}
HostnameOrIPAddress (type)
{
"format": "hostname-or-ip",
"id": "HostnameOrIPAddress",
"module_id": "Common",
"title": "Hostname or IPv4 or IPv6 address",
"type": "string"
}
HostnameOrIPv46Address (type)
{
"id": "HostnameOrIPv46Address",
"maxLength": 255,
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Hostname or IPv4 or IPv6 address",
"type": "string"
}
HostnameOrIPv4Address (type)
{
"format": "hostname-or-ipv4",
"id": "HostnameOrIPv4Address",
"module_id": "Common",
"title": "Hostname or IPv4 address",
"type": "string"
}
HostnameOrIPv4AddressOrEmptyString (type)
{
"id": "HostnameOrIPv4AddressOrEmptyString",
"maxLength": 255,
"module_id": "Common",
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^$",
"title": "Hostname or IPv4 address",
"type": "string"
}
HttpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "HttpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "http"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
}
},
"type": "object"
}
HttpRequestMethodType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"GET",
"OPTIONS",
"POST",
"HEAD",
"PUT"
],
"id": "HttpRequestMethodType",
"module_id": "LoadBalancer",
"title": "http monitor method",
"type": "string"
}
HttpRequestVersionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"HTTP_VERSION_1_0",
"HTTP_VERSION_1_1"
],
"id": "HttpRequestVersionType",
"module_id": "LoadBalancer",
"title": "http request version",
"type": "string"
}
HttpServiceProperties (type)
{
"additionalProperties": false,
"id": "HttpServiceProperties",
"properties": {
"basic_authentication_enabled": {
"default": true,
"deprecated": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"certificate": {
"$ref": "Certificate,
"deprecated": true,
"readonly": true,
"required": true
},
"cipher_suites": {
"deprecated": true,
"items": {
"$ref": "CipherSuite
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"deprecated": true,
"description": "A per-client concurrency limit. This is the maximum number of outstanding requests that a client can have. For example, a client can open multiple connections to NSX and submit operations on each connection. When this limit is exceeded, the server returns a 503 Service Unavailable error to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API concurrency limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"deprecated": true,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"deprecated": true,
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout, set to 0 to configure no timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"deprecated": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"global_api_concurrency_limit": {
"default": 100,
"deprecated": true,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API concurrency limit in calls",
"type": "integer"
},
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
},
"protocol_versions": {
"deprecated": true,
"items": {
"$ref": "ProtocolVersion
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString,
"default": "",
"deprecated": true,
"title": "Host name or IP address to use for redirect location headers, or empty string to derive from current request"
},
"session_timeout": {
"deprecated": true,
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout, set to 0 to configure no timeout",
"type": "integer"
}
},
"title": "HTTP Service properties",
"type": "object"
}
HttpsProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "HttpsProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "https"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"sha256_thumbprint": {
"required": true,
"title": "SSL thumbprint of server",
"type": "string"
}
},
"type": "object"
}
ICMPTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement
},
"id": "ICMPTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "ICMPTypeNSService"
},
"properties": {
"icmp_code": {
"required": false,
"title": "ICMP message code",
"type": "integer"
},
"icmp_type": {
"required": false,
"title": "ICMP message type",
"type": "integer"
},
"protocol": {
"enum": [
"ICMPv4",
"ICMPv6"
],
"required": true,
"title": "ICMP protocol type",
"type": "string"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "A NSService that represents IPv4 or IPv6 ICMP protocol",
"type": "object"
}
ICMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "ICMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ICMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_code": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message code",
"type": "integer"
},
"icmp_type": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message type",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol": {
"enum": [
"ICMPv4",
"ICMPv6"
],
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IPv4 or IPv6 ICMP protocol",
"type": "object"
}
IDSEventDataRequest (type)
{
"additionalProperties": false,
"description": "Filtering parameters to get only a subset of intrusion events.",
"id": "IDSEventDataRequest",
"module_id": "IDSMetrics",
"properties": {
"filters": {
"description": "An array of filter conditions.",
"items": {
"$ref": "FilterRequest
},
"required": false,
"title": "Filter conditions",
"type": "array"
}
},
"title": "Parameters to filter list of intrusions",
"type": "object"
}
IDSEventsBySignature (type)
{
"additionalProperties": false,
"description": "Intrusions that are detected, grouped by signature. It contains the signature id, severity, name, the number of intrusions of that type and the first occurence.",
"extends": {
"$ref": "Resource
},
"id": "IDSEventsBySignature",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of times signature was seen",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp,
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"severity": {
"description": "Severity of the threat covered by the signature, can be Critical, High, Medium, or Low.",
"readonly": true,
"required": false,
"title": "Severity of the signature",
"type": "string"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_name": {
"description": "Name of the signature pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Name of the signature",
"type": "string"
}
},
"title": "Detcted intrusions grouped by signature",
"type": "object"
}
IDSEventsBySignatureResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature, it contains minimal details about the intrusions.",
"extends": {
"$ref": "ListResult
},
"id": "IDSEventsBySignatureResult",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all intrusions detected, grouped by signature. The details include signature id, name, severity, timestamp, and total number of attempts per signature.",
"items": {
"$ref": "IDSEventsBySignature
},
"readonly": true,
"title": "List of all intrusions detected",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions grouped by signature",
"type": "object"
}
IDSEventsSummary (type)
{
"additionalProperties": false,
"description": "Intrusion event with all the event and signature details, each event contains the signature id, name, severity, first and recent occurence, users and VMs affected and other signature metadata.",
"extends": {
"$ref": "Resource
},
"id": "IDSEventsSummary",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"affected_vm_count": {
"description": "Count of VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Count of VMs this signature was detected on",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp,
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"idsflow_details": {
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, and protocol.",
"items": {
"$ref": "IdsEventFlowData
},
"readonly": true,
"required": false,
"title": "IDS event flow data details",
"type": "object"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"is_rule_valid": {
"description": "Indicates if the rule id is valid or not.",
"readonly": true,
"required": false,
"title": "Is the rule id valid",
"type": "boolean"
},
"latest_occurence": {
"$ref": "EpochMsTimestamp,
"description": "Latest occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Latest occurence of the intrusion"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id that detected this particular intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_metadata": {
"description": "Metadata about the detected signature including name, id, severity, product affected, protocol etc.",
"items": {
"$ref": "IDSSignatureDetail
},
"readonly": true,
"required": false,
"title": "Metadata about the detected signature",
"type": "object"
},
"total_count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of occurrences of this signature",
"type": "integer"
},
"user_details": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"$ref": "IdsUserStats
},
"readonly": true,
"required": false,
"title": "List of users on the affected VMs",
"type": "object"
},
"vm_details": {
"description": "List of VMs on which a particular signature was detected with the count.",
"items": {
"$ref": "IdsVmStats
},
"readonly": true,
"required": false,
"title": "List of VMs this signature was seen",
"type": "object"
}
},
"title": "Intrusions with event and signature data",
"type": "object"
}
IDSProfile (type)
{
"additionalProperties": false,
"description": "An entity that holds the list of IDS signatures which need to be detected. The profiles can be custom created or built in.",
"extends": {
"$ref": "ManagedResource
},
"id": "IDSProfile",
"module_id": "IDSProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signatures": {
"description": "List of IDS signatures ids which need to be detected.",
"items": {
"type": "string"
},
"maxItems": 30000,
"minItems": 1,
"readonly": false,
"required": true,
"title": "IDS Signatures",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IDS Profile",
"type": "object"
}
IDSSignatureDetail (type)
{
"id": "IDSSignatureDetail",
"module_id": "IDSSignatures",
"properties": {
"action": {
"description": "Packet analysis action",
"title": "Action",
"type": "string"
},
"affected_product": {
"description": "Product affected by the signature.",
"title": "Affected product",
"type": "string"
},
"attack_target": {
"description": "Target of the attack tracked in the signature.",
"title": "Attack target",
"type": "string"
},
"category": {
"description": "VMware defined signature category.",
"items": {
"type": "string"
},
"title": "Category",
"type": "array"
},
"class_type": {
"description": "Class type of the signature.",
"title": "Signature class type",
"type": "string"
},
"cves": {
"description": "CVE of the signature.",
"items": {
"type": "string"
},
"title": "CVE of the signature",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature CVSSV2 score.",
"title": "Signature CVSSV2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature CVSSV3 score.",
"title": "Signature CVSSV3 score",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"enabled": {
"description": "Signature enabled.",
"title": "Enabled",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"title": "Flow established",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"name": {
"description": "Name of the signature.",
"title": "Signature name",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"resource_type": {
"description": "IDSSignatureDetail resource type.",
"readonly": true,
"required": true,
"title": "IDSSignatureDetail resource type",
"type": "string"
},
"severity": {
"description": "VMware defined signature severity.",
"title": "Severity",
"type": "string"
},
"signature_id": {
"description": "Unique ID of the signature rule.",
"title": "The signature ID",
"type": "integer"
},
"signature_revision": {
"description": "The revision of the signature",
"title": "Signature revision",
"type": "integer"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature.",
"items": {
"type": "string"
},
"title": "List of mitre attack URLs pertaining to signature",
"type": "array"
}
},
"type": "object"
}
IDSSummaryListResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature with their summary.",
"extends": {
"$ref": "ListResult
},
"id": "IDSSummaryListResult",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of the detected intrusions.",
"items": {
"$ref": "IDSEventsSummary
},
"maxItems": 100,
"readonly": true,
"title": "Paged collection of intrusions",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions with their summary",
"type": "object"
}
IGMPTypeNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement
},
"id": "IGMPTypeNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "IGMPTypeNSService"
},
"properties": {
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "A NSService that represents IGMP protocol",
"type": "object"
}
IGMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "IGMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IGMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IGMP protocol",
"type": "object"
}
IKEDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IKEDigestAlgorithm",
"module_id": "IPSecVPN",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
IKEEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "IKEEncryptionAlgorithm",
"module_id": "IPSecVPN",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
IPAddress (type)
{
"format": "ip",
"id": "IPAddress",
"module_id": "Common",
"title": "IPv4 or IPv6 address",
"type": "string"
}
IPAddressElement (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource
},
"id": "IPAddressElement",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"ip_address": {
"$ref": "IPElement,
"required": true
}
},
"title": "IP Address",
"type": "object"
}
IPAddressElementListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "IPAddressElementListResult",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPAddressElement
},
"required": true,
"title": "IP address element list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of IP address elements",
"type": "object"
}
IPAddressExpression (type)
{
"additionalProperties": false,
"description": "Represents IP address expressions in the form of an array, to support addition of IP addresses in a group.If duplicate IP Addresses are provided these will be filtered out and only unique IP Addresses will be considered. Avoid creating groups with multiple IPAddressExpression.In future releases, group will be restricted to contain a single IPAddressExpression. To group IPAddresses, use nested groups instead of multiple IPAddressExpressions.",
"extends": {
"$ref": "Expression
},
"id": "IPAddressExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPAddressExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\". The max limit for number of IP addresses applies across all expressions in a group. Please refer to Config Max limits specification document for a given environment.",
"items": {
"$ref": "IPElement
},
"maxItems": 25000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP address expression node",
"type": "object"
}
IPAddressGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ip address and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPAddressGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_address": {
"required": true,
"title": "IPAddress",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ip address and enforcement point path",
"type": "object"
}
IPAddressList (type)
{
"additionalProperties": false,
"description": "Collection of IP Addresses.",
"id": "IPAddressList",
"module_id": "Policy",
"properties": {
"ip_addresses": {
"description": "The array contains IP addresses.",
"items": {
"$ref": "IPElement
},
"maxItems": 25000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "IP Address collection.",
"type": "object"
}
IPAddressOrCIDRBlock (type)
{
"format": "address-or-cidr-block",
"id": "IPAddressOrCIDRBlock",
"module_id": "Common",
"title": "IPAddress or CIDR Block",
"type": "string"
}
IPAddresses (type)
{
"id": "IPAddresses",
"module_id": "PortMirroring",
"properties": {
"ip_addresses": {
"description": "The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters.",
"items": {
"$ref": "IPElement
},
"minItems": 1,
"required": false,
"title": "IPs of the filter",
"type": "array"
}
},
"type": "object"
}
IPCIDRBlock (type)
{
"format": "ip-cidr-block",
"id": "IPCIDRBlock",
"module_id": "Common",
"title": "IPv4 or IPv6 CIDR Block",
"type": "string"
}
IPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Using this profile to configure different options of IP Discovery",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_nd_binding_timeout": {
"default": 10,
"description": "This property controls the ARP and ND cache timeout period. It is recommended that this property be greater than the ARP/ND cache timeout on the VM.",
"maximum": 120,
"minimum": 5,
"required": false,
"title": "ARP and ND cache timeout (in minutes)",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"duplicate_ip_detection": {
"$ref": "DuplicateIPDetectionOptions,
"description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.rt.",
"readonly": false,
"required": false,
"title": "Duplicate IP Dection Options"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_v4_discovery_options": {
"$ref": "IPv4DiscoveryOptions,
"description": "Indicates IPv4 Discovery options",
"required": false,
"title": "IPv4 Discovery options"
},
"ip_v6_discovery_options": {
"$ref": "IPv6DiscoveryOptions,
"description": "Indicates IPv6 Discovery options",
"required": false,
"title": "IPv6 Discovery options"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tofu_enabled": {
"default": true,
"description": "Indicates whether \"Trust on First Use(TOFU)\" paradigm is enabled.",
"required": false,
"title": "Is TOFU enabled or not",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"ip discovery segment profile"
],
"title": "IP Discovery Profile",
"type": "object"
}
IPDiscoveryProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPDiscoveryProfileListRequestParameters",
"module_id": "PolicyIpDiscovery",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IP Discovery Profile request parameters",
"type": "object"
}
IPDiscoveryProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPDiscoveryProfileListResult",
"module_id": "PolicyIpDiscovery",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPDiscoveryProfile
},
"required": true,
"title": "IP Discovery profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IP Discovery Profiles",
"type": "object"
}
IPElement (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "address-or-block-or-range",
"id": "IPElement",
"module_id": "Common",
"title": "IP address, range, or subnet",
"type": "string"
}
IPElementList (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "list-of-address-or-block-or-range",
"id": "IPElementList",
"module_id": "Common",
"title": "List of IP address, range, or subnet",
"type": "string"
}
IPFIXDFWCollector (type)
{
"additionalProperties": false,
"description": "IPFIX DFW data will be collected on collector Host IP and Port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWCollector",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress,
"description": "IP address for the IPFIX DFW collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"description": "Port for the IPFIX DFW collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector",
"type": "object"
}
IPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX data for the NSX distributed firewall will be sent to the specified IPFIX collectors.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collectors": {
"description": "It accepts Multiple Collectors.",
"items": {
"$ref": "IPFIXDFWCollector
},
"minItems": 1,
"required": true,
"title": "IPFIX DFW Collectors.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWCollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXDFWCollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile request parameters",
"type": "object"
}
IPFIXDFWCollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXDFWCollectorProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWCollectorProfile
},
"required": true,
"title": "IPFIX DFW Collection Instances list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "IPFIX packets from source will be sent to IPFIX DFW collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_flow_export_timeout": {
"default": 1,
"description": "For long standing active flows, IPFIX records will be sent per timeout period in minutes.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Active timeout (Minutes)",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collector_profile_path": {
"description": "Policy path for IPFIX collector profiles. IPFIX data from these logical segments will be sent to all specified IPFIX collectors.",
"required": true,
"title": "IPFIX collector Paths",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXDFWProfile"
],
"relationshipType": "IPFIX_DFW_COLLECTION_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXDFWCollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 65536,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 32000,
"minimum": 0,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Profile",
"type": "object"
}
IPFIXDFWProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXDFWProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Profile request parameters",
"type": "object"
}
IPFIXDFWProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXDFWProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWProfile
},
"required": true,
"title": "IPFIX DFW Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Profile",
"type": "object"
}
IPFIXL2Collector (type)
{
"additionalProperties": false,
"description": "IPFIX packets will be collected on collector. IP and port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2Collector",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress,
"description": "IP address for the IPFIX L2 collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"default": 4739,
"description": "Port number for the IPFIX L2 collector.",
"maximum": 65535,
"minimum": 0,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector",
"type": "object"
}
IPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX L2 data will be collected on collectors.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_collectors": {
"description": "It accepts Multiple Collector objects.",
"items": {
"$ref": "IPFIXL2Collector
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "It accepts Multiple Collector objects.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector Profile",
"type": "object"
}
IPFIXL2CollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXL2CollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX collector profile request parameters",
"type": "object"
}
IPFIXL2CollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXL2CollectorProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2CollectorProfile
},
"required": true,
"title": "IPFIX collector Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of IPFIX collector profiles.",
"type": "object"
}
IPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "IPFIX data from source logical segment, port, group will be forwarded to IPFIX collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired even if more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"title": "Active timeout",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"export_overlay_flow": {
"default": true,
"description": "This property controls whether overlay flow info is included in the sample result.",
"required": false,
"title": "Export overlay Flow",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"required": false,
"title": "Idle timeout",
"type": "int"
},
"ipfix_collector_profile_path": {
"description": "Policy path for IPFIX collector profile. User can specify only one IPFIX collector.",
"required": true,
"title": "IPFIX collector Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXL2Profile"
],
"relationshipType": "IPFIX_L2_PROFILE_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXL2CollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_flows": {
"default": 16384,
"description": "The maximum number of flow entries in each exporter flow cache.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Max flows",
"type": "integer"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"packet_sample_probability": {
"default": 0.1,
"description": "The probability in percentage that a packet is sampled, in range 0-100. The probability is equal for every packet.",
"exclusiveMinimum": true,
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Packet sample probability",
"type": "number"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 32000,
"minimum": 0,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Profile",
"type": "object"
}
IPFIXL2ProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXL2ProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX L2 Profile request parameters",
"type": "object"
}
IPFIXL2ProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXL2ProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2Profile
},
"required": true,
"title": "IPFIX L2 Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX L2 Profile",
"type": "object"
}
IPInfo (type)
{
"description": "An IP information structure that includes a single IP address and its associated prefix length.",
"id": "IPInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPMemberAction (type)
{
"additionalProperties": false,
"id": "IPMemberAction",
"module_id": "IPSet",
"properties": {
"action": {
"enum": [
"add_ip",
"remove_ip"
],
"readonly": false,
"required": true,
"title": "Specifies addition or removal action",
"type": "string"
}
},
"type": "object"
}
IPMirrorDestination (type)
{
"extends": {
"$ref": "MirrorDestination
},
"id": "IPMirrorDestination",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "IPMirrorDestination"
},
"properties": {
"destination_ips": {
"description": "The destination IPs of the mirror packet will be sent to.",
"items": {
"$ref": "IPAddress
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "List of destination IP addresses",
"type": "array"
},
"encapsulation_type": {
"$ref": "EncapsulationType,
"default": "GRE",
"description": "You can choose GRE, ERSPAN II or ERSPAN III.",
"required": true,
"title": "IPMirrorDestination encapsulation type"
},
"erspan_id": {
"description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.",
"maximum": 1023,
"minimum": 0,
"required": false,
"title": "ERSPAN session id",
"type": "int"
},
"gre_key": {
"description": "User-configurable 32-bit key only for GRE",
"required": false,
"title": "GRE encapsulation key",
"type": "int"
},
"resource_type": {
"$ref": "MirrorDestinationResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorDestination'",
"required": true
}
},
"type": "object"
}
IPPrefixList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "IPPrefixList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"prefixes": {
"items": {
"$ref": "PrefixConfig
},
"maxItems": 1330000,
"minItems": 1,
"required": true,
"title": "Ordered list of PrefixConfig",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IPPrefixListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPPrefixListListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPPrefixList
},
"required": true,
"title": "Paginated list of IPPrefixLists",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IPProtocolNSService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSServiceElement
},
"id": "IPProtocolNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "IPProtocolNSService"
},
"properties": {
"protocol_number": {
"required": true,
"title": "The IP protocol number",
"type": "integer"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "An NSService element that represents an IP protocol",
"type": "object"
}
IPProtocolServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "IPProtocolServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPProtocolServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol_number": {
"maximum": 255,
"minimum": 0,
"required": true,
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an IP protocol",
"type": "object"
}
IPSecDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IPSecDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IPSecDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IPSec tunnel establishment",
"type": "string"
}
IPSecEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IPSecEncryptionAlgorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256",
"NO_ENCRYPTION_AUTH_AES_GMAC_128",
"NO_ENCRYPTION_AUTH_AES_GMAC_192",
"NO_ENCRYPTION_AUTH_AES_GMAC_256",
"NO_ENCRYPTION"
],
"id": "IPSecEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithm used in IPSec tunnel",
"type": "string"
}
IPSecVPNDPDProfile (type)
{
"additionalProperties": false,
"description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNDPDProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_probe_interval": {
"description": "When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 3",
"title": "DPD probe interval defines an interval for DPD probes (in seconds)",
"type": "integer"
},
"dpd_probe_mode": {
"default": "PERIODIC",
"description": "DPD probe mode is used to query the liveliness of the peer. Two modes are possible - PERIODIC - is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. ON_DEMAND - is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds)",
"enum": [
"PERIODIC",
"ON_DEMAND"
],
"title": "DPD probe mode",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable dead peer detection.",
"title": "Enable dead peer detection (DPD)",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retry_count": {
"default": 5,
"description": "Maximum number of DPD messages retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.",
"maximum": 100,
"minimum": 1,
"title": "Retry count",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Dead peer detection (DPD) profile",
"type": "object"
}
IPSecVPNDPDProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the dead peer detection (DPD) profiles.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNDPDProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNDPDProfile
},
"required": true,
"title": "IPSec DPD Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List dead peer detection (DPD) profiles",
"type": "object"
}
IPSecVPNIKEProfile (type)
{
"additionalProperties": false,
"description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNIKEProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DHGroup
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.",
"items": {
"$ref": "IKEDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "IKEEncryptionAlgorithm
},
"title": "Encryption algorithm for IKE",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_version": {
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"title": "IKE version",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 86400,
"description": "Life time for security association. Default is 86400 seconds (1 day).",
"maximum": 31536000,
"minimum": 21600,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Internet key exchange (IKE) profile",
"type": "object"
}
IPSecVPNIKEProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the IKE profiles.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNIKEProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNIKEProfile
},
"required": true,
"title": "IKE Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IKE profiles",
"type": "object"
}
IPSecVPNIKEServiceSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all IPSec VPN sessions for a specified service.",
"extends": {
"$ref": "IPSecVPNSessionSummary
},
"id": "IPSecVPNIKEServiceSummary",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"display_name": {
"description": "VPN service display name.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "UUID for a vpn service.",
"readonly": true,
"title": "Service identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"logical_router_id": {
"description": "Logical router identifier associated with vpn service.",
"readonly": true,
"title": "Logical router identifier",
"type": "string"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary,
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN IKE service summary",
"type": "object"
}
IPSecVPNIKESessionStatus (type)
{
"additionalProperties": false,
"description": "Status for IPSec VPN IKE session UP, DOWN, NEGOTIATING and fail reason if IKE session is down.",
"id": "IPSecVPNIKESessionStatus",
"module_id": "VPNStatistics",
"properties": {
"fail_reason": {
"description": "Reason for failure.",
"readonly": true,
"title": "Fail reason",
"type": "string"
},
"ike_session_state": {
"description": "IKE session service status UP, DOWN and NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "IKE session state",
"type": "string"
},
"transport_node_id": {
"description": "Transport Node identifier where session is present.",
"readonly": true,
"title": "Transport Node Id",
"type": "string"
}
},
"title": "IKE session status",
"type": "object"
}
IPSecVPNIKETrafficStatistics (type)
{
"additionalProperties": false,
"description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.",
"id": "IPSecVPNIKETrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Number of bytes in.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Number of bytes out.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"fail_count": {
"description": "Fail count.",
"readonly": true,
"title": "Fail count",
"type": "integer"
},
"packets_in": {
"description": "Number of packets in.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Number of packets out.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN IKE traffic statistics",
"type": "object"
}
IPSecVPNLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Local endpoint represents a logical router on which tunnel needs to be terminated.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNLocalEndpoint",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Site certificate identifier.",
"title": "Certificate Id",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"$ref": "ResourceReference,
"description": "VPN Service id.",
"required": true,
"title": "VPN Service id"
},
"local_address": {
"$ref": "IPAddress,
"description": "IPv4 or IPv6 Address for local endpoint.",
"required": true,
"title": "IP Address for local endpoint"
},
"local_id": {
"description": "Local identifier.",
"title": "Local identifier",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_ca_ids": {
"description": "Certificate authority (CA) identifier list to verify peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate authority (CA) identifiers",
"type": "array"
},
"trust_crl_ids": {
"description": "Certificate revocation list (CRL) identifier list of peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate revocation list (CRL) Identifiers",
"type": "array"
}
},
"search_dsl_name": [
"ip sec vpn local endpoint (manager)"
],
"title": "IPSec VPN Local Endpoint",
"type": "object"
}
IPSecVPNLocalEndpointListParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get the filtered list of IPSec VPN local endpoints. Both filter parameters can be provided as they are not mutually exclusive.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "IPSecVPNLocalEndpointListParameters",
"module_id": "IPSecVPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "All the local endpoints configured with the specified VPN Service id will be included in the result.",
"required": false,
"title": "Id of the IPSec VPN service",
"type": "string"
},
"logical_router_id": {
"description": "All the local endpoints belonging to the specified logical router id will be included in the result.",
"required": false,
"title": "Id of logical router",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List parameters for IPSec VPN local endpoints",
"type": "object"
}
IPSecVPNLocalEndpointListResult (type)
{
"additionalProperties": false,
"description": "List all the local endpoints.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNLocalEndpointListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNLocalEndpoint
},
"required": true,
"title": "IPSec local endpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List local endpoints",
"type": "object"
}
IPSecVPNPeerEndpoint (type)
{
"additionalProperties": false,
"description": "IPSec VPN Peer Endpoint covers configuration to be applied locally to establish a session with remote endpoint on peer site.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNPeerEndpoint",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_id": {
"description": "Dead peer detection (DPD) profile id. Default will be set according to system default policy.",
"title": "Dead peer detection (DPD) profile id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_id": {
"description": "IKE profile id to be used. Default will be set according to system default policy.",
"title": "Internet key exchange (IKE) profile id",
"type": "string"
},
"ipsec_tunnel_profile_id": {
"description": "Tunnel profile id to be used. By default it will point to system default profile.",
"title": "IPSec tunnel profile id",
"type": "string"
},
"peer_address": {
"description": "IPv4 or IPv6 address of peer endpoint on remote site.",
"required": true,
"title": "IP Address of peer endpoint.",
"type": "string"
},
"peer_id": {
"description": "Peer identifier.",
"required": true,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPSec VPN Peer Endpoint",
"type": "object"
}
IPSecVPNPeerEndpointListResult (type)
{
"additionalProperties": false,
"description": "List all the peer endpoints.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNPeerEndpointListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNPeerEndpoint
},
"required": true,
"title": "IPSec Peer endpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List peer endpoints",
"type": "object"
}
IPSecVPNPolicyRule (type)
{
"additionalProperties": false,
"description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.",
"extends": {
"$ref": "EmbeddedResource
},
"id": "IPSecVPNPolicyRule",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink,
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"action": {
"default": "PROTECT",
"description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"readonly": true,
"title": "Action to be applied",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of peer subnets.",
"items": {
"$ref": "IPSecVPNPolicySubnet
},
"maxItems": 128,
"required": false,
"title": "Destination list",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A flag to enable/disable the policy rule.",
"title": "Enabled flag",
"type": "boolean"
},
"id": {
"description": "Unique policy id.",
"title": "Unique policy id",
"type": "string"
},
"logged": {
"default": false,
"description": "A flag to enable/disable the logging for the policy rule.",
"title": "Logging flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sources": {
"description": "List of local subnets.",
"items": {
"$ref": "IPSecVPNPolicySubnet
},
"maxItems": 128,
"required": false,
"title": "Source list",
"type": "array"
}
},
"title": "IPSec VPN policy rules",
"type": "object"
}
IPSecVPNPolicySubnet (type)
{
"additionalProperties": false,
"description": "Used to specify the local/peer subnets in IPSec VPN Policy rule.",
"id": "IPSecVPNPolicySubnet",
"module_id": "IPSecVPN",
"properties": {
"subnet": {
"$ref": "IPCIDRBlock,
"description": "Subnet used in policy rule.",
"required": true,
"title": "Peer or local subnet"
}
},
"title": "Subnet for IPSec Policy based VPN",
"type": "object"
}
IPSecVPNPolicyTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN policy traffic statistics",
"id": "IPSecVPNPolicyTrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"policy_id": {
"description": "Policy Identifier.",
"readonly": true,
"title": "Policy Identifier",
"type": "string"
},
"tunnel_port_id": {
"description": "Tunnel port identifier.",
"readonly": true,
"title": "Tunnel port identifier",
"type": "string"
},
"tunnel_statistics": {
"description": "Tunnel statistics.",
"items": {
"$ref": "IPSecVPNTunnelTrafficStatistics
},
"readonly": true,
"title": "Tunnel statistics",
"type": "array"
}
},
"title": "IPSec VPN policy traffic statistics",
"type": "object"
}
IPSecVPNService (type)
{
"additionalProperties": false,
"description": "Create and manage IPSec VPN service for given logical router.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNService",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bypass_rules": {
"description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.",
"items": {
"$ref": "IPSecVPNPolicyRule
},
"required": false,
"title": "Bypass Policy rules",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable VPN services for given logical router.",
"title": "Enable virtual private network (VPN) service",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"ipsec_ha_sync": {
"default": true,
"description": "Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled in case there are performance issues with the state sync messages. Default is to enable HA Sync.",
"title": "IPSec HA State Sync flag",
"type": "boolean"
},
"logical_router_id": {
"description": "Logical router id.",
"required": true,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPSec VPN service",
"type": "object"
}
IPSecVPNServiceListResult (type)
{
"additionalProperties": false,
"description": "List all the IPSec VPN services.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNServiceListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNService
},
"required": true,
"title": "IPSec VPN serivce list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IPSec VPN services",
"type": "object"
}
IPSecVPNSession (type)
{
"abstract": true,
"additionalProperties": false,
"description": "VPN session defines connection between local and peer endpoint. Untill VPN session is defined configuration is not realized.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNSession",
"module_id": "IPSecVPN",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "Identifier of VPN Service linked with local endpoint.",
"readonly": true,
"title": "IPSec VPN service identifier",
"type": "string"
},
"local_endpoint_id": {
"description": "Local endpoint identifier.",
"required": true,
"title": "Local endpoint identifier",
"type": "string"
},
"peer_endpoint_id": {
"description": "Peer endpoint identifier.",
"required": true,
"title": "Peer endpoint identifier",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVPNSessionResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMssClamping,
"required": false
}
},
"title": "IPSec VPN session",
"type": "object"
}
IPSecVPNSessionListParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get filtered list of IPSec VPN Sessions. The filter parameters are not mutually exclusive and can be used together.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "IPSecVPNSessionListParameters",
"module_id": "IPSecVPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "All the IPSec VPN sessions configured with the specified VPN Service id will be included in the result.",
"required": false,
"title": "Id of the IPSec VPN service",
"type": "string"
},
"logical_router_id": {
"description": "All the VPN sessions belonging to the specified logical router id will be included in the result.",
"required": false,
"title": "Id of logical router",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"session_type": {
"$ref": "IPSecVPNSessionResourceType,
"description": "All the IPSec VPN sessions of specified type will be included in the result.",
"required": false,
"title": "Type of the vpn session"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List parameters for IPSec VPN Sessions",
"type": "object"
}
IPSecVPNSessionListResult (type)
{
"additionalProperties": false,
"description": "List all the IPSec VPN sessions.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNSessionListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNSession
},
"required": true,
"title": "IPSec VPN sessions list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List IPSec VPN sessions",
"type": "object"
}
IPSecVPNSessionResourceType (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"enum": [
"PolicyBasedIPSecVPNSession",
"RouteBasedIPSecVPNSession"
],
"id": "IPSecVPNSessionResourceType",
"module_id": "IPSecVPN",
"title": "Resource types of IPsec VPN session",
"type": "string"
}
IPSecVPNSessionState (type)
{
"description": "This holds the state of IPSec VPN Session. If there are errors in realizing session outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "IPSecVPNSessionState",
"module_id": "IPSecVPN",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of IPSec VPN Session.",
"type": "object"
}
IPSecVPNSessionStatistics (type)
{
"additionalProperties": false,
"description": "Session statistics gives aggregated statistics of all policies for all the tunnels.",
"id": "IPSecVPNSessionStatistics",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"display_name": {
"description": "Display name of vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"ike_status": {
"$ref": "IPSecVPNIKESessionStatus,
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status summary"
},
"ike_traffic_statistics": {
"$ref": "IPSecVPNIKETrafficStatistics,
"description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.",
"readonly": true,
"title": "IKE traffic statistics"
},
"ipsec_vpn_session_id": {
"description": "UUID of vpn session.",
"readonly": true,
"title": "Session identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"partial_stats": {
"description": "Partial statistics if true specifies that the statistics are only from active node.",
"readonly": true,
"title": "Partial Statistics",
"type": "boolean"
},
"policy_statistics": {
"description": "Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.",
"items": {
"$ref": "IPSecVPNPolicyTrafficStatistics
},
"readonly": true,
"title": "IPSec policy statistics",
"type": "array"
}
},
"title": "IPSec VPN session statistics",
"type": "object"
}
IPSecVPNSessionStatus (type)
{
"additionalProperties": false,
"description": "IKE session traffic summary provides IKE session status and aggregate of traffic across all tunnel.",
"id": "IPSecVPNSessionStatus",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"display_name": {
"description": "Display name of vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"failed_tunnels": {
"description": "Number of failed tunnels.",
"readonly": true,
"title": "Failed tunnels",
"type": "integer"
},
"ike_status": {
"$ref": "IPSecVPNIKESessionStatus,
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status"
},
"ipsec_vpn_session_id": {
"description": "UUID of vpn session.",
"readonly": true,
"title": "Session identifier",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"negotiated_tunnels": {
"description": "Number of negotiated tunnels.",
"readonly": true,
"title": "Negotiated tunnels",
"type": "integer"
},
"session_status": {
"description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.",
"enum": [
"UP",
"DOWN",
"DEGRADED"
],
"readonly": true,
"title": "Session status",
"type": "string"
},
"total_tunnels": {
"description": "Total number of tunnels.",
"readonly": true,
"title": "Total tunnels",
"type": "integer"
}
},
"title": "IKE session traffic summary",
"type": "object"
}
IPSecVPNSessionSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all selected IPSec VPN sessions.",
"id": "IPSecVPNSessionSummary",
"module_id": "VPNStatistics",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary,
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN session summary",
"type": "object"
}
IPSecVPNSessionTrafficSummary (type)
{
"additionalProperties": false,
"description": "IPSec VPN session traffic summary.",
"id": "IPSecVPNSessionTrafficSummary",
"module_id": "VPNStatistics",
"properties": {
"ipsec_vpn_session": {
"$ref": "ResourceReference,
"description": "VPN Session.",
"readonly": true,
"title": "VPN session"
},
"traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Traffic stastics.",
"readonly": true,
"title": "Traffic stastics"
}
},
"title": "IPSec VPN session traffic summary",
"type": "object"
}
IPSecVPNTrafficCounters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "<br> Please use below Policy APIs to get IPSecVpnTrafficCounters. <br> GET /policy/api/v1/infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics <br> GET /policy/api/v1/infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics",
"description": "Traffic counters for IPSec VPN session.",
"id": "IPSecVPNTrafficCounters",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of bytes recevied.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of bytes sent.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"packets_in": {
"description": "Total number of packets received.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of packets sent.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN traffic counters",
"type": "object"
}
IPSecVPNTransportStatus (type)
{
"additionalProperties": false,
"description": "Provides IPSec VPN session status.",
"extends": {
"$ref": "L2VPNTransportTunnelStatus
},
"id": "IPSecVPNTransportStatus",
"module_id": "L2VPNStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVPNTransportStatus"
},
"properties": {
"resource_type": {
"$ref": "TransportTunnelResourceType,
"required": true
},
"status": {
"$ref": "IPSecVPNSessionStatus,
"description": "VPN session status provides IKE session status and aggregate of traffic across all tunnel.",
"readonly": true,
"title": "IPSec vpn session status"
},
"tunnel_id": {
"$ref": "ResourceReference,
"description": "Transport tunnel id.",
"readonly": true,
"title": "Transport tunnel id"
}
},
"title": "VPN Session status",
"type": "object"
}
IPSecVPNTunnelProfile (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSecVPNTunnelProfile",
"module_id": "IPSecVPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"df_policy": {
"default": "COPY",
"description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.",
"enum": [
"COPY",
"CLEAR"
],
"title": "Policy for handling defragmentation bit",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DHGroup
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".",
"items": {
"$ref": "TunnelDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"encapsulation_mode": {
"default": "TUNNEL_MODE",
"description": "Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.",
"enum": [
"TUNNEL_MODE"
],
"readonly": true,
"title": "Encapsulation Mode",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "TunnelEncryptionAlgorithm
},
"title": "Encryption algorithm to use in tunnel establishement",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 3600,
"description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.",
"maximum": 31536000,
"minimum": 900,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transform_protocol": {
"default": "ESP",
"description": "IPSec transform specifies IPSec security protocol.",
"enum": [
"ESP"
],
"readonly": true,
"title": "Tunnel protocol",
"type": "string"
}
},
"search_dsl_name": [
"ip sec vpn tunnel profile (manager)"
],
"title": "IPSec VPN tunnel profile",
"type": "object"
}
IPSecVPNTunnelProfileListResult (type)
{
"additionalProperties": false,
"description": "List all the tunnel profiles.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVPNTunnelProfileListResult",
"module_id": "IPSecVPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSecVPNTunnelProfile
},
"required": true,
"title": "IPSec Tunnel Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List tunnel profiles",
"type": "object"
}
IPSecVPNTunnelTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel traffic statistics.",
"id": "IPSecVPNTunnelTrafficStatistics",
"module_id": "VPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of incoming bytes on inbound Security association (SA).",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes on outbound Security association (SA).",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"decryption_failures": {
"description": "Total number of packets dropped due to decryption failures.",
"readonly": true,
"title": "Decryption failures",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"encryption_failures": {
"description": "Total number of packets dropped because of failure in encryption.",
"readonly": true,
"title": "Encryption failures",
"type": "integer"
},
"integrity_failures": {
"description": "Total number of packets dropped due to integrity failures.",
"readonly": true,
"title": "Integrity failures",
"type": "integer"
},
"local_subnet": {
"description": "Local subnet to which a tunnel belongs.",
"readonly": true,
"title": "Local subnet",
"type": "string"
},
"nomatching_policy_errors": {
"description": "Number of packets dropped because of no matching policy is available.",
"readonly": true,
"title": "Nomatching Policy errors",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets on inbound Security association (SA).",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets on outbound Security association (SA).",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_other_error": {
"description": "Total number of incoming packets dropped on inbound Security association (SA)(misc).",
"readonly": true,
"title": "Packets receive other error",
"type": "integer"
},
"packets_sent_other_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent other error",
"type": "integer"
},
"peer_subnet": {
"description": "Peer subnet to which a tunnel belongs.",
"readonly": true,
"title": "Peer subnet",
"type": "string"
},
"policy_id": {
"description": "Policy UUID of IPSec Tunnel.",
"readonly": true,
"title": "Policy Identifier",
"type": "string"
},
"replay_errors": {
"description": "Total number of packets dropped due to replay check on that Security association (SA).",
"readonly": true,
"title": "Replay errors",
"type": "integer"
},
"sa_mismatch_errors_in": {
"description": "Totoal number of security association (SA) mismatch errors on incoming packets.",
"readonly": true,
"title": "Security association (SA) mismatch errors on incoming packets",
"type": "integer"
},
"sa_mismatch_errors_out": {
"description": "Totoal number of security association (SA) mismatch errors on outgoing packets.",
"readonly": true,
"title": "Security association (SA) mismatch errors on outgoing packets",
"type": "integer"
},
"seq_number_overflow_error": {
"description": "Total number of packets dropped while sending due to overflow in sequence number.",
"readonly": true,
"title": "Sequence number overflow error",
"type": "integer"
},
"tunnel_down_reason": {
"description": "Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.",
"readonly": true,
"title": "Tunnel down reason",
"type": "string"
},
"tunnel_status": {
"description": "Specifies the status of tunnel. If all the SA (Security association) are negotiated then tunnels status will be UP. If negotiation fails for the SAs status will be DOWN, if SAs are in negotiating phase tunnels status will be NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "Tunnel Status",
"type": "string"
}
},
"title": "IPSec VPN tunnel traffic statistics",
"type": "object"
}
IPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_probe_interval": {
"description": "DPD probe interval defines an interval for DPD probes (in seconds). - When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. - When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 10",
"title": "DPD Probe Interval",
"type": "integer"
},
"dpd_probe_mode": {
"default": "PERIODIC",
"description": "DPD probe mode is used to query the liveliness of the peer. Two modes are possible: - PERIODIC: is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. - ON_DEMAND: is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds).",
"enum": [
"PERIODIC",
"ON_DEMAND"
],
"title": "DPD Probe Mode",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable dead peer detection.",
"title": "Enable dead peer detection (DPD)",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retry_count": {
"default": 10,
"description": "Maximum number of DPD messages' retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.",
"maximum": 100,
"minimum": 1,
"title": "Retry Count",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dead peer detection (DPD) profile",
"type": "object"
}
IPSecVpnDpdProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnDpdProfile.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnDpdProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnDpdProfile list request parameters",
"type": "object"
}
IPSecVpnDpdProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnDpdProfile.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnDpdProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnDpdProfile list results.",
"items": {
"$ref": "IPSecVpnDpdProfile
},
"required": true,
"title": "IPSecVpnDpdProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnDpdProfile",
"type": "object"
}
IPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. A default value of SHA2_256 will be applied only when the supplied encryption algorithms contain either AES_128 or AES_256.",
"items": {
"$ref": "IkeDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "IkeEncryptionAlgorithm
},
"title": "Encryption algorithm for IKE",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_version": {
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"title": "IKE version",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 86400,
"description": "Life time for security association. Default is 86400 seconds (1 day).",
"maximum": 31536000,
"minimum": 21600,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Internet key exchange (IKE) profile",
"type": "object"
}
IPSecVpnIkeProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnIkeProfile.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnIkeProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnIkeProfile list request parameters",
"type": "object"
}
IPSecVpnIkeProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnIkeProfile.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnIkeProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnIkeProfile list results.",
"items": {
"$ref": "IPSecVpnIkeProfile
},
"required": true,
"title": "IPSecVpnIkeProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnIkeProfile",
"type": "object"
}
IPSecVpnIkeSessionStatus (type)
{
"additionalProperties": false,
"description": "Status for IPSec VPN Ike session UP, DOWN, NEGOTIATING and fail reason if Ike session is down.",
"id": "IPSecVpnIkeSessionStatus",
"module_id": "PolicyVPNStatistics",
"properties": {
"fail_reason": {
"description": "Reason for failure.",
"readonly": true,
"title": "Fail reason",
"type": "string"
},
"ike_session_state": {
"description": "Ike session service status UP, DOWN and NEGOTIATING.",
"enum": [
"UP",
"DOWN",
"NEGOTIATING"
],
"readonly": true,
"title": "Ike session state",
"type": "string"
}
},
"title": "Ike session status",
"type": "object"
}
IPSecVpnIkeTrafficStatistics (type)
{
"additionalProperties": false,
"description": "Traffic statistics for IPSec VPN Ike session. Note - Not supported in this release.",
"id": "IPSecVpnIkeTrafficStatistics",
"module_id": "PolicyVPNStatistics",
"properties": {
"bytes_in": {
"description": "Number of bytes in.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Number of bytes out.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"fail_count": {
"description": "Fail count.",
"readonly": true,
"title": "Fail count",
"type": "integer"
},
"packets_in": {
"description": "Number of packets in.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Number of packets out.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN Ike traffic statistics",
"type": "object"
}
IPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope attribute at the corresponding LM. Local endpoint without any scope will be realized on all sites. The scope attribute is applicable only on GM not on LM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_path": {
"description": "Policy path referencing site certificate.",
"title": "Certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_address": {
"$ref": "IPAddress,
"description": "IPv4 or IPv6 Address of local endpoint. Please note that configuring local_address as IPv6 address is not supported in the deprecated IPSecVpnLocalEndpoint Patch/PUT APIs.",
"required": true,
"title": "IPv4 or IPv6 Address of local endpoint"
},
"local_id": {
"description": "Local identifier.",
"title": "Local identifier",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Scope attribute refers to the Policy path identifying the LocaleService of specific site where all the local end point configurations will be realized. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope at the corresponding LM. Local endpoint without any scope will be realized on all sites. This attribute will not be applicable on LM.",
"required": false,
"title": "scope identify the site to which LocalEndpoint configuration associated with. Applicable only in GM",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_LOCALE_SERVICE_RELATIONSHIP",
"rightType": [
"LocaleServices"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_ca_paths": {
"description": "List of policy paths referencing certificate authority (CA) to verify peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate authority (CA) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"trust_crl_paths": {
"description": "List of policy paths referencing certificate revocation list (CRL) to peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate revocation list (CRL) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CRL_RELATIONSHIP",
"rightType": [
"TlsCrl"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Local Endpoint",
"type": "object"
}
IPSecVpnLocalEndpointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnLocalEndpoint.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnLocalEndpointListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnLocalEndpoint list request parameters",
"type": "object"
}
IPSecVpnLocalEndpointListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnLocalEndpoint.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnLocalEndpointListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnLocalEndpoint list results.",
"items": {
"$ref": "IPSecVpnLocalEndpoint
},
"required": true,
"title": "IPSecVpnLocalEndpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnLocalEndpoint",
"type": "object"
}
IPSecVpnRule (type)
{
"additionalProperties": false,
"description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy\u2019s match criteria.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnRule",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"default": "PROTECT",
"description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"readonly": true,
"title": "Action to be applied",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of IPv4 or IPv6 peer subnets. Specifying no value is interpreted as 0.0.0.0/0, ::/0. The maximum number of IPv4 or IPv6 local subnets allowed is 128 Please note that configuring IPv6 peer subnets is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "IPSecVpnSubnet
},
"maxItems": 256,
"required": false,
"title": "Destination list",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A flag to enable/disable the rule.",
"title": "Enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "A flag to enable/disable the logging for the rule.",
"title": "Logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "A sequence number is used to give a priority to an IPSecVpnRule.",
"minimum": 0,
"required": false,
"title": "Sequence number of the IPSecVpnRule",
"type": "int"
},
"sources": {
"description": "List of IPv4 or IPv6 local subnets. Specifying no value is interpreted as 0.0.0.0/0, ::/0. The maximum number of IPv4 or IPv6 local subnets allowed is 128 Please note that configuring IPv6 local subnets is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "IPSecVpnSubnet
},
"maxItems": 256,
"required": false,
"title": "Source list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Rule",
"type": "object"
}
IPSecVpnService (type)
{
"additionalProperties": false,
"description": "Create and manage IPSec VPN service under tier-0/tier-1.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"policy_hierarchical_children": [
"ChildIPSecVpnLocalEndpoint",
"ChildIPSecVpnSession"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bypass_rules": {
"description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.",
"items": {
"$ref": "IPSecVpnRule
},
"required": false,
"title": "Bypass Policy rules",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable VPN services under tier-0/tier-1.",
"title": "Enable virtual private network (VPN) service",
"type": "boolean"
},
"ha_sync": {
"default": true,
"description": "Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled if in case there are performance issues w.r.t. the state sync messages.",
"title": "Flag to enable IPSec HA State Sync",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN service",
"type": "object"
}
IPSecVpnServiceListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnService.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnServiceListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnService list request parameters",
"type": "object"
}
IPSecVpnServiceListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnService.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnServiceListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnService list results.",
"items": {
"$ref": "IPSecVpnService
},
"required": true,
"title": "IPSecVpnService list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnService",
"type": "object"
}
IPSecVpnSession (type)
{
"abstract": true,
"additionalProperties": false,
"description": "VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"$ref": "IPAddress,
"description": "Public IPV4 or IPV6 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. Please note that configuring peer_address as IPv6 address is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"required": false,
"title": "IPV4 or IPV6 address of peer endpoint on remote site"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN session",
"type": "object"
}
IPSecVpnSessionListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnSession.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnSessionListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnSession list request parameters",
"type": "object"
}
IPSecVpnSessionListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnSession.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnSessionListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnSession list results.",
"items": {
"$ref": "IPSecVpnSession
},
"required": true,
"title": "IPSecVpnSession list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnSession",
"type": "object"
}
IPSecVpnSessionResourceType (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"enum": [
"PolicyBasedIPSecVpnSession",
"RouteBasedIPSecVpnSession"
],
"id": "IPSecVpnSessionResourceType",
"module_id": "PolicyVpnIPSecVpn",
"title": "Resource types of IPsec VPN session",
"type": "string"
}
IPSecVpnSessionStatisticsNsxT (type)
{
"additionalProperties": false,
"description": "IPSec VPN session statistics represents statistics on an NSX-T type of enforcement point. It gives aggregated statistics of all policies for all the tunnels.",
"extends": {
"$ref": "IPSecVpnSessionStatisticsPerEP
},
"id": "IPSecVpnSessionStatisticsNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnSessionStatisticsNsxT"
},
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVpnTrafficCounters,
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display Name of vpn session.",
"readonly": true,
"title": "Display Name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"ike_status": {
"$ref": "IPSecVpnIkeSessionStatus,
"description": "Status for IPSec VPN Ike session UP/DOWN and fail reason if Ike session is down.",
"readonly": true,
"title": "Ike status summary"
},
"ike_traffic_statistics": {
"$ref": "IPSecVpnIkeTrafficStatistics,
"description": "Traffic statistics for IPSec VPN Ike session.",
"readonly": true,
"title": "Ike traffic statistics"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"policy_statistics": {
"description": "Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.",
"items": {
"$ref": "IpSecVpnPolicyTrafficStatistics
},
"readonly": true,
"title": "IPSec policy statistics",
"type": "array"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatisticsNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN session statistics",
"type": "object"
}
IPSecVpnSessionStatisticsPerEP (type)
{
"abstract": true,
"description": "IPSec VPN Session Statistics Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "IPSecVpnSessionStatisticsPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatisticsNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN Session Statistics Per Enforcement Point",
"type": "object"
}
IPSecVpnSessionStatusNsxT (type)
{
"additionalProperties": false,
"description": "IPSec VPN Session Status represents status on an NSX-T type of enforcement point.",
"extends": {
"$ref": "IPSecVpnSessionStatusPerEP
},
"id": "IPSecVpnSessionStatusNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnSessionStatusNsxT"
},
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVpnTrafficCounters,
"description": "Aggregate traffic statistics across all ipsec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display Name of vpn session.",
"readonly": true,
"title": "Display Name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"failed_tunnels": {
"description": "Number of failed tunnels.",
"readonly": true,
"title": "Failed tunnels",
"type": "integer"
},
"ike_status": {
"$ref": "IPSecVpnIkeSessionStatus,
"description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.",
"readonly": true,
"title": "IKE status"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"negotiated_tunnels": {
"description": "Number of negotiated tunnels.",
"readonly": true,
"title": "Negotiated tunnels",
"type": "integer"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatusNsxT"
],
"required": true,
"type": "string"
},
"runtime_status": {
"description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.",
"enum": [
"UP",
"DOWN",
"DEGRADED"
],
"readonly": true,
"title": "Session Runtime Status",
"type": "string"
},
"total_tunnels": {
"description": "Total number of tunnels.",
"readonly": true,
"title": "Total tunnels",
"type": "integer"
}
},
"title": "IPSec VPN session traffic summary",
"type": "object"
}
IPSecVpnSessionStatusPerEP (type)
{
"abstract": true,
"description": "IPSec VPN Session Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "IPSecVpnSessionStatusPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"IPSecVpnSessionStatusNsxT"
],
"required": true,
"type": "string"
}
},
"title": "IPSec VPN Session Status Per Enforcement Point",
"type": "object"
}
IPSecVpnSubnet (type)
{
"additionalProperties": false,
"description": "Used to specify the local/peer subnets in IPSec VPN rule.",
"id": "IPSecVpnSubnet",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"subnet": {
"$ref": "IPCIDRBlock,
"description": "Subnet used in policy rule.",
"required": true,
"title": "IPv4/IPv6 Peer or local subnet"
}
},
"title": "Subnet for IPSec Policy based VPN",
"type": "object"
}
IPSecVpnTrafficCounters (type)
{
"additionalProperties": false,
"description": "Traffic counters for IPSec VPN session.",
"id": "IPSecVpnTrafficCounters",
"module_id": "PolicyVPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of bytes recevied.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of bytes sent.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"packets_in": {
"description": "Total number of packets received.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of packets sent.",
"readonly": true,
"title": "Packets out",
"type": "integer"
}
},
"title": "IPSec VPN traffic counters",
"type": "object"
}
IPSecVpnTransportStatus (type)
{
"additionalProperties": false,
"description": "Provides IPSec VPN session status.",
"extends": {
"$ref": "L2VPNSessionTransportTunnelStatus
},
"id": "IPSecVpnTransportStatus",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "IPSecVpnTransportStatus"
},
"properties": {
"resource_type": {
"enum": [
"IPSecVpnTransportStatus"
],
"required": true,
"type": "string"
},
"session_status": {
"$ref": "IPSecVpnSessionStatusNsxT,
"readonly": true,
"title": "IPSec VPN Session status"
},
"transport_tunnel_path": {
"description": "Policy path referencing Transport Tunnel.",
"readonly": true,
"title": "Policy path referencing Transport Tunnel",
"type": "string"
}
},
"title": "IPSec VPN Session status",
"type": "object"
}
IPSecVpnTunnelInterface (type)
{
"additionalProperties": false,
"description": "IP tunnel interface configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnTunnelInterface",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_subnets": {
"description": "IP Tunnel interface (commonly referred as VTI) subnet. Supports assigning both IPv4 and IPV6 subnets to VTI. If two IPs are provided for VTI, both cannot be of same IP versions. Please note that configuring IPv6 subnets to VTI is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"items": {
"$ref": "TunnelInterfaceIPSubnet
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "IP Tunnel interface subnet",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP tunnel interface configuration",
"type": "object"
}
IPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"df_policy": {
"default": "COPY",
"description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.",
"enum": [
"COPY",
"CLEAR"
],
"title": "Policy for handling defragmentation bit",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup
},
"title": "Dh group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".",
"items": {
"$ref": "IPSecDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "IPSecEncryptionAlgorithm
},
"title": "Encryption algorithm to use in IPSec tunnel establishement",
"type": "array"
},
"extended_attributes": {
"description": "Collection of type specific properties. As of now, to hold encapsulation mode and transform protocol.",
"items": {
"$ref": "AttributeVal
},
"readonly": true,
"required": false,
"title": "Extended Attributes.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 3600,
"description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.",
"maximum": 31536000,
"minimum": 900,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN tunnel profile",
"type": "object"
}
IPSecVpnTunnelProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get filtered list of IPSecVpnTunnelProfile.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPSecVpnTunnelProfileListRequestParameters",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSecVpnTunnelProfile list request parameters",
"type": "object"
}
IPSecVpnTunnelProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of IPSecVpnTunnelProfile.",
"extends": {
"$ref": "ListResult
},
"id": "IPSecVpnTunnelProfileListResult",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "IPSecVpnTunnelProfile list results.",
"items": {
"$ref": "IPSecVpnTunnelProfile
},
"required": true,
"title": "IPSecVpnTunnelProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPSecVpnTunnelProfile",
"type": "object"
}
IPSet (type)
{
"additionalProperties": false,
"description": "IPSet is used to group individual IP addresses, range of IP addresses or subnets. An IPSet is a homogeneous group of IP addresses, either of type IPv4 or of type IPv6. IPSets can be used as source or destination in firewall rules. These can also be used as members of NSGroups.",
"extends": {
"$ref": "ManagedResource
},
"id": "IPSet",
"module_id": "IPSet",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPElement
},
"maxItems": 4000,
"required": false,
"title": "IP addresses",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Set of one or more IP addresses",
"type": "object"
}
IPSetDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "IPSetDeleteRequestParameters",
"module_id": "IPSet",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "IPSet delete request parameters",
"type": "object"
}
IPSetListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "IPSetListRequestParameters",
"module_id": "IPSet",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPSet list request parameters",
"type": "object"
}
IPSetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPSetListResult",
"module_id": "IPSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPSet
},
"required": true,
"title": "IPSet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IPSets",
"type": "object"
}
IPSubnet (type)
{
"additionalProperties": false,
"id": "IPSubnet",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_addresses": {
"description": "All IP addresses, some of which may be automatically configured. When updating this field, the payload may contain only the IP addresses that should be changed, or may contain the IP addresses to change as well as the automatically assigned addresses. Currently, only one updatable address and one system-maintained address are supported. Currently, the system-maintained address supported is Extended Unique Identifier(EUI)-64 address. EUI-64 address is generated by the system only when user configured ip-subnet has prefix length less than or equal to 64.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "IP Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPsecVPNIKESessionSummary (type)
{
"additionalProperties": false,
"description": "IPSec VPN session status summary, gives total, failed, degraded and established IPSec VPN sessions.",
"id": "IPsecVPNIKESessionSummary",
"module_id": "VPNStatistics",
"properties": {
"degraded_sessions": {
"description": "Number of degraded sessions.",
"readonly": true,
"title": "Degraded sessions",
"type": "integer"
},
"established_sessions": {
"description": "Number of established sessions.",
"readonly": true,
"title": "Established sessions",
"type": "integer"
},
"failed_sessions": {
"description": "Number of failed sessions.",
"readonly": true,
"title": "Failed sessions",
"type": "integer"
},
"total_sessions": {
"description": "Total sessions configured.",
"readonly": true,
"title": "Total sessions",
"type": "integer"
}
},
"title": "IPSec VPN session status summary",
"type": "object"
}
IPv4Address (type)
{
"format": "ipv4",
"id": "IPv4Address",
"module_id": "Common",
"title": "IPv4 address",
"type": "string"
}
IPv4AddressProperties (type)
{
"additionalProperties": false,
"id": "IPv4AddressProperties",
"properties": {
"ip_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface IPv4 address",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface netmask",
"type": "string"
}
},
"title": "IPv4 address properties",
"type": "object"
}
IPv4CIDRBlock (type)
{
"format": "ipv4-cidr-block",
"id": "IPv4CIDRBlock",
"module_id": "Common",
"title": "IPv4 CIDR Block",
"type": "string"
}
IPv4DhcpServer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP server to support IPv4 DHCP service. Properties defined at DHCP server level can be overridden by ip-pool or static-binding level properties.",
"id": "IPv4DhcpServer",
"module_id": "Dhcp",
"properties": {
"dhcp_server_ip": {
"$ref": "IPv4CIDRBlock,
"description": "DHCP server ip in CIDR format.",
"required": true,
"title": "DHCP server ip in CIDR format"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv4Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_name": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"format": "hostname",
"required": false,
"title": "Domain name",
"type": "string"
},
"gateway_ip": {
"$ref": "IPv4Address,
"description": "Gateway ip to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"required": false,
"title": "Gateway ip"
},
"monitor_ippool_usage": {
"default": false,
"description": "Enable or disable monitoring of DHCP ip-pools usage. When enabled, system events are generated when pool usage exceeds the configured thresholds. System events can be viewed in REST API /api/v2/hpm/alarms",
"required": false,
"title": "Enable/disable monitoring DHCP ip-pool usage",
"type": "boolean"
},
"options": {
"$ref": "DhcpOptions,
"description": "Defines the default options for all ip-pools and static-bindings of this server. These options will be ignored if options are defined for ip-pools or static-bindings.",
"required": false,
"title": "DHCP options"
}
},
"title": "DHCP server to support IPv4 DHCP service",
"type": "object"
}
IPv4DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv4 related discovery options.",
"id": "IPv4DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_snooping_config": {
"$ref": "ArpSnoopingConfig,
"description": "Indicates ARP snooping options",
"required": false,
"title": "ARP snooping configuration"
},
"dhcp_snooping_enabled": {
"default": true,
"description": "Indicates whether DHCP snooping is enabled",
"required": false,
"title": "Is DHCP snooping enabled or not",
"type": "boolean"
},
"vmtools_enabled": {
"default": true,
"description": "Indicates whether fetching IP using vm-tools is enabled. This option is only supported on ESX where vm-tools is installed.",
"required": false,
"title": "Is VM tools enabled or not",
"type": "boolean"
}
},
"title": "IPv4 discovery options",
"type": "object"
}
IPv6Address (type)
{
"format": "ipv6",
"id": "IPv6Address",
"module_id": "Common",
"title": "IPv6 address",
"type": "string"
}
IPv6AddressProperties (type)
{
"additionalProperties": false,
"id": "IPv6AddressProperties",
"properties": {
"ip6_address": {
"pattern": "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Interface IPv6 address",
"type": "string"
},
"ip6_gateway": {
"pattern": "^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "IPv6 Gateway",
"type": "string"
},
"prefixlen": {
"title": "Prefix length",
"type": "integer"
}
},
"title": "IPv6 address properties",
"type": "object"
}
IPv6CIDRBlock (type)
{
"format": "ipv6-cidr-block",
"id": "IPv6CIDRBlock",
"module_id": "Common",
"title": "IPv6 CIDR Block",
"type": "string"
}
IPv6DADStatus (type)
{
"additionalProperties": false,
"id": "IPv6DADStatus",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_address": {
"$ref": "IPAddress,
"description": "IP address on the port for which DAD status is reported.",
"readonly": true,
"required": false,
"title": "IP address"
},
"status": {
"$ref": "DADStatus,
"description": "DAD status for IP address on the port.",
"readonly": true,
"required": false,
"title": "DAD Status"
},
"transport_node": {
"description": "Array of transport node id on which DAD status is reported for given IP address.",
"items": {
"$ref": "ResourceReference
},
"readonly": true,
"required": false,
"title": "Transport node",
"type": "array"
}
},
"title": "IPv6 DAD status",
"type": "object"
}
IPv6DhcpServer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP server to support IPv6 DHCP service. Properties defined at DHCP server level can be overridden by ip-pool or static-binding level properties.",
"id": "IPv6DhcpServer",
"module_id": "Dhcp",
"properties": {
"dhcp_server_ip": {
"$ref": "IPv6CIDRBlock,
"description": "DHCP server ip in CIDR format.",
"required": false,
"title": "DHCP server ip in CIDR format"
},
"dns_nameservers": {
"description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS ips",
"type": "array"
},
"domain_names": {
"description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"server_id": {
"description": "DHCP server id.",
"readonly": true,
"required": false,
"title": "DHCP server id",
"type": "string"
},
"sntp_servers": {
"description": "SNTP server ips.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
}
},
"title": "DHCP server to support IPv6 DHCP service",
"type": "object"
}
IPv6DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv6 related discovery options.",
"id": "IPv6DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"dhcp_snooping_v6_enabled": {
"default": false,
"description": "Enable this method will snoop the DHCPv6 message transaction which a VM makes with a DHCPv6 server. From the transaction, we learn the IPv6 addresses assigned by the DHCPv6 server to this VM along with its lease time.",
"required": false,
"title": "Is DHCP snoping v6 enabled or not",
"type": "boolean"
},
"nd_snooping_config": {
"$ref": "NdSnoopingConfig,
"description": "Indicates ND snooping options",
"required": false,
"title": "ND snooping configuration"
},
"vmtools_v6_enabled": {
"default": false,
"description": "Enable this method will learn the IPv6 addresses which are configured on interfaces of a VM with the help of the VMTools software.",
"required": false,
"type": "boolean"
}
},
"title": "IPv6 discovery options",
"type": "object"
}
IPv6EndPoint (type)
{
"description": "IPv6 virtual tunnel end point",
"id": "IPv6EndPoint",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"properties": {
"default_gateway": {
"$ref": "IPAddress,
"readonly": true,
"title": "Default gateway for IPv6"
},
"ipv6": {
"$ref": "IPAddress,
"description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.",
"readonly": true,
"title": "IPv6 Address of this virtual tunnel endpoint"
},
"prefix_length": {
"readonly": true,
"title": "Prefix length for IPv6",
"type": "string"
}
},
"title": "IPv6 end point",
"type": "object"
}
IPv6Profiles (type)
{
"additionalProperties": false,
"id": "IPv6Profiles",
"module_id": "LogicalRouter",
"properties": {
"dad_profile_id": {
"description": "Identifier of Duplicate Address Detection profile. DAD profile has various configurations related to duplicate address detection. If no profile is associated manually to the router, then the system defined default DAD profile will be automatically applied.",
"required": false,
"title": "DAD profile identifier",
"type": "string"
},
"ndra_profile_id": {
"description": "Identifier of Neighbor Discovery Router Advertisement profile. NDRA profile has various configurations required for router advertisement. If no profile is associated manually to the router, then the system defined default NDRA profile will be automatically applied.",
"required": false,
"title": "NDRA profile identifier",
"type": "string"
}
},
"type": "object"
}
IPv6Status (type)
{
"additionalProperties": false,
"id": "IPv6Status",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connected_segment_path": {
"description": "Path of the segment attached to the interface.",
"readonly": true,
"required": false,
"title": "Connected segment path",
"type": "string"
},
"dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the interface.",
"items": {
"$ref": "IPv6DADStatus
},
"readonly": true,
"title": "IPv6 DAD status",
"type": "array"
},
"interface_id": {
"description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.",
"title": "Policy path or realization ID of interface",
"type": "string"
},
"tier0_gateway": {
"description": "Tier-0 Gateway this router Link belongs to.",
"title": "Tier-0 Gateway",
"type": "string"
},
"tier1_gateway": {
"description": "Tier-1 Gateway this router Link belongs to.",
"title": "Tier-1 Gateway",
"type": "string"
}
},
"title": "IPv6 status",
"type": "object"
}
IcmpEchoRequestHeader (type)
{
"additionalProperties": false,
"id": "IcmpEchoRequestHeader",
"module_id": "Traceflow",
"properties": {
"id": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP id",
"type": "integer"
},
"sequence": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP sequence number",
"type": "integer"
}
},
"type": "object"
}
Icon (type)
{
"additionalProperties": false,
"description": "Icon to be applied at dashboard for widgets and UI elements.",
"id": "Icon",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"color": {
"description": "Icon color applied to icon in hex format.",
"title": "Icon color applied to icon in hex format",
"type": "string"
},
"placement": {
"default": "PRE",
"description": "If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element.",
"enum": [
"PRE",
"POST"
],
"title": "Position at which to display icon, if any",
"type": "string"
},
"size": {
"description": "Icon size in unit applied to icon.A unit can be specified by the 'size_unit' property.",
"minimum": 1,
"title": "Icon size in unit",
"type": "number"
},
"size_unit": {
"description": "Icon size unit applied to icon along with size. if 'size' property value is provided and no value is provided for this property then default value for this proerty is set to 'px'.",
"enum": [
"px",
"rem",
"pc"
],
"title": "Icon size unit in rem/px/pc",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the icon.",
"items": {
"$ref": "Tooltip
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"description": "Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered. or else custom svg icon name can be given.",
"title": "Type of icon",
"type": "string"
}
},
"title": "Icon",
"type": "object"
}
IdentityFirewallAdStore (type)
{
"extends": {
"$ref": "IdentityFirewallStore
},
"id": "IdentityFirewallAdStore",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"type-identifier": "IdentityFirewallAdStore"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"base_distinguished_name": {
"description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "IdentityFirewallStore base distinguished name",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "IdentityFirewallStore Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreEventLogServer
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of IdentityFirewallStore",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "IdentityFirewallStore LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreLdapServer
},
"maxItems": 50,
"required": true,
"title": "LDAP server of IdentityFirewallStore",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"name": {
"description": "IdentityFirewallStore name which best describes the Directory domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "IdentityFirewallStore name",
"type": "string"
},
"netbios_name": {
"description": "NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.",
"required": true,
"title": "IdentityFirewallStore NETBIOS name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, IdentityFirewallAdStore is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"IdentityFirewallAdStore"
],
"required": true,
"title": "IdentityFirewallStore resource type",
"type": "string"
},
"selective_sync_settings": {
"$ref": "SelectiveSyncSettings,
"description": "SelectiveSync settings toggle the SelectiveSync feature and selected OrgUnits. If this is not specified, SelectiveSync is disabled by default.",
"required": false,
"title": "SelectiveSync settings"
},
"sync_settings": {
"$ref": "DirectoryDomainSyncSettings,
"description": "Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.",
"required": false,
"title": "IdentityFirewallStore sync settings"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Active IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStore (type)
{
"abstract": true,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdentityFirewallStore",
"module_id": "PolicyIdentity",
"policy_hierarchical_children": [
"ChildIdentityFirewallStoreEventLogServer",
"ChildIdentityFirewallStoreLdapServer"
],
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"event_log_servers": {
"description": "IdentityFirewallStore Event Log server's information including host, name, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreEventLogServer
},
"maxItems": 50,
"readonly": true,
"required": false,
"title": "Event Log server of IdentityFirewallStore",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "IdentityFirewallStore LDAP servers' information including host, name, port, protocol and so on.",
"items": {
"$ref": "IdentityFirewallStoreLdapServer
},
"maxItems": 50,
"required": true,
"title": "LDAP server of IdentityFirewallStore",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"name": {
"description": "IdentityFirewallStore name which best describes the Directory domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.",
"required": true,
"title": "IdentityFirewallStore name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Domain resource type comes from multiple sub-classes extending this base class. For example, IdentityFirewallAdStore is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.",
"enum": [
"IdentityFirewallAdStore"
],
"required": true,
"title": "IdentityFirewallStore resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreEventLogServer (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdentityFirewallStoreEventLogServer",
"module_id": "PolicyIdentity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "IdentityFirewallStore name which best describes the IdentityFirewallStore. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for IdentityFirewallStore name among different IdentityFirewallStores.",
"required": false,
"title": "IdentityFirewallStore name",
"type": "string"
},
"host": {
"description": "Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching.",
"format": "hostname-or-ip",
"required": true,
"title": "Event log server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "IdentityFirewallStore event log server connection password.",
"required": false,
"sensitive": true,
"title": "Event log server password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "DirectoryEventLogServerStatus,
"description": "Event log server connection status object",
"required": false,
"title": "Event log server connection status"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"username": {
"description": "Directory event log server connection user name.",
"required": false,
"title": "Event log server username",
"type": "string"
}
},
"title": "Event log server of IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreLdapServer (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdentityFirewallStoreLdapServer",
"module_id": "PolicyIdentity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "IdentityFirewallStore name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for IdentityFirewallStore name among different IdentityFirewallStores.",
"required": false,
"title": "IdentityFirewallStore name",
"type": "string"
},
"host": {
"description": "IdentityFirewallStore LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.",
"format": "hostname-or-ip",
"required": true,
"title": "LDAP server host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "IdentityFirewallStore LDAP server connection password.",
"required": false,
"sensitive": true,
"title": "LDAP server password",
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port": {
"default": 389,
"description": "IdentityFirewallStore LDAP server connection TCP/UDP port.",
"max": 65535,
"min": 1,
"required": false,
"title": "LDAP server TCP/UDP port",
"type": "integer"
},
"protocol": {
"default": "LDAP",
"description": "IdentityFirewallStore LDAP server connection protocol which is either LDAP or LDAPS.",
"enum": [
"LDAP",
"LDAPS"
],
"required": false,
"title": "LDAP server protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "IdentityFirewallStore LDAP server certificate thumbprint used in secure LDAPS connection.",
"required": false,
"title": "LDAP server certificate thumbprint using SHA-256 algorithm",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"username": {
"description": "IdentityFirewallStore LDAP server connection user name.",
"required": false,
"title": "LDAP server username",
"type": "string"
}
},
"title": "LDAP server of directory domain",
"type": "object"
}
IdentityFirewallStoreLdapServerListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdentityFirewallStoreLdapServerListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStoreLdapServer
},
"maxItems": 50,
"required": true,
"title": "List of directory domain LDAP servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of FirewallIdentityStore LDAP servers",
"type": "object"
}
IdentityFirewallStoreListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdentityFirewallStoreListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStore
},
"maxItems": 500,
"required": true,
"title": "List of IdentityFirewallStores",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IdentityFirewallStore",
"type": "object"
}
IdentityFirewallStoreUserOrGroup (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "IdentityFirewallStoreUserOrGroup",
"module_id": "PolicyIdentity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"distinguished_name": {
"required": true,
"title": "IdentityFirewallStore user or group distinguished name",
"type": "string"
},
"domain_id": {
"required": true,
"title": "Domain id",
"type": "string"
},
"domain_name": {
"required": true,
"title": "IdentityFirewallStore domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"required": true,
"title": "IdentityFirewallStore user or group resource type for this domain",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IdentityFirewallStore User or Group",
"type": "object"
}
IdentityFirewallStoreUserOrGrouptListResults (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdentityFirewallStoreUserOrGrouptListResults",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdentityFirewallStoreUserOrGroup
},
"required": true,
"title": "IdentityFirewallStoreUserOrGroup list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IdentityGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing Identity Group external ID and enforcement point path",
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "IdentityGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"identity_group_external_id": {
"required": true,
"title": "Identity Group external ID",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing Identity Group external ID and enforcement point path",
"type": "object"
}
IdentityGroupExpression (type)
{
"additionalProperties": false,
"description": "Represents a list of identity group (Ad group SID) expressions.",
"extends": {
"$ref": "Expression
},
"id": "IdentityGroupExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IdentityGroupExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"identity_groups": {
"description": "This array consists of set of identity group object. All members within this array are implicitly OR'ed together.",
"items": {
"$ref": "IdentityGroupInfo
},
"maxItems": 500,
"minItems": 1,
"required": true,
"title": "Array of identity group",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IdentityGroup expression node",
"type": "object"
}
IdentityGroupInfo (type)
{
"id": "IdentityGroupInfo",
"module_id": "PolicyIdentity",
"properties": {
"distinguished_name": {
"description": "Each LDAP object is uniquely identified by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com. A valid fully qualified distinguished name should be provided to include specific groups else the create / update realization of the Group containing an invalid/ partial DN will fail. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.",
"required": true,
"title": "LDAP distinguished name",
"type": "string"
},
"domain_base_distinguished_name": {
"description": "This is the base distinguished name for the domain where this particular group resides. (e.g. dc=example,dc=com) Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Identity (Directory) domain base distinguished name",
"type": "string"
},
"sid": {
"description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components: The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. This field is only populated for Microsoft Active Directory identity store.",
"required": false,
"title": "Identity (Directory) Group SID (security identifier)",
"type": "string"
}
},
"title": "Identity (Directory) group",
"type": "object"
}
IdentitySourceLdapServer (type)
{
"description": "Information about a single LDAP server.",
"id": "IdentitySourceLdapServer",
"module_id": "LdapIdentitySources",
"properties": {
"bind_identity": {
"description": "A username used to authenticate to the directory when admnistering roles in NSX. This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. [email protected]) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).",
"title": "Username or DN for LDAP authentication",
"type": "string"
},
"certificates": {
"description": "If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.",
"items": {
"type": "string"
},
"title": "TLS certificate(s) for LDAP server(s)",
"type": "array"
},
"enabled": {
"default": true,
"description": "Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users.",
"title": "If true, this LDAP server is enabled",
"type": "boolean"
},
"password": {
"description": "A password used when authenticating to the directory.",
"sensitive": true,
"title": "Username for LDAP authentication",
"type": "secure_string"
},
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Enable/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server",
"type": "object"
}
IdentitySourceLdapServerEndpoint (type)
{
"description": "Information about a single LDAP server endpoint.",
"id": "IdentitySourceLdapServerEndpoint",
"module_id": "LdapIdentitySources",
"properties": {
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Enable/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server endpoint",
"type": "object"
}
IdentitySourceLdapServerProbeResult (type)
{
"description": "The results of probing an individual LDAP server.",
"id": "IdentitySourceLdapServerProbeResult",
"module_id": "LdapIdentitySources",
"properties": {
"errors": {
"description": "Detail about errors encountered during the probe.",
"items": {
"$ref": "LdapProbeError
},
"title": "Error details",
"type": "array"
},
"result": {
"description": "Overall result of the probe. If the probe was able to connect to the LDAP service, authenticate using the provided credentials, and perform searches of the configured user and group search bases without error, the result is SUCCESS. Otherwise, the result is FAILURE, and additional details may be found in the errors property.",
"enum": [
"SUCCESS",
"FAILURE"
],
"title": "Overall result",
"type": "string"
},
"url": {
"description": "THe URL of the probed LDAP host.",
"title": "LDAP Server URL",
"type": "string"
}
},
"title": "Results from one LDAP server probe",
"type": "object"
}
IdfwComputeCollectionCondition (type)
{
"description": "Status of the Identity Firewall enabled Compute collection.",
"id": "IdfwComputeCollectionCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DFW_DISABLED",
"IDFW_ENABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "IDFW enabled Compute collection status.",
"type": "string"
},
"status_detail": {
"description": "Status of the Compute collection.",
"required": false,
"title": "Compute collection status.",
"type": "string"
}
},
"title": "IDFW Compute collection status.",
"type": "object"
}
IdfwComputeCollectionListResult (type)
{
"description": "List of compute collection ids and status connected to VC.",
"extends": {
"$ref": "ListResult
},
"id": "IdfwComputeCollectionListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of IDFW compute collection Ids and status connected to VC.",
"items": {
"$ref": "IdfwComputeCollectionStatus
},
"required": true,
"title": "List of IDFW ComputeCollection.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IDFW enabled compute collections connected to VC",
"type": "object"
}
IdfwComputeCollectionStatus (type)
{
"description": "compute collection ID and status connected to VC.",
"id": "IdfwComputeCollectionStatus",
"module_id": "IdentityFirewall",
"properties": {
"compute_collection_id": {
"description": "IDFW compute collection ID connected to VC.",
"required": true,
"title": "IDFW compute collection ID.",
"type": "string"
},
"compute_collection_status": {
"description": "IDFW enabled compute collection status.",
"items": {
"$ref": "IdfwComputeCollectionCondition
},
"title": "Compute collection status.",
"type": "array"
}
},
"title": "IDFW compute collection ID and status.",
"type": "object"
}
IdfwDirGroupUserSessionMapping (type)
{
"additionalProperties": false,
"description": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data.",
"id": "IdfwDirGroupUserSessionMapping",
"module_id": "IdentityFirewall",
"properties": {
"dir_group_id": {
"description": "Directory Group ID.",
"readonly": true,
"required": true,
"title": "Directory Group ID",
"type": "string"
},
"user_id": {
"description": "User ID.",
"readonly": true,
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data",
"type": "object"
}
IdfwEnabledComputeCollection (type)
{
"additionalProperties": false,
"description": "Compute collection enabled for Identity Firewall where login events will be collected.",
"extends": {
"$ref": "ManagedResource
},
"id": "IdfwEnabledComputeCollection",
"module_id": "IdentityFirewall",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_collection_id": {
"description": "Compute collection ID.",
"required": true,
"title": "Compute collection ID",
"type": "string"
},
"compute_collection_name": {
"description": "Compute collection name.",
"title": "Compute collection name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Compute collection enabled status (true=Enabled / false=Disabled).",
"required": true,
"title": "Enabled/disabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Identity Firewall enabled compute collection",
"type": "object"
}
IdfwEnabledComputeCollectionListResult (type)
{
"additionalProperties": false,
"description": "List of compute collections enabled for IDFW where login events will be collected.",
"extends": {
"$ref": "ListResult
},
"id": "IdfwEnabledComputeCollectionListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of IDFW Enabled Compute Collections.",
"items": {
"$ref": "IdfwEnabledComputeCollection
},
"required": true,
"title": "List of IDFW Enabled Compute Collections",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Identity Firewall enabled compute collection list",
"type": "object"
}
IdfwMasterSwitchSetting (type)
{
"description": "Identity Firewall master switch setting. This setting enables or disables Identity Firewall feature across the system. It affects compute collections, hypervisor and virtual machines. This operation is expensive and also has big impact and implication on system perforamce.",
"id": "IdfwMasterSwitchSetting",
"module_id": "IdentityFirewall",
"properties": {
"idfw_master_switch_enabled": {
"description": "IDFW master switch (true=Enabled / false=Disabled).",
"required": true,
"title": "IDFW master switch",
"type": "boolean"
}
},
"title": "Identity Firewall master switch setting",
"type": "object"
}
IdfwNsgroupVmDetailListResult (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single NSGroup.",
"extends": {
"$ref": "ListResult
},
"id": "IdfwNsgroupVmDetailListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"ns_group_id": {
"readonly": true,
"required": true,
"title": "NSGroup ID",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdfwVmDetail
},
"required": true,
"title": "List of user login/session data for a single VM",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single NSGroup",
"type": "object"
}
IdfwStandaloneHostsSwitchSetting (type)
{
"description": "Identity Firewall standalone hosts switch setting. This setting enables or disables Identity Firewall feature on all standalone hosts.",
"id": "IdfwStandaloneHostsSwitchSetting",
"module_id": "IdentityFirewall",
"properties": {
"standalone_hosts_enabled": {
"description": "IDFW standalone hosts switch (true=Enabled / false=Disabled).",
"required": true,
"title": "IDFW standalone hosts switch",
"type": "boolean"
}
},
"title": "Identity Firewall standalone hosts switch setting",
"type": "object"
}
IdfwSystemStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall statistics data.",
"id": "IdfwSystemStats",
"module_id": "IdentityFirewall",
"properties": {
"num_concurrent_users": {
"description": "Number of concurrent logged on users (across VDI & RDSH). Multiple logins by the same user is counted as 1.",
"required": true,
"title": "Number of concurrent logged on users (across VDI & RDSH)",
"type": "int"
},
"num_user_sessions": {
"description": "Number of active user sessions/logins in IDFW enabled compute collections (including both UP and DOWN hosts). N sessions/logins by the same user is counted as n.",
"required": true,
"title": "Number of active user sessions/logins",
"type": "int"
}
},
"title": "Identity Firewall statistics data",
"type": "object"
}
IdfwTransportNodeCondition (type)
{
"description": "Status of the Identity Firewall Compute Collection's transport node.",
"id": "IdfwTransportNodeCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"description": "Transport node status for IDFW compute collection.",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"NOT_PREPARED",
"IDFW_COMPONENT_NOT_INSTALLED",
"DFW_DISABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "IDFW TransportNode status.",
"type": "string"
},
"status_detail": {
"description": "IDFW Compute collection's transport node condition.",
"required": false,
"title": "IDFW transport node condition.",
"type": "string"
}
},
"title": "IDFW transport node status.",
"type": "object"
}
IdfwTransportNodeStatus (type)
{
"description": "ID and status of the Identity Firewall enabled Compute collection's transport node.",
"id": "IdfwTransportNodeStatus",
"module_id": "IdentityFirewall",
"properties": {
"transport_node_id": {
"description": "TransportNode ID of the Identity Firewall enabled Compute collection's transport node.",
"required": true,
"title": "IDFW TransportNode ID.",
"type": "string"
},
"transport_node_status": {
"description": "Status of the IDFW transport node.",
"items": {
"$ref": "IdfwTransportNodeCondition
},
"required": true,
"title": "IDFW TransportNode status.",
"type": "array"
}
},
"title": "IDFW transport node ID and status.",
"type": "object"
}
IdfwTransportNodeStatusListResult (type)
{
"description": "Status of the Identity Firewall enabled Compute collection transport nodes.",
"extends": {
"$ref": "ListResult
},
"id": "IdfwTransportNodeStatusListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of transport node ids and status for idfw enabled Compute collection.",
"items": {
"$ref": "IdfwTransportNodeStatus
},
"required": true,
"title": "IDFW enabled Compute collection transport node list.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDFW enabled Compute collection transport node and status list.",
"type": "object"
}
IdfwUserSessionData (type)
{
"additionalProperties": false,
"description": "Identity Firewall user session data on a client machine (typically a VM). Multiple entries for the same user can be returned if the user logins to multiple sessions on the same VM.",
"id": "IdfwUserSessionData",
"module_id": "IdentityFirewall",
"properties": {
"domain_name": {
"description": "AD Domain of user.",
"required": true,
"title": "AD Domain",
"type": "string"
},
"id": {
"description": "Identifier of user session data.",
"readonly": true,
"required": false,
"title": "User session data Identifier",
"type": "string"
},
"login_time": {
"$ref": "EpochMsTimestamp,
"description": "Login time.",
"required": true,
"title": "Login time"
},
"logout_time": {
"$ref": "EpochMsTimestamp,
"description": "Logout time if applicable. An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user.",
"required": false,
"title": "Logout time if applicable"
},
"session_source": {
"description": "User session source can be one of: - GI (Guest Introspection) - ELS (AD Event log server) - LI (Log Insight)",
"enum": [
"GI",
"ELS",
"LI"
],
"readonly": true,
"title": "Source for the user session",
"type": "string"
},
"user_id": {
"description": "AD user ID (may not exist).",
"readonly": true,
"required": false,
"title": "AD user ID (may not exist)",
"type": "string"
},
"user_name": {
"description": "AD user name.",
"required": true,
"title": "AD user name",
"type": "string"
},
"user_session_id": {
"description": "User session ID. This also indicates whether this is VDI / RDSH.",
"required": true,
"title": "User session ID",
"type": "integer"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout events occurred.",
"readonly": true,
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
}
},
"title": "Identity Firewall user session data on client machine",
"type": "object"
}
IdfwUserSessionDataAndMappings (type)
{
"additionalProperties": false,
"description": "Identity Firewall user session data list and Directory Group to user mappings.",
"id": "IdfwUserSessionDataAndMappings",
"module_id": "IdentityFirewall",
"properties": {
"active_user_sessions": {
"items": {
"$ref": "IdfwUserSessionData
},
"required": true,
"title": "Active user session data list",
"type": "array"
},
"archived_user_sessions": {
"items": {
"$ref": "IdfwUserSessionData
},
"required": true,
"title": "Archived user session data list",
"type": "array"
},
"dir_group_to_user_session_data_mappings": {
"items": {
"$ref": "IdfwDirGroupUserSessionMapping
},
"required": true,
"title": "Directory Group to user session data mappings",
"type": "array"
}
},
"title": "Identity Firewall user session data list and Directory Group to user mappings",
"type": "object"
}
IdfwUserStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single user.",
"id": "IdfwUserStats",
"module_id": "IdentityFirewall",
"properties": {
"active_sessions": {
"items": {
"$ref": "IdfwUserSessionData
},
"required": true,
"title": "List of active (still logged in) user login/sessions data (no limit)",
"type": "array"
},
"archived_sessions": {
"description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.",
"items": {
"$ref": "IdfwUserSessionData
},
"required": false,
"title": "List of archived (previously logged in) user login/session data",
"type": "array"
},
"user_id": {
"readonly": true,
"required": true,
"title": "AD user Identifier (String ID)",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single user",
"type": "object"
}
IdfwVirtualMachineCondition (type)
{
"description": "Status of the Identity Firewall compute collection's VM.",
"id": "IdfwVirtualMachineCondition",
"module_id": "IdentityFirewall",
"properties": {
"status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"VM_TOOLS_NOT_INSTALLED",
"IDFW_NOT_SUPPORTED",
"DFW_DISABLED",
"IDFW_DISABLED"
],
"required": true,
"title": "VM IDFW Status.",
"type": "string"
},
"status_detail": {
"description": "IDFW compute collection's VM condition.",
"required": false,
"title": "IDFW VM condition.",
"type": "string"
}
},
"title": "IDFW VM Status.",
"type": "object"
}
IdfwVirtualMachineStatus (type)
{
"description": "ID and status of the VM on Identity Firewall compute collection.",
"id": "IdfwVirtualMachineStatus",
"module_id": "IdentityFirewall",
"properties": {
"vm_id": {
"description": "VM ID of the VM on Identity Firewall compute collection.",
"required": true,
"title": "IDFW Virtual Machine ID.",
"type": "string"
},
"vm_status": {
"description": "Status of the Identity Firewall compute collection's Virtual Machine.",
"items": {
"$ref": "IdfwVirtualMachineCondition
},
"required": true,
"title": "IDFW VM status.",
"type": "array"
}
},
"title": "IDFW VM ID and status.",
"type": "object"
}
IdfwVirtualMachineStatusListResult (type)
{
"description": "VM ID and status of the Identity Firewall Compute collection.",
"extends": {
"$ref": "ListResult
},
"id": "IdfwVirtualMachineStatusListResult",
"module_id": "IdentityFirewall",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of VM's on Identity Firewall Compute collection.",
"items": {
"$ref": "IdfwVirtualMachineStatus
},
"required": true,
"title": "IDFW Virtual machine list.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDFW VM ID and status.",
"type": "object"
}
IdfwVmDetail (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single VM",
"id": "IdfwVmDetail",
"module_id": "IdentityFirewall",
"properties": {
"last_login_user_session": {
"$ref": "ResourceReference,
"description": "Record of the last logged in user session (if exists).",
"required": false,
"title": "Last logged in user and time (if exists)"
},
"user_sessions": {
"description": "List of user session data.",
"items": {
"$ref": "IdfwUserSessionData
},
"required": true,
"title": "List of user session data",
"type": "array"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.",
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
},
"vm_ip_addresses": {
"description": "List of client machine IP addresses.",
"items": {
"type": "string"
},
"required": false,
"title": "Client VM IP addresses",
"type": "array"
}
},
"title": "Identity Firewall user login/session data for a single VM",
"type": "object"
}
IdfwVmStats (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single VM.",
"id": "IdfwVmStats",
"module_id": "IdentityFirewall",
"properties": {
"active_sessions": {
"items": {
"$ref": "IdfwUserSessionData
},
"required": true,
"title": "List of active (still logged in) user login/sessions data (no limit)",
"type": "array"
},
"archived_sessions": {
"description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.",
"items": {
"$ref": "IdfwUserSessionData
},
"required": false,
"title": "Optional list of archived (previously logged in) user login/session data (maximum 5)",
"type": "array"
},
"vm_ext_id": {
"description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.",
"required": true,
"title": "Virtual machine external ID or BIOS UUID",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single VM",
"type": "object"
}
IdsClusterConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to activate/deactivate IDS on cluster level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsClusterConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster": {
"$ref": "PolicyResourceReference,
"description": "Contains policy resource reference object",
"readonly": false,
"required": true,
"title": "PolicyResourceReference"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on the respective cluster",
"readonly": false,
"required": true,
"title": "Ids enabled flag",
"type": "boolean"
},
"is_stale": {
"description": "If set to true, this cluster has been deleted from NSX.",
"readonly": true,
"title": "Cluster stale flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System cluster configuration",
"type": "object"
}
IdsClusterConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsClusterConfigListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS cluster config request parameters",
"type": "object"
}
IdsClusterConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsClusterConfigListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsClusterConfig
},
"required": true,
"title": "Cluster wise IDS configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS cluster configuration",
"type": "object"
}
IdsCustomSignature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "IdsSignature
},
"id": "IdsCustomSignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Signature action.",
"required": false,
"title": "Represents the signature's action",
"type": "string"
},
"attack_target": {
"description": "Target of the signature.",
"required": false,
"title": "Signature attack target",
"type": "string"
},
"categories": {
"description": "Represents the internal categories a signature belongs to.",
"items": {
"$ref": "IdsSignatureInternalCategory
},
"required": false,
"title": "IDS Signature Internal category",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"class_type": {
"description": "Class type of Signature.",
"required": false,
"title": "Signature class type",
"type": "string"
},
"confidence": {
"description": "Signature's confidence score.",
"title": "Confidence",
"type": "string"
},
"cves": {
"description": "CVE score",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the cve score.",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0",
"enum": [
"NONE",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"required": false,
"title": "CVSS of signature",
"type": "string"
},
"cvss_score": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature cvssv2 score.",
"required": false,
"title": "Signature cvssv2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature cvssv3 score.",
"required": false,
"title": "Signature cvssv3 score",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"description": "Flag which tells whether the signature is enabled or not.",
"required": false,
"title": "Activate/Deactivate flag",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"required": false,
"title": "Flow established.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact": {
"description": "Impact of Signature.",
"title": "Impact",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mitre_attack": {
"description": "Mitre Attack details of Signature.",
"items": {
"$ref": "MitreAttack
},
"title": "MitreAttack",
"type": "array"
},
"name": {
"description": "Signature name.",
"required": false,
"title": "Represents the signature name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"original_signature": {
"description": "Represents the original signature provided by the user.",
"readonly": true,
"required": false,
"title": "Original Signature",
"type": "string"
},
"original_signature_id": {
"description": "Represents the original signature Id provided by the user.",
"readonly": true,
"required": false,
"title": "Original Signature Id",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"product_affected": {
"description": "Product affected by this signature.",
"required": false,
"title": "Signature product affected",
"type": "string"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"risk_score": {
"description": "Risk score of signature.",
"title": "Risk Score",
"type": "string"
},
"severity": {
"description": "Represents the severity of the Signature.",
"required": false,
"title": "Signature severity",
"type": "string"
},
"signature": {
"description": "Decoded Signature.",
"title": "Signature",
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"signature_revision": {
"description": "Represents revision of the Signature.",
"required": false,
"title": "Signature revision",
"type": "string"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold,
"description": "Default threshold values for IDS signature.",
"nsx_feature": "IdsThreshold",
"title": "IDS signature threshold values"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature",
"items": {
"type": "string"
},
"required": false,
"title": "List of mitre attack URLs pertaining to signature.",
"type": "array"
},
"validation_errors": {
"description": "Validation errors of Signature.",
"items": {
"$ref": "IdsValidationError
},
"readonly": true,
"required": false,
"title": "IdsValidationError",
"type": "array"
},
"validation_message": {
"description": "Represents the warning/error message for the custom signature if any.",
"readonly": true,
"required": false,
"title": "Warning/Error message",
"type": "string"
},
"validation_notes": {
"description": "Validation notes for Signature.",
"items": {
"$ref": "ValidationNote
},
"readonly": true,
"required": false,
"title": "ValidationNote",
"type": "array"
},
"validation_status": {
"description": "Validation status of the custom signature.",
"enum": [
"VALID",
"INVALID",
"PENDING",
"WARNING"
],
"readonly": true,
"required": false,
"title": "Validation status",
"type": "string"
}
},
"title": "IDS custom signature",
"type": "object"
}
IdsCustomSignatureActionParameter (type)
{
"additionalProperties": false,
"id": "IdsCustomSignatureActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"action": {
"description": "Different Actions on Custom signatures.",
"enum": [
"CANCEL",
"PUBLISH",
"VALIDATE"
],
"required": true,
"title": "Different Actions on Custom signatures",
"type": "string"
}
},
"title": "IDS custom signature action parameter",
"type": "object"
}
IdsCustomSignatureExportActionParameter (type)
{
"additionalProperties": false,
"id": "IdsCustomSignatureExportActionParameter",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"include": {
"description": "Custom signatures to be exported.",
"enum": [
"VALID",
"INVALID",
"ALL"
],
"required": true,
"title": "Custom signatures to be exported",
"type": "string"
}
},
"title": "Action parameter to export custom signatures",
"type": "object"
}
IdsCustomSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsCustomSignatureListRequestParameters",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include": {
"description": "Custom signatures to be returned.",
"enum": [
"PREVIEW_CUSTOM_SIGNATURES",
"CUSTOM_SIGNATURES"
],
"title": "Custom signatures to be returned",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS custom signature request parameters",
"type": "object"
}
IdsCustomSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsCustomSignatureListResult",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"description": "Time when the custom signature was published.",
"readonly": true,
"title": "IDS Custom Signature publish time"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsCustomSignature
},
"required": true,
"title": "IDS custom signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS custom signatures",
"type": "object"
}
IdsCustomSignatureSettings (type)
{
"additionalProperties": false,
"description": "Represents the IDS Custom Signature settings.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsCustomSignatureSettings",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_custom_signatures": {
"default": false,
"description": "Flag to enable custom signatures globally.",
"required": false,
"title": "Custom signatures global enablement flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS Custom Signature settings\n",
"type": "object"
}
IdsCustomSignatureVersion (type)
{
"additionalProperties": false,
"extends": {
"$ref": "IdsSignatureVersion
},
"id": "IdsCustomSignatureVersion",
"module_id": "PolicyIDSCustomSignature",
"policy_hierarchical_children": [
"ChildIdsCustomSignature",
"ChildIdsCustomSignatureSettings",
"ChildIdsCustomSignaturesDiff"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"change_log": {
"description": "Represents the version's change log.",
"readonly": true,
"title": "Change log",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"description": "Time when the custom signature was published.",
"readonly": true,
"title": "IDS Custom Signature publish time"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "Contains the path of sites that has been mapped with the Signature Version.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the Sites mapped with the Signature Version.",
"type": "array"
},
"state": {
"description": "This flag tells which Version is currently active. ACTIVE: It means the signatures under this version is currently been used under IDS Profiles. NOTACTIVE: It means signatures of this version are available but not being used in IDS Profiles.",
"enum": [
"ACTIVE",
"NOTACTIVE"
],
"readonly": true,
"title": "State of the Version",
"type": "string"
},
"status": {
"description": "This flag tells the status of the signatures under a custom signature version. VALIDATION_PENDING: Signatures are not yet validated. PUBLISH_PENDING: Signatures are validated but not yet published. PUBLISHED: Signatures are published.",
"enum": [
"VALIDATION_PENDING",
"PUBLISH_PENDING",
"PUBLISHED",
"IN_PROGRESS"
],
"readonly": true,
"title": "Status of the version",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_time": {
"$ref": "EpochMsTimestamp,
"description": "Time when this version was downloaded and saved.",
"readonly": true,
"title": "IDS Signature Version update time"
},
"user_uploaded": {
"description": "Flag which tells whether the Signature version is uploaded by user or not.",
"readonly": true,
"title": "User Uploaded Signature bundle flag",
"type": "boolean"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "IDS custom signature version",
"type": "object"
}
IdsCustomSignatureVersionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsCustomSignatureVersionListRequestParameters",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS custom signature version request parameters",
"type": "object"
}
IdsCustomSignatureVersionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsCustomSignatureVersionListResult",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsCustomSignatureVersion
},
"required": true,
"title": "IDS custom signature version list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS custom signature versions",
"type": "object"
}
IdsCustomSignaturesDiff (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsCustomSignaturesDiff",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"deleted_signatures": {
"description": "List of deleted custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Deleted signatures",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"existing_signatures": {
"description": "List of existing custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Existing signatures",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"newly_added_signatures": {
"description": "List of newly added custom signature Ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Newly added signatures",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS custom signatures difference",
"type": "object"
}
IdsCustomSignaturesFileUpload (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "IdsCustomSignaturesFileUpload",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"file": {
"description": "The File should be a valid zip file, containing only a signature file with extension .rules for example : signature.rules If the ZIP is created on MAC then please make sure that there will be no extra file/content added in the zip file, like .DS_Store, _MACOSX etc. To zip the signature file on MAC. One can use the below command. zip -r <name-of-zip-file> <signature-file> -x '**/.DS_Store'",
"required": true,
"title": "IDS custom signatures file",
"type": "multipart_file"
},
"version_name": {
"description": "IDS custom signature version name. If not provided custom signature version Id will be used as display name.",
"required": false,
"title": "IDS custom signature version name",
"type": "string"
}
},
"title": "File containing IDS custom signatures that needs to be uploaded",
"type": "object"
}
IdsEventFlowData (type)
{
"additionalProperties": false,
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, protocol, rule id, profile id, and the action.",
"id": "IdsEventFlowData",
"module_id": "IDSMetrics",
"properties": {
"action_type": {
"description": "The action pertaining to the detected intrusion. Possible values are ALERT, DROP, REJECT, and INVALID. ALERT - If there is a signature match on the packet, it is allowed to pass but a notification is sent to the user notifying an intrusion was detected. DROP - On a signature match, the packet is silently dropped. An alert is sent to the user that an intrusion was detected. REJECT - On a signature match, the packet is dropped and TCP RST or ICMP error messages (for non-TCP pkts) are sent to the endpoints. An alert is sent to the user that an intrusion was detected. INVALID - If the action doesn't belong to any of the above mentioned categories, it is marked as INVALID.",
"enum": [
"ALERT",
"DROP",
"REJECT",
"INVALID"
],
"readonly": true,
"required": false,
"title": "IDS Event action",
"type": "string"
},
"bytes_toclient": {
"description": "Bytes sent to client.",
"readonly": true,
"required": false,
"title": "Bytes to client",
"type": "integer"
},
"bytes_toserver": {
"description": "Bytes sent to server.",
"readonly": true,
"required": false,
"title": "Bytes to server",
"type": "integer"
},
"client_ip": {
"description": "IP address of the VM that initiated the communication.",
"readonly": true,
"required": false,
"title": "IP address of the client VM",
"type": "string"
},
"destination_ip": {
"description": "IP address of the destination VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the destination VM",
"type": "string"
},
"destination_port": {
"description": "Port on the destination VM where the traffic was sent to.",
"readonly": true,
"required": false,
"title": "Destination port",
"type": "integer"
},
"local_vm_ip": {
"description": "IP address of VM on the host where IDS engine is running.",
"readonly": true,
"required": false,
"title": "IP address of the local VM",
"type": "string"
},
"profile_id": {
"description": "The IDS profile id that is associated with the IDS rule pertaining to the intrusion event detected.",
"readonly": true,
"required": false,
"title": "IDS profile id",
"type": "string"
},
"protocol": {
"description": "Traffic protocol pertaining to the detected intrusion, could be TCP/UDP etc.",
"readonly": true,
"required": false,
"title": "Traffic protocol pertaining to the intrusion",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"source_ip": {
"description": "IP address of the source VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the source VM",
"type": "string"
},
"source_port": {
"description": "Source port through which traffic was initiated that caused the intrusion to be detected.",
"readonly": true,
"required": false,
"title": "Source port",
"type": "integer"
}
},
"title": "IDS event flow data",
"type": "object"
}
IdsFileUpload (type)
{
"additionalProperties": false,
"id": "IdsFileUpload",
"module_id": "PolicyIDS",
"properties": {
"file": {
"required": true,
"title": "IDS signatures file",
"type": "multipart_file"
}
},
"title": "File of IDS signatures that is uploaded",
"type": "object"
}
IdsGatewayPolicy (type)
{
"description": "Represents the Intrusion Detection System Gateway Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy
},
"id": "IdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"policy_hierarchical_children": [
"ChildIdsRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsGatewayPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "IdsGatewayPolicyListResult",
"module_id": "PolicyIDSGateway",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsGatewayPolicy
},
"required": true,
"title": "IDS Gateway policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS Gateway policies",
"type": "object"
}
IdsGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs
},
"id": "IdsGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "IdsGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_idsevents_to_syslog_enabled": {
"default": false,
"description": "When this flag is set to true, IDS events would be sent to syslog.",
"title": "A flag to indicate if IDS events need to be sent to syslog",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for Distributed Intrusion Services",
"type": "object"
}
IdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Represents IDS event publishing configuration for NSX-I and NDR.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsGlobalEventConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_data_topic_name": {
"default": "ids_data",
"required": false,
"title": "kafka topic into which to publish IDS events.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_ids_events": {
"default": false,
"description": "When this flag is set to true, IDS events will be sent to kafka, for consumption by components such as NSX-I and NDR.",
"required": false,
"title": "A flag to indicate if IDS events need to be sent to kafka",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System global event configuration\n",
"type": "object"
}
IdsPcapConfig (type)
{
"additionalProperties": false,
"description": "Pcap Configuration for IdsProfile.",
"id": "IdsPcapConfig",
"module_id": "PolicyIDS",
"properties": {
"pcap_byte_count": {
"default": 10000,
"description": "Determine how many bytes will be captured.",
"maximum": 65536,
"minimum": 1524,
"required": false,
"title": "IDPS Byte capture count.",
"type": "int"
},
"pcap_enabled": {
"default": false,
"description": "Flag which determines whether packet capturing is enabled or not.",
"required": false,
"title": "A flag to activate/deactivate pcap for IDPS Profile.",
"type": "boolean"
},
"pcap_packet_count": {
"default": 5,
"description": "Determine how many packets will be captured.",
"maximum": 15,
"minimum": 1,
"required": false,
"title": "IDPS Packet capture count.",
"type": "int"
}
},
"title": "IDPS Pcap configuration\n",
"type": "object"
}
IdsPcapExport (type)
{
"description": "Export the pcap file of all the mentioned pcap_ids.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsPcapExport",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_ids": {
"description": "List of all pcap ids for which the pcap file are requested by the user.",
"items": {
"type": "string"
},
"maxItems": 50,
"minItems": 1,
"required": true,
"title": "Pcap Ids.",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_ids": {
"description": "List of all signature ids which are part of the events whose pcap files is requested by the user.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Signature Ids.",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Export IDPS pcap file\n",
"type": "object"
}
IdsPcapFileMetadata (type)
{
"additionalProperties": false,
"description": "Represents pcap file as requested by the User.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsPcapFileMetadata",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"available_until": {
"description": "Time until which the file will be avilable for download.",
"readonly": true,
"title": "Available untill",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exported_on": {
"description": "Time when the file extraction started.",
"readonly": true,
"title": "Extracted Time",
"type": "string"
},
"failure_cause": {
"description": "If creation of zipped pcap file fails then this will tell the failure cause.",
"readonly": true,
"title": "Failure Cause",
"type": "string"
},
"file_name": {
"description": "Name of the Pcap File requested by the user.",
"required": false,
"title": "Pcap File Name.",
"type": "string"
},
"file_size": {
"description": "Tells the size of the zipped pcap file.",
"readonly": true,
"title": "File size",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"node_id": {
"description": "Node wher file extraction is triggered.",
"readonly": true,
"title": "Node Id",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_ids": {
"description": "List of all pcap ids which are requested by the user as part of this File.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Pcap Ids.",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_ids": {
"description": "List of all signature ids which are part of the events whose pcap files is selected by the user as part of this File.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Signature Ids.",
"type": "array"
},
"status": {
"description": "READY means zipped pcap file is succesfully created and ready to download. IN_PROGRESS means creation of zipped pcap file is in progress. FAILED means some error occurred during creation of zipped pcap file. INCOMPLETE means zipped pcap file doea not have all the specified pcaps.",
"enum": [
"READY",
"IN_PROGRESS",
"FAILED",
"INCOMPLETE"
],
"readonly": true,
"title": "IDS zipped pcap file status",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDPS pcap file\n",
"type": "object"
}
IdsPcapFileMetadataListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsPcapFileMetadataListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS Pcap File request parameters",
"type": "object"
}
IdsPcapFileMetadataListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsPcapFileMetadataListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsPcapFileMetadata
},
"required": true,
"title": "IDS Pcap File list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS Pcap File",
"type": "object"
}
IdsPolicy (type)
{
"description": "Represents the Intrusion Detection System Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "Policy
},
"id": "IdsPolicy",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsProfile (type)
{
"additionalProperties": false,
"description": "IDS Profile which contains the signatures and will be used in IDS rules.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsProfile",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"criteria": {
"description": "Represents the filtering criteria for the IDS Profile. 1. A non-empty criteria list, must be of odd size. In a list, with indices starting from 0, all IdsProfileFilterCriteria must be at even indices, separated by the IdsProfileConjunctionOperator AND at odd indices. 2. There may be at most 7 IdsProfileCriteria objects inside a list.",
"items": {
"$ref": "IdsProfileCriteria
},
"maxItems": 7,
"required": false,
"title": "Filtering criteria of IDS Profile",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_custom_signatures": {
"description": "Represents the flag to enable/disable the inclusion of custom signatures in the profile.",
"nsx_feature": "IDSCustomSignatures",
"title": "Include Custom Signatures flag",
"type": "boolean"
},
"include_system_signatures": {
"description": "Represents the flag to enable/disable the inclusion of system signatures in the profile. By default this flag will be true.",
"nsx_feature": "IDSCustomSignatures",
"title": "Include System Signatures flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"overridden_signatures": {
"description": "Represents the signatures that has been overridden for this Profile.",
"items": {
"$ref": "IdsProfileLocalSignature
},
"required": false,
"title": "Represents the signatures that is overridden for the Profile",
"type": "array"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pcap_config": {
"$ref": "IdsPcapConfig,
"description": "Tells about the Pcap configuration for a IDS Profile. Only supported on Local Manager.",
"required": false,
"title": "Represents pcap configuration"
},
"profile_severity": {
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "ProfileSeverity
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severities": {
"deprecated": true,
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "IdsProfileSeverity
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile",
"type": "object"
}
IdsProfileConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operator AND.",
"extends": {
"$ref": "IdsProfileCriteria
},
"id": "IdsProfileConjunctionOperator",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileConjunctionOperator"
},
"properties": {
"operator": {
"enum": [
"AND"
],
"required": true,
"title": "IDS Profile Filter Condition",
"type": "string"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Represents the operator AND",
"type": "object"
}
IdsProfileCriteria (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the filtering criteria objects extend from this abstract class. This is present for extensibility.",
"id": "IdsProfileCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Base class for IDS Profile criteria",
"type": "object"
}
IdsProfileFilterCriteria (type)
{
"additionalProperties": false,
"description": "Represents the filtering criteria of a IDS Profile.",
"extends": {
"$ref": "IdsProfileCriteria
},
"id": "IdsProfileFilterCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileFilterCriteria"
},
"properties": {
"filter_name": {
"description": "Represents the filter for IDS Profile.",
"enum": [
"CVSS",
"ATTACK_TARGET",
"ATTACK_TYPE",
"PRODUCT_AFFECTED"
],
"required": true,
"title": "Represents the filter name",
"type": "string"
},
"filter_value": {
"description": "Represents the value of selected filter name. Note : The supported values for filter name CVSS are NONE, LOW, MEDIUM, HIGH, CRITICAL. NONE means CVSS score as 0.0 LOW means CVSS score as 0.1-3.9 MEDIUM means CVSS score as 4.0-6.9 HIGH means CVSS score as 7.0-8.9 CRITICAL means CVSS score as 9.0-10.0",
"items": {
"type": "string"
},
"required": true,
"title": "Represents the value of selected filter name",
"type": "array"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "IDS Profile filter criteria",
"type": "object"
}
IdsProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsProfileListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS profile request parameters",
"type": "object"
}
IdsProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsProfileListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsProfile
},
"required": true,
"title": "IDS profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS profiles",
"type": "object"
}
IdsProfileLocalSignature (type)
{
"additionalProperties": false,
"description": "IDS Profile local signature.",
"extends": {
"$ref": "GlobalIdsSignature
},
"id": "IdsProfileLocalSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Activate/Deactivate a Signature at Global Level.",
"title": "Flag to Activate/Deactivate a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_custom_signature": {
"description": "It represents whether the overridden signature is custom or system signature.",
"nsx_feature": "IDSCustomSignatures",
"readonly": true,
"title": "Flag to determine custom signature",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS Profile local signature",
"type": "object"
}
IdsProfileSeverity (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Profile severity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsProfileSeverity",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_signatures": {
"description": "Contains the id of signatures that will be ignored as part of the profile. This field is deprecated, please use ignore_signatures field under IdsProfile to ignore the signatures.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the signatures that will be ignored",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severity": {
"description": "Represents the severity of a profile.",
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"SUSPICIOUS"
],
"required": true,
"title": "Severity of profile",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile severity",
"type": "object"
}
IdsProfileSignatures (type)
{
"additionalProperties": false,
"description": "An entity that holds the list of IDS signatures attached to an IDS Profile depending upon the Profile's criteria. These are the Signatures which needs to be detected.",
"id": "IdsProfileSignatures",
"module_id": "PolicyIDS",
"properties": {
"profile_path": {
"description": "Represents the Path of the IDS Profile.",
"title": "IDS Profile path",
"type": "string"
},
"signatures": {
"description": "List of IDS signature ids which need to be detected.",
"items": {
"type": "string"
},
"maxItems": 30000,
"minItems": 1,
"title": "IDS Signatures",
"type": "array"
}
},
"title": "IDS Profile Signatures",
"type": "object"
}
IdsRawSignatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsRawSignatures",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signatures": {
"description": "The list of raw signatures that user wants to add.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "IDS raw signatures",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version_name": {
"description": "IDS custom signature version name. If provided custom signature version displayName will be updated accordingly.",
"required": false,
"title": "IDS custom signature version name",
"type": "string"
}
},
"title": "IDS raw signatures",
"type": "object"
}
IdsRule (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System rule which indicates the action to be performed for the corresponding workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "IdsRule",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied.",
"enum": [
"DETECT",
"DETECT_PREVENT"
],
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_profiles": {
"description": "collections of IDS or Anti-Malware profiles. At Max 1 each Profile will be supported.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 1,
"required": false,
"title": "IDS profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"MalwarePreventionProfile"
]
}
]
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"oversubscription": {
"$ref": "Oversubscription,
"default": "INHERIT_GLOBAL",
"description": "Following are the choices for oversubscription configuration at the rule-level. INHERIT_GLOBAL: Inherit the behavior from the global settings BYPASSED: Oversubscribed packets would be bypassed from the IDPS Engine DROPPED: Oversubscribed packets would be dropped",
"title": "Rule-level selection for oversubscription behavior"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the IDS security policy rule between the workload groups",
"type": "object"
}
IdsRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsRuleListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS rule request parameters",
"type": "object"
}
IdsRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "IdsRuleListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsRule
},
"required": true,
"title": "IDS rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS rules",
"type": "object"
}
IdsRuleStatistics (type)
{
"additionalProperties": false,
"description": "IDS Rule Statistics.",
"extends": {
"$ref": "RuleStatistics
},
"id": "IdsRuleStatistics",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"internal_rule_id": {
"description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.",
"readonly": true,
"required": false,
"title": "NSX internal rule id",
"type": "string"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Edge FW.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum Sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of rule",
"type": "integer"
},
"rule": {
"description": "Path of the rule.",
"readonly": true,
"required": false,
"title": "Rule path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total Sessions count",
"type": "integer"
}
},
"title": "IDS Rule Statistics",
"type": "object"
}
IdsRuleStatisticsForEnforcementPoint (type)
{
"description": "IDS Rule statistics for a specfic enforcement point.",
"id": "IdsRuleStatisticsForEnforcementPoint",
"module_id": "PolicyIDSStats",
"properties": {
"enforcement_point": {
"description": "IDS Rule statistics for a single enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"statistics": {
"$ref": "IdsRuleStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "IDS Rule Statistics"
}
},
"title": "IDS Rule statistics for an enforcement point",
"type": "object"
}
IdsRuleStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsRuleStatisticsListResult",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsRuleStatisticsForEnforcementPoint
},
"required": true,
"title": "IdsRuleStatistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IDS rule statistics",
"type": "object"
}
IdsSecurityPolicy (type)
{
"description": "Represents the Intrusion Detection System Security Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy
},
"id": "IdsSecurityPolicy",
"module_id": "PolicyIDS",
"policy_hierarchical_children": [
"ChildIdsRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsSecurityPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsSecurityPolicyListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_rule_count": {
"default": false,
"description": "If true, populate the rule_count field with the count of rules in the particular policy. By default, rule_count will not be populated.",
"required": false,
"title": "Include the count of rules in policy",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS security policy request parameters",
"type": "object"
}
IdsSecurityPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "IdsSecurityPolicyListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSecurityPolicy
},
"required": true,
"title": "IDS security policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS security policies",
"type": "object"
}
IdsSecurityPolicyStatistics (type)
{
"additionalProperties": false,
"description": "IDS RSecurity Policy Statistics.",
"extends": {
"$ref": "SecurityPolicyStatistics
},
"id": "IdsSecurityPolicyStatistics",
"module_id": "PolicyIDSStats",
"properties": {
"internal_section_id": {
"description": "Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created.",
"readonly": true,
"required": false,
"title": "NSX internal section id",
"type": "string"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Gateway Firewall.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string"
},
"result_count": {
"description": "Total count for rule statistics",
"readonly": true,
"required": true,
"title": "Rule stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics.",
"items": {
"$ref": "RuleStatistics
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Statistics for all rules",
"type": "array"
}
},
"title": "IDS Security Policy Statistics",
"type": "object"
}
IdsSecurityPolicyStatisticsForEnforcementPoint (type)
{
"description": "Aggregate statistics of all the IDS rules in a security policy for a specific enforcement point.",
"id": "IdsSecurityPolicyStatisticsForEnforcementPoint",
"module_id": "PolicyIDSStats",
"properties": {
"enforcement_point": {
"description": "Enforcement point to fetch the statistics from.",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "IdsSecurityPolicyStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "IDS Security Policy Statistics"
}
},
"title": "IDS Security policy statistics for an enforcement point",
"type": "object"
}
IdsSecurityPolicyStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsSecurityPolicyStatisticsListResult",
"module_id": "PolicyIDSStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSecurityPolicyStatisticsForEnforcementPoint
},
"required": true,
"title": "IDS Security Policy statistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IDS Security Policy statistics",
"type": "object"
}
IdsSettings (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System settings.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSettings",
"module_id": "PolicyIDS",
"policy_hierarchical_children": [
"ChildGlobalIdsSignature",
"ChildIdsClusterConfig",
"ChildIdsCustomSignatureVersion",
"ChildIdsProfile",
"ChildIdsSignatureVersion",
"ChildIdsStandaloneHostConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"default": false,
"description": "Parameter to let the user decide whether to update the IDS Signatures automatically or not.",
"required": false,
"title": "Auto update signatures flag",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_events_to_syslog": {
"default": false,
"description": "Flag to send IDS events to syslog server.",
"required": false,
"title": "Flag to send IDS events to syslog server.",
"type": "boolean"
},
"ids_ever_enabled": {
"description": "Flag which tells whether IDS was ever enabled.",
"readonly": true,
"required": false,
"title": "Flag which tells whether IDS was ever enabled.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"oversubscription": {
"$ref": "Oversubscription,
"default": "BYPASSED",
"description": "Following are the choices for oversubscription configuration at the global level. BYPASSED: Oversubscribed packets would be bypassed from the IDPS Engine DROPPED: Oversubscribed packets would be dropped",
"required": false,
"title": "Global toggle for whether the IDS oversubscribed packets need to be bypassed or dropped"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System settings\n",
"type": "object"
}
IdsSignature (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Signature .",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Signature action.",
"required": false,
"title": "Represents the signature's action",
"type": "string"
},
"attack_target": {
"description": "Target of the signature.",
"required": false,
"title": "Signature attack target",
"type": "string"
},
"categories": {
"description": "Represents the internal categories a signature belongs to.",
"items": {
"$ref": "IdsSignatureInternalCategory
},
"required": false,
"title": "IDS Signature Internal category",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"class_type": {
"description": "Class type of Signature.",
"required": false,
"title": "Signature class type",
"type": "string"
},
"confidence": {
"description": "Signature's confidence score.",
"title": "Confidence",
"type": "string"
},
"cves": {
"description": "CVE score",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the cve score.",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0",
"enum": [
"NONE",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"required": false,
"title": "CVSS of signature",
"type": "string"
},
"cvss_score": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature cvssv2 score.",
"required": false,
"title": "Signature cvssv2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature cvssv3 score.",
"required": false,
"title": "Signature cvssv3 score",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"description": "Flag which tells whether the signature is enabled or not.",
"required": false,
"title": "Activate/Deactivate flag",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"required": false,
"title": "Flow established.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact": {
"description": "Impact of Signature.",
"title": "Impact",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mitre_attack": {
"description": "Mitre Attack details of Signature.",
"items": {
"$ref": "MitreAttack
},
"title": "MitreAttack",
"type": "array"
},
"name": {
"description": "Signature name.",
"required": false,
"title": "Represents the signature name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"product_affected": {
"description": "Product affected by this signature.",
"required": false,
"title": "Signature product affected",
"type": "string"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"risk_score": {
"description": "Risk score of signature.",
"title": "Risk Score",
"type": "string"
},
"severity": {
"description": "Represents the severity of the Signature.",
"required": false,
"title": "Signature severity",
"type": "string"
},
"signature": {
"description": "Decoded Signature.",
"title": "Signature",
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"signature_revision": {
"description": "Represents revision of the Signature.",
"required": false,
"title": "Signature revision",
"type": "string"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold,
"description": "Default threshold values for IDS signature.",
"nsx_feature": "IdsThreshold",
"title": "IDS signature threshold values"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature",
"items": {
"type": "string"
},
"required": false,
"title": "List of mitre attack URLs pertaining to signature.",
"type": "array"
}
},
"title": "Intrusion Detection System Signature",
"type": "object"
}
IdsSignatureInternalCategory (type)
{
"additionalProperties": false,
"description": "Represents the internal categories. APPLICATION : IDS signature having protocol comes under APPLICATION internal category. MALWARE: IDS signature having malware_family comes under this internal category. VULNERABILITY : IDS signature having cvssv3 score comes under this internal category.",
"enum": [
"APPLICATION",
"MALWARE",
"VULNERABILITY"
],
"id": "IdsSignatureInternalCategory",
"module_id": "PolicyIDSMetrics",
"title": "IDS signature internal categories",
"type": "string"
}
IdsSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsSignatureListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS signature request parameters",
"type": "object"
}
IdsSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsSignatureListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSignature
},
"required": true,
"title": "IDS signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS signatures",
"type": "object"
}
IdsSignatureRateFilter (type)
{
"additionalProperties": false,
"description": "Rate filter for IDS signature can be used to change signature action when thresholds are met.",
"id": "IdsSignatureRateFilter",
"module_id": "PolicyIDSMetrics",
"nsx_feature": "IdsThreshold",
"properties": {
"count": {
"description": "Number of signature hits before rate filter is activated.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Rate filter threshold count",
"type": "integer"
},
"new_action": {
"default": "DROP",
"description": "Indicates the new action to be applied when rate filter is activated for the signature. DROP - Traffic will be dropped when rate filter is activated.",
"enum": [
"DROP"
],
"required": false,
"title": "New action for rate filter",
"type": "string"
},
"time_period": {
"description": "Time period (in seconds) during which signature must be hit 'count' number of times in order to activate rate filter.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Rate filter time period in seconds",
"type": "integer"
},
"timeout": {
"description": "Time period (in seconds) during which rate filter will remain active once activated.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Rate filter activation timeout in seconds",
"type": "integer"
}
},
"title": "IDS signature rate filter",
"type": "object"
}
IdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Ids signature status.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSignatureStatus",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"download_status": {
"description": "READY means signatures were downloaded and parsed successfully. PENDING means that signatures download is in progress. ERROR means error occurred during signature processing. DISABLED means IDS is deactivated.",
"enum": [
"READY",
"PENDING",
"ERROR",
"DISABLED"
],
"readonly": true,
"title": "IDS signature download status",
"type": "string"
},
"failure_cause": {
"description": "If signature download fails then this will tell the failure cause.",
"readonly": true,
"title": "Failure Cause",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_status": {
"description": "AVAILABLE means the signatures are available for the version. UNAVAILABLE means there are no available signatures for the version.",
"enum": [
"AVAILABLE",
"UNAVAILABLE"
],
"readonly": true,
"title": "IDS signature status",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "Intrusion Detection System signature status",
"type": "object"
}
IdsSignatureThreshold (type)
{
"additionalProperties": false,
"description": "Threshold values for IDS signature can be used to control IDS event generation frequency.",
"id": "IdsSignatureThreshold",
"module_id": "PolicyIDSMetrics",
"properties": {
"count": {
"description": "Number of signature hits for threshold.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Threshold count",
"type": "integer"
},
"threshold_type": {
"description": "THRESHOLD - An IDS event is generated if signature is hit at least 'count' times within specified time period. LIMIT - At most 'count' number of IDS events are generated for this signature within specified time period. BOTH - A single IDS event is generated if signature is hit at least 'count' times within specified time period.",
"enum": [
"THRESHOLD",
"LIMIT",
"BOTH"
],
"required": true,
"title": "Threshold type",
"type": "string"
},
"time_period": {
"description": "Time period (in seconds) for signature threshold.",
"maximum": 3600,
"minimum": 1,
"required": true,
"title": "Time period (in seconds) for threshold",
"type": "integer"
},
"track_by": {
"description": "This property is read-only and shows existing track by value from the signature. SOURCE - Track signature matches for threshold by source. DESTINATION - Track signature matches for threshold by destination.",
"enum": [
"SOURCE",
"DESTINATION"
],
"readonly": true,
"title": "Signature threshold tracking type",
"type": "string"
}
},
"title": "IDS signature threshold values",
"type": "object"
}
IdsSignatureVersion (type)
{
"additionalProperties": false,
"description": "It represents the version information corresponding to which the signatures will be available.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSignatureVersion",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"change_log": {
"description": "Represents the version's change log.",
"readonly": true,
"title": "Change log",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "Contains the path of sites that has been mapped with the Signature Version.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the Sites mapped with the Signature Version.",
"type": "array"
},
"state": {
"description": "This flag tells which Version is currently active. ACTIVE: It means the signatures under this version is currently been used under IDS Profiles. NOTACTIVE: It means signatures of this version are available but not being used in IDS Profiles.",
"enum": [
"ACTIVE",
"NOTACTIVE"
],
"readonly": true,
"title": "State of the Version",
"type": "string"
},
"status": {
"description": "This flag tells the status of the signatures under a version. OUTDATED: It means the signatures under this version are outdated and new version is available. LATEST: It means the signatures of this version are up to date.",
"enum": [
"OUTDATED",
"LATEST"
],
"readonly": true,
"title": "Status of the Version",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_time": {
"$ref": "EpochMsTimestamp,
"description": "Time when this version was downloaded and saved.",
"readonly": true,
"title": "IDS Signature Version update time"
},
"user_uploaded": {
"description": "Flag which tells whether the Signature version is uploaded by user or not.",
"readonly": true,
"title": "User Uploaded Signature bundle flag",
"type": "boolean"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "Intrusion Detection System signature version",
"type": "object"
}
IdsSignatureVersionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsSignatureVersionListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IDS signature version request parameters",
"type": "object"
}
IdsSignatureVersionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsSignatureVersionListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsSignatureVersion
},
"required": true,
"title": "IDS signature version list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IDS signature versions",
"type": "object"
}
IdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to activate/deactivate IDS on standalone host level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on standalone hosts.",
"readonly": false,
"required": true,
"title": "IDS enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System configuration",
"type": "object"
}
IdsThresholdConfig (type)
{
"additionalProperties": false,
"description": "Threshold configuration for IDS signature.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsThresholdConfig",
"module_id": "PolicyIDSMetrics",
"nsx_feature": "IdsThreshold",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"rate_filter": {
"$ref": "IdsSignatureRateFilter,
"description": "Rate filter for IDS signature can be used to change signature action when threshold is met.",
"required": false,
"title": "IDS signature rate filter"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"$ref": "IdsSignatureThreshold,
"description": "Threshold values for IDS signature can be used to control IDS event generation frequency.",
"required": false,
"title": "IDS signature threshold values"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS signature threshold configuration",
"type": "object"
}
IdsThresholdConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IdsThresholdConfigListRequestParameters",
"module_id": "PolicyIDS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Ids Threshold Config request parameters",
"type": "object"
}
IdsThresholdConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IdsThresholdConfigListResult",
"module_id": "PolicyIDS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdsThresholdConfig
},
"required": true,
"title": "Ids Threshold Config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IdsThresholdConfig",
"type": "object"
}
IdsUserList (type)
{
"additionalProperties": false,
"description": "List of all affected users pertaining to a specific signature.",
"extends": {
"$ref": "ListResult
},
"id": "IdsUserList",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected users specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected users",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected Users",
"type": "object"
}
IdsUserStats (type)
{
"additionalProperties": false,
"description": "List of Users logged into VMs where intrusions of a given signature were detected.",
"id": "IdsUserStats",
"module_id": "IDSMetrics",
"properties": {
"count": {
"description": "Number of unique users logged into VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique users",
"type": "integer"
},
"user_list": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of users",
"type": "array"
}
},
"title": "List of Users",
"type": "object"
}
IdsValidationError (type)
{
"additionalProperties": false,
"description": "Contain Validation Error messages for the fields",
"id": "IdsValidationError",
"module_id": "PolicyIDSMetrics",
"properties": {
"field": {
"description": "Represents the field or property of signature.",
"title": "Field",
"type": "string"
},
"message": {
"description": "Represents the validation message.",
"title": "Message",
"type": "string"
}
},
"title": "Validation Error",
"type": "object"
}
IdsVmList (type)
{
"additionalProperties": false,
"description": "List of all affected VMs pertaining to a specific signature.",
"extends": {
"$ref": "ListResult
},
"id": "IdsVmList",
"module_id": "IDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected VMs specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected VMs",
"type": "object"
}
IdsVmStats (type)
{
"additionalProperties": false,
"description": "List of VMs on which a particular signature was detected with the count.",
"id": "IdsVmStats",
"module_id": "IDSMetrics",
"properties": {
"count": {
"description": "Number of unique VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique VMs",
"type": "integer"
},
"vm_list": {
"description": "List of VM names on which intrusions of that particular signature type were detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of VM names",
"type": "array"
}
},
"title": "List of VMs where signature was detected",
"type": "object"
}
IfaceFlowInfo (type)
{
"additionalProperties": false,
"id": "IfaceFlowInfo",
"properties": {
"entity": {
"description": "Logical entity",
"readonly": true,
"title": "Logical entity",
"type": "string"
},
"flows": {
"description": "Flows",
"items": {
"type": "string"
},
"readonly": true,
"title": "Flows",
"type": "array"
},
"name": {
"description": "Logical entity name",
"readonly": true,
"title": "Logical entity name",
"type": "string"
},
"uuid": {
"description": "Logical entity UUID",
"readonly": true,
"title": "Logical entity UUID",
"type": "string"
}
},
"type": "object"
}
IgmpMembership (type)
{
"additionalProperties": false,
"description": "IGMP (Internet Group Management Protocol) membership details.",
"id": "IgmpMembership",
"module_id": "AggSvcLogicalRouter",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"igmp_version": {
"description": "IGMP version.",
"readonly": true,
"required": true,
"title": "IGMP version",
"type": "integer"
},
"interface": {
"description": "Interface on which multicast group membership is learned.",
"readonly": true,
"required": true,
"title": "Interface name",
"type": "string"
},
"no_of_sources": {
"description": "Number of multicast sources.",
"readonly": true,
"required": true,
"title": "Number of multicast sources",
"type": "string"
},
"source_address": {
"$ref": "IPAddress,
"description": "IP address of multicast source.",
"readonly": true,
"required": true,
"title": "IP address multicast source"
},
"uptime": {
"description": "Multicast group membership active time.",
"readonly": true,
"required": true,
"title": "Group membership active time",
"type": "string"
}
},
"title": "IGMP membership details",
"type": "object"
}
IgmpMembershipCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "IgmpMembershipCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"igmp_version": {
"description": "IGMP version.",
"readonly": true,
"required": true,
"title": "IGMP version",
"type": "integer"
},
"interface": {
"description": "Interface on which multicast group membership is learned.",
"readonly": true,
"required": true,
"title": "Interface name",
"type": "string"
},
"no_of_sources": {
"description": "Number of multicast sources.",
"readonly": true,
"required": true,
"title": "Number of multicast sources",
"type": "string"
},
"source_address": {
"$ref": "IPAddress,
"description": "IP address of multicast source.",
"readonly": true,
"required": true,
"title": "IP address multicast source"
},
"transport_node": {
"description": "Transport node uuid or policy path.",
"readonly": true,
"required": true,
"title": "Transport node uuid or policy path",
"type": "string"
},
"uptime": {
"description": "Multicast group membership active time.",
"readonly": true,
"required": true,
"title": "Group membership active time",
"type": "string"
}
},
"type": "object"
}
IgmpMemberships (type)
{
"additionalProperties": false,
"description": "IGMP Memberships.",
"extends": {
"$ref": "ListResult
},
"id": "IgmpMemberships",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 or Tier1 gateway.",
"required": true,
"title": "Policy path to Tier0 or Tier1 gateway",
"type": "string"
},
"igmp_memberships_per_edge": {
"items": {
"$ref": "IgmpMembershipsPerEdge
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IGMP Memberships",
"type": "object"
}
IgmpMembershipsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "IgmpMembershipsInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "IgmpMembershipCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
IgmpMembershipsPerEdge (type)
{
"additionalProperties": false,
"description": "IGMP Memberships Per Edge.",
"extends": {
"$ref": "ListResult
},
"id": "IgmpMembershipsPerEdge",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"igmp_memberships": {
"items": {
"$ref": "IgmpMembership
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IGMP Memberships Per Edge",
"type": "object"
}
IkeDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IkeDigestAlgorithms are used to verify message integrity during Ike negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IkeDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
IkeEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "IkeEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
ImportErrorMessage (type)
{
"additional_properties": false,
"description": "Error message during import of network policy",
"id": "ImportErrorMessage",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"errors": {
"description": "Contains a list of errors against all network policy rules and fields failed during import.",
"items": {
"$ref": "ImportErrorMessageDetail
},
"title": "List of errors, if any",
"type": "array"
},
"network_policy_id": {
"description": "K8s Network Policy ID. If it's not set, the error_message is related to the overall import operation but not to specific K8s Network Policy.",
"required": false,
"title": "K8s network policy identifier.",
"type": "string"
}
},
"title": "Error Message during import of network policy",
"type": "object"
}
ImportErrorMessageDetail (type)
{
"additional_properties": false,
"description": "Detailed Error message during import of network policy rule or field.",
"id": "ImportErrorMessageDetail",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"error_code": {
"title": "Error Code",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error message",
"type": "string"
}
},
"title": "Detailed Error Message of a K8s NetworkPolicy Rule or Field",
"type": "object"
}
ImportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke the import task.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "ImportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_description": {
"description": "Description to be set on the draft, which will hold the imported configuration.",
"required": false,
"title": "Description to be set on the draft",
"type": "string"
},
"draft_display_name": {
"description": "Display name to be set on the draft, which will hold the imported configuration.",
"minLength": 1,
"required": true,
"title": "Display name to be set on the draft",
"type": "string"
},
"file": {
"description": "The file having stored firewall configuration. Only zip file will be accepted.",
"required": true,
"title": "File to be imported",
"type": "multipart_file"
},
"passphrase": {
"description": "Passphrase to verify imported files. Passphrase needs to be same as provided earlier to export operation which generated these imported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"required": true,
"sensitive": true,
"title": "Passphrase to verify imported files",
"type": "secure_string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Import task request parameters",
"type": "object"
}
ImportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the import task.",
"extends": {
"$ref": "PolicyTask
},
"id": "ImportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft in which the imported configuration gets stored after completion of import task.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Import task information",
"type": "object"
}
IncludedFieldsParameters (type)
{
"additionalProperties": false,
"id": "IncludedFieldsParameters",
"module_id": "Common",
"properties": {
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
}
},
"title": "A list of fields to include in query results",
"type": "object"
}
Infra (type)
{
"additionalProperties": false,
"description": "Infra space related policy.",
"extends": {
"$ref": "AbstractSpace
},
"id": "Infra",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildBfdProfile",
"ChildCaBundle",
"ChildConstraint",
"ChildConstraintGlobalConfig",
"ChildDeploymentZone",
"ChildDhcpRelayConfig",
"ChildDhcpServerConfig",
"ChildDnsSecurityProfile",
"ChildDomain",
"ChildEnforcementPoint",
"ChildEvpnTenantConfig",
"ChildFloodProtectionProfile",
"ChildFullSyncState",
"ChildGatewayQosProfile",
"ChildGlobalConfig",
"ChildGlobalManager",
"ChildGlobalManagerConfig",
"ChildIPDiscoveryProfile",
"ChildIPFIXDFWCollectorProfile",
"ChildIPFIXDFWProfile",
"ChildIPFIXL2CollectorProfile",
"ChildIPFIXL2Profile",
"ChildIPSecVpnDpdProfile",
"ChildIPSecVpnIkeProfile",
"ChildIPSecVpnTunnelProfile",
"ChildIdentityFirewallStore",
"ChildIpAddressBlock",
"ChildIpAddressPool",
"ChildIpv6DadProfile",
"ChildIpv6NdraProfile",
"ChildL7AccessProfile",
"ChildLBAppProfile",
"ChildLBClientSslProfile",
"ChildLBMonitorProfile",
"ChildLBPersistenceProfile",
"ChildLBPool",
"ChildLBServerSslProfile",
"ChildLBService",
"ChildLBVirtualServer",
"ChildLiveTraceConfig",
"ChildMacDiscoveryProfile",
"ChildMetadataProxyConfig",
"ChildOpsGlobalConfig",
"ChildPolicyBaseHostSwitchProfile",
"ChildPolicyContextProfile",
"ChildPolicyDnsForwarderZone",
"ChildPolicyDraft",
"ChildPolicyFirewallIpReputationConfig",
"ChildPolicyFirewallScheduler",
"ChildPolicyFirewallSessionTimerProfile",
"ChildPolicyHostTransportNodeProfile",
"ChildPolicyIgmpProfile",
"ChildPolicyLabel",
"ChildPolicyLatencyStatProfile",
"ChildPolicyPimProfile",
"ChildPolicyServiceChain",
"ChildPolicyTransportZoneProfile",
"ChildPortMirroringProfile",
"ChildQoSProfile",
"ChildSegment",
"ChildSegmentSecurityProfile",
"ChildService",
"ChildServiceReference",
"ChildShare",
"ChildSite",
"ChildSpan",
"ChildSpoofGuardProfile",
"ChildStaticMimeContent",
"ChildTier0",
"ChildTier1",
"ChildTlsCertificate",
"ChildTlsCrl",
"ChildTlsCsr",
"ChildTlsPolicy",
"ChildTlsProfile",
"ChildTraceflowConfig",
"ChildVMTagReplicationPolicy",
"ChildVniPoolConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domains": {
"description": "This field is used while creating or updating the infra space.",
"items": {
"$ref": "Domain
},
"required": false,
"title": "Domains for infra",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Infra",
"type": "object"
}
InfraSecurityConfig (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "InfraSecurityConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"automatic_appliance_certificate_renewal_enabled": {
"description": "When this flag is set to true, NSX will periodically check if any of the appliance certificates used for NSX internal communications are about to expire. If any are due to expire, new certificates will be created and installed automatically. If not provided, this defaults to true.",
"nsx_feature": "CertificateAutoReplace",
"readonly": false,
"title": "Renew appliance certificates automatically",
"type": "boolean"
},
"automatic_appliance_certificate_renewal_lead_time": {
"description": "The number of days before certificate expiration that NSX will automatically renew expiring appliance certificates. By default, this is 31 days.",
"minimum": 31,
"nsx_feature": "CertificateAutoReplace",
"readonly": false,
"title": "Lead time for automatic renewal of appliance certificates",
"type": "int"
},
"ca_signed_only": {
"description": "When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. Since this check has now moved to the compliance-report, enabling this check is no longer required if the NDcPP Security alarms have been enabled.",
"readonly": false,
"title": "A flag to indicate whether the server certs are only allowed to be ca-signed.",
"type": "boolean"
},
"crl_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. Setting this property to false results in lower security. It is not advisable to import certificate without CRL info while CRL checking is deactivated, and then re-enable CRL checking.",
"readonly": false,
"title": "A flag to indicate whether the Java trust-managers check certificate revocation",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"eku_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. Since this check has now moved to the compliance-report, enabling/disabling this flag no longer has any effect when applying certificates.",
"readonly": false,
"title": "A flag to indicate whether the Extended Key Usage extension in the certificate is checked.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for security purposes, like trust store and trust manager.",
"type": "object"
}
IngressBroadcastRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "IngressBroadcastRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressBroadcastRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in kb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrition": "Set custom burst_size for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"desription": "Set custom peak_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in kb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in kb/s",
"type": "object"
}
IngressBroadcastRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper
},
"id": "IngressBroadcastRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "IngressBroadcastRateShaper"
},
"properties": {
"average_bandwidth_kbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in kb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_kbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in kb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in kb/s",
"type": "object"
}
IngressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "IngressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"description": "You can use the average bandwidth to reduce network congestion.",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"description": "The burst duration is set in the burst size setting.",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"description": "The peak bandwidth rate is used to support burst traffic.",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in Mb/s",
"type": "object"
}
IngressRateShaper (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "QosBaseRateShaper
},
"id": "IngressRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "IngressRateShaper"
},
"properties": {
"average_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size_bytes": {
"default": 0,
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth_mbps": {
"default": 0,
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in Mb/s",
"type": "object"
}
InitiateClusterRestoreRequest (type)
{
"id": "InitiateClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"ipv6_address": {
"description": "IPv6 address or FQDNv6 of the node which would be used for the restoration. This should be same as the one on which backup was taken",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IPv6 address or FQDNv6 of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "Unique id of the backed-up configuration from which\nthe appliance will be restored\n",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": true,
"title": "Timestamp of the backed-up configuration from which\nthe appliance will be restored\n"
}
},
"type": "object"
}
Injection (type)
{
"additionalProperties": false,
"description": "Injection holding a key and a corresponding value.",
"id": "Injection",
"module_id": "PolicyReaction",
"properties": {
"key": {
"description": "Injection key.",
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"$ref": "InjectionValue,
"description": "Injection value.",
"required": true,
"title": "Value"
}
},
"title": "Injection",
"type": "object"
}
InjectionValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Injection Value.",
"id": "InjectionValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Injection Value resource type.",
"enum": [
"UnaryOperationBasedInjectionValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Injection Value",
"type": "object"
}
InstallUpgradeServiceProperties (type)
{
"additionalProperties": false,
"id": "InstallUpgradeServiceProperties",
"properties": {
"enabled": {
"required": true,
"title": "True if service enabled; otherwise, false",
"type": "boolean"
},
"enabled_on": {
"readonly": true,
"title": "IP of manager on which install-upgrade is enabled",
"type": "string"
}
},
"title": "install-upgrade service properties",
"type": "object"
}
InstanceDeploymentConfig (type)
{
"description": "The Instance Deployment Config contains settings that is applied during install time.",
"id": "InstanceDeploymentConfig",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"compute_id": {
"description": "Resource Pool or Compute Id.",
"readonly": false,
"required": true,
"title": "compute id",
"type": "string"
},
"context_id": {
"description": "Context Id or VCenter Id.",
"readonly": false,
"required": true,
"title": "Context Id",
"type": "string"
},
"host_id": {
"description": "The service VM will be deployed on the specified host in the specified server within the cluster if host_id is specified. Note: You must ensure that storage and specified networks are accessible by this host.",
"readonly": false,
"required": false,
"title": "Host id",
"type": "string"
},
"storage_id": {
"description": "Storage Id.",
"readonly": false,
"required": true,
"title": "storage id",
"type": "string"
},
"vm_nic_infos": {
"description": "List of NIC information for VMs",
"items": {
"$ref": "VmNicInfo
},
"maxItems": 2,
"minItems": 1,
"readonly": false,
"required": true,
"title": "List of VM NIC information",
"type": "array"
}
},
"title": "Instance Deployment Config",
"type": "object"
}
InstanceEndpoint (type)
{
"description": "An InstanceEndpoint belongs to one ServiceInstance and represents a redirection target for a Rule. For Example - It can be an L3 Destination. Service Attachments is required for a InstanceEndpoint of type LOGICAL, and deployed_to if its a VIRTUAL InstanceEndpoint.",
"extends": {
"$ref": "ManagedResource
},
"id": "InstanceEndpoint",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endpoint_type": {
"default": "LOGICAL",
"description": "LOGICAL - It must be created with a ServiceAttachment and identifies a destination connected to the Service Port of the ServiceAttachment, through the ServiceAttachment's Logical Switch. VIRTUAL - It represents a L3 destination the router can route to but does not provide any further information about its location in the network. Virtual InstanceEndpoints are used for redirection targets that are not connected to Service Ports, such as the next-hop routers on the Edge uplinks.",
"enum": [
"LOGICAL",
"VIRTUAL"
],
"readonly": false,
"required": false,
"title": "Instance Endpoint Type",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"link_ids": {
"description": "Link Ids are mandatory for VIRTUAL Instance Endpoint. Even though VIRTUAL, the Instance Endpoint should be connected/accessible through an NSX object. The link id is this NSX object id. Example - For North-South Service Insertion, this is the LogicalRouter Id through which the targetIp/L3 destination accessible.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Link Id list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_attachments": {
"description": "Id(s) of the Service Attachment where this enndpoint is connected to. Service Attachment is mandatory for LOGICAL Instance Endpoint.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Service Attachment list",
"type": "array"
},
"service_instance_id": {
"description": "The Service instancee with which the instance endpoint is associated.",
"readonly": true,
"required": false,
"title": "Service instance Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "Target IPs on an interface of the Service Instance.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Target IPs",
"type": "array"
}
},
"title": "EndPoint of an Instance",
"type": "object"
}
InstanceEndpointListResult (type)
{
"description": "List of instance endpoints.",
"extends": {
"$ref": "ListResult
},
"id": "InstanceEndpointListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of instance endpoints.",
"items": {
"$ref": "InstanceEndpoint
},
"readonly": true,
"required": true,
"title": "Instance End Point list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Instance Endpoint List",
"type": "object"
}
InstanceRuntime (type)
{
"description": "A Service Runtime is the runtime entity associated with ever Service-VM deployed.",
"extends": {
"$ref": "ManagedResource
},
"id": "InstanceRuntime",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_collection_id": {
"description": "Resource Pool or cluster Id.",
"readonly": true,
"required": false,
"title": "Compute Collection Id",
"type": "string"
},
"deployment_status": {
"description": "Service-Instance Runtime deployment status of the Service-VM. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment of VM.",
"enum": [
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Instance Runtime deployment status",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_message": {
"description": "Error message for the Service Instance Runtime if any.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"maintenance_mode": {
"description": "The maintenance mode indicates whether the corresponding service VM is in maintenance mode. The service VM will not be used to service new requests if it is in maintenance mode.",
"enum": [
"OFF",
"ENTERING",
"ON",
"EXITING"
],
"readonly": true,
"required": false,
"title": "Instance Runtime maintenance mode",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_health_status_by_partner": {
"description": "Service-Instance runtime health status set by partner to indicate whether the service is running properly or not.",
"enum": [
"HEALTHY",
"STOPPED",
"NOT_RESPONDING"
],
"readonly": true,
"required": false,
"title": "Instance runtime health status set by partner",
"type": "string"
},
"runtime_status": {
"description": "Service-Instance Runtime status of the deployed Service-VM.",
"enum": [
"IN_SERVICE",
"OUT_OF_SERVICE",
"NEEDS_ATTENTION",
"NOT_AVAILABLE"
],
"readonly": true,
"required": false,
"title": "Instance Runtime Status",
"type": "string"
},
"service_instance_id": {
"description": "Id of an instantiation of a registered service.",
"readonly": true,
"required": false,
"title": "Service instance id",
"type": "string"
},
"service_vm_id": {
"description": "Service-VM/SVM id of deployed virtual-machine.",
"readonly": true,
"required": false,
"title": "Service VM id",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC.",
"readonly": true,
"required": false,
"title": "Storage Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unhealthy_reason": {
"description": "Reason provided by partner for the service being unhealthy. This could be due to various reasons such as connectivity lost as an example.",
"readonly": true,
"required": false,
"title": "Reason for service status when unhealthy",
"type": "string"
},
"vm_nic_info": {
"$ref": "VmNicInfo,
"readonly": true,
"required": false,
"title": "VM NIC info"
}
},
"title": "Runtime of a Service-Instance.",
"type": "object"
}
InstanceRuntimeListResult (type)
{
"additionalProperties": false,
"description": "Result of List of InstanceRuntimes",
"extends": {
"$ref": "ListResult
},
"id": "InstanceRuntimeListResult",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing InstanceRuntimes in database",
"items": {
"$ref": "InstanceRuntime
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "InstanceRuntime list result",
"type": "object"
}
InstanceRuntimeStatistic (type)
{
"description": "Statistics for data NICs on an instance runtime",
"id": "InstanceRuntimeStatistic",
"module_id": "PolicyServiceInsertion",
"properties": {
"interface_statistics": {
"description": "List of statistics for all data NICs on a runtime.",
"items": {
"$ref": "RuntimeInterfaceStatistics
},
"readonly": true,
"title": "List of statistics for all NICs",
"type": "array"
},
"primary_runtime_stats": {
"description": "Specifies whether statistics are for primary runtime.",
"readonly": true,
"title": "Specifies whether statistics are for primary",
"type": "boolean"
},
"runtime_id": {
"description": "Id of the instance runtime",
"readonly": true,
"title": "Id of the instance runtime",
"type": "string"
},
"runtime_name": {
"description": "Name of the instance runtime",
"readonly": true,
"title": "Name of the instance runtime",
"type": "string"
}
},
"title": "Instance runtime statistic",
"type": "object"
}
InstructionInfo (type)
{
"id": "InstructionInfo",
"module_id": "ClusterRestore",
"properties": {
"actions": {
"description": "A list of actions that are to be applied to resources",
"help_detail": "This attribute lists actions that are to be applied to the resources\nreferenced in the \"resources\" attribute. There is an m x n relationship\nbetween these actions and resources.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Actions list",
"type": "array"
},
"fields": {
"description": "A list of fields that are displayable to users in a table",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Displayable fields",
"type": "array"
},
"id": {
"readonly": true,
"required": true,
"title": "UUID of the instruction",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "Instruction name",
"type": "string"
}
},
"title": "Details of the instructions displayed during restore process",
"type": "object"
}
IntegerArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of values",
"extends": {
"$ref": "ConstraintValue
},
"id": "IntegerArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "IntegerArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "Array of integer values",
"items": {
"type": "int"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of Integer",
"type": "array"
}
},
"title": "Array of Integer Values to perform operation",
"type": "object"
}
IntelligenceClusterNodeVMFormFactor (type) (Deprecated)
{
"deprecated": true,
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM. Enum value SMALL, LARGE and EXTRA_LARGE will be deprecated.",
"enum": [
"EVALUATION",
"STANDARD",
"ADVANCED",
"SMALL",
"LARGE",
"EXTRA_LARGE"
],
"id": "IntelligenceClusterNodeVMFormFactor",
"title": "Supported VM form factor for NSX-Intelligence cluster nodes",
"type": "string"
}
IntelligenceFormFactor (type)
{
"additionalProperties": false,
"description": "Napp cluster form factor",
"id": "IntelligenceFormFactor",
"properties": {
"default_worker_count": {
"description": "Default number of Napp worker nodes.",
"readonly": true,
"title": "Default number of Napp worker nodes.",
"type": "integer"
},
"disk": {
"description": "Disk size of the Napp worker nodes in GBs.",
"readonly": true,
"title": "Disk size of the Napp worker nodes in GBs",
"type": "integer"
},
"memory": {
"description": "Memory size of the Napp worker nodes in GBs",
"readonly": true,
"title": "Memory size of the Napp worker nodes in GBs",
"type": "integer"
},
"type": {
"$ref": "IntelligenceClusterNodeVMFormFactor,
"description": "NSX Intelligence node form factor type",
"readonly": true,
"title": "Napp cluster form factor type"
},
"vcpu": {
"description": "Number of virtual cpus on the Napp worker nodes",
"readonly": true,
"title": "Number of virtual cpus on the Napp worker nodes",
"type": "integer"
}
},
"title": "Napp cluster form factor",
"type": "object"
}
IntelligenceFormFactors (type)
{
"id": "IntelligenceFormFactors",
"properties": {
"form_factors": {
"items": {
"$ref": "IntelligenceFormFactor
},
"title": "Napp cluster form factor list",
"type": "array"
}
},
"title": "Napp cluster form factors list result",
"type": "object"
}
IntentEnforcementPointListRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing intent path and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IntentEnforcementPointListRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"required": true,
"title": "String path of the intent object",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing intent path and enforcement point path",
"type": "object"
}
IntentPathRequestParameter (type)
{
"description": "Intent path for which state/realized entities would be fetched.",
"id": "IntentPathRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site",
"type": "string"
}
},
"title": "Parameter to filter realized entities by intent path",
"type": "object"
}
IntentRuntimeRequestParameters (type)
{
"description": "Request parameters that represents a an intent path.",
"id": "IntentRuntimeRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Policy Path referencing an intent object.",
"required": true,
"title": "Policy Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site from where the realization status needs to be fetched",
"type": "string"
}
},
"title": "Request Parameters for Intent Runtime Information",
"type": "object"
}
IntentStatusRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a binding between an intent path and whether the enforcement point specific status shall be retrieved from the enforcement point or not. A request can be parameterized with this pair and will be evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent with no enforced statuses' details returned. - <intent_path, include_enforced_status=true>: the request is evaluated on all enforcement points for the given intent with enforced statuses' details returned.",
"extends": {
"$ref": "IntentRuntimeRequestParameters
},
"id": "IntentStatusRequestParameters",
"module_id": "PolicyRealizationStatus",
"properties": {
"include_enforced_status": {
"default": false,
"description": "Flag conveying whether to include detailed view of the enforcement point specific status or not.",
"title": "Include Enforced Status Flag",
"type": "boolean"
},
"intent_path": {
"description": "Policy Path referencing an intent object.",
"required": true,
"title": "Policy Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site from where the realization status needs to be fetched",
"type": "string"
}
},
"title": "Request Parameters for Intent Status Information",
"type": "object"
}
InterSRRoutingConfig (type)
{
"id": "InterSRRoutingConfig",
"module_id": "Routing",
"properties": {
"enabled": {
"default": true,
"description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availability mode. User can change this value while updating inter-sr config.",
"required": false,
"title": "Flag to enable inter SR IBGP",
"type": "boolean"
}
},
"title": "Inter SR IBGP configuration",
"type": "object"
}
InterSiteBgpSummary (type)
{
"id": "InterSiteBgpSummary",
"module_id": "AggSvcInterSite",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the inter-site IBgp neighbors status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"neighbor_status": {
"description": "Status of all inter-site IBgp neighbors.",
"items": {
"$ref": "BgpNeighborStatus
},
"readonly": true,
"title": "Inter-site IBgp neighbors status",
"type": "array"
},
"transport_node_id": {
"description": "Edge node id whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge node id",
"type": "string"
}
},
"type": "object"
}
InterSitePortCounters (type)
{
"extends": {
"$ref": "LogicalRouterPortCounters
},
"id": "InterSitePortCounters",
"module_id": "AggSvcInterSite",
"properties": {
"blocked_packets": {
"description": "The total number of packets blocked.",
"required": false,
"title": "The number of blocked packets",
"type": "integer"
},
"dad_dropped_packets": {
"description": "Number of duplicate address detected packets dropped.",
"required": false,
"title": "The number of duplicate address detected packets dropped",
"type": "integer"
},
"destination_unsupported_dropped_packets": {
"description": "Number of packtes dropped as destination is not supported.",
"required": false,
"title": "The number of destination unsupported packets dropped",
"type": "integer"
},
"dropped_packets": {
"description": "The total number of packets dropped.",
"required": false,
"title": "The number of dropped packets",
"type": "integer"
},
"firewall_dropped_packets": {
"description": "Number of firewall packets dropped.",
"required": false,
"title": "The number of firewall packets dropped",
"type": "integer"
},
"frag_needed_dropped_packets": {
"description": "Number of fragmentation needed packets dropped.",
"required": false,
"title": "The number of fragmentation needed packets dropped",
"type": "integer"
},
"ipsec_dropped_packets": {
"description": "Number of IPSec packets dropped",
"required": false,
"title": "The number of IPSec packets dropped",
"type": "integer"
},
"ipsec_no_sa_dropped_packets": {
"description": "Number of IPSec no security association packets dropped.",
"required": false,
"title": "The number of IPSec no security association packets dropped",
"type": "integer"
},
"ipsec_no_vti_dropped_packets": {
"description": "Number of IPSec packets dropped as no VTI is present.",
"required": false,
"title": "The number of IPSec no VTI packets dropped",
"type": "integer"
},
"ipsec_pol_block_dropped_packets": {
"description": "Number of IPSec policy block packets dropped.",
"required": false,
"title": "The number of IPSec policy block packets dropped",
"type": "integer"
},
"ipsec_pol_err_dropped_packets": {
"description": "Number of IPSec policy error packets dropped.",
"required": false,
"title": "The number of IPSec policy error packets dropped",
"type": "integer"
},
"ipv6_dropped_packets": {
"description": "Number of IPV6 packets dropped.",
"required": false,
"title": "The number of IPV6 packets dropped",
"type": "integer"
},
"kni_dropped_packets": {
"description": "Number of DPDK kernal NIC interface packets dropped.",
"required": false,
"title": "The number of kernal NIC interface packets dropped",
"type": "integer"
},
"l4port_unsupported_dropped_packets": {
"description": "Number of packets dropped due to unsupported L4 port.",
"required": false,
"title": "The number of L4 port unsupported packets dropped",
"type": "integer"
},
"malformed_dropped_packets": {
"description": "Number of packtes dropped as they are malformed.",
"required": false,
"title": "The number of malformed packets dropped",
"type": "integer"
},
"no_arp_dropped_packets": {
"description": "Number of no ARP packets dropped.",
"required": false,
"title": "The number of no ARP packets dropped",
"type": "integer"
},
"no_linked_dropped_packets": {
"description": "Number of packets dropped as no linked ports are present.",
"required": false,
"title": "The number of no linked packets dropped",
"type": "integer"
},
"no_mem_dropped_packets": {
"description": "Number of packets dropped due to insufficient memory.",
"required": false,
"title": "The number of no memory packets dropped",
"type": "integer"
},
"no_receiver_dropped_packets": {
"description": "Number of packets dropped due to absence of receiver.",
"required": false,
"title": "The number of no receiver packets dropped",
"type": "integer"
},
"no_route_dropped_packets": {
"desrciption": "Number of packets dropped due to absence of routes.",
"required": false,
"title": "The number of no route packets dropped",
"type": "integer"
},
"non_ip_dropped_packets": {
"description": "Number of non IP packets dropped.",
"required": false,
"title": "The number of non IP packets dropped",
"type": "integer"
},
"proto_unsupported_dropped_packets": {
"description": "Number of packets dropped as protocol is unsupported.",
"required": false,
"title": "The number of protocol unsupported packets dropped",
"type": "integer"
},
"redirect_dropped_packets": {
"description": "Number of redirect packets dropped.",
"required": false,
"title": "The number of redirect packets dropped",
"type": "integer"
},
"rpf_check_dropped_packets": {
"description": "Number of reverse-path forwarding check packets dropped.",
"required": false,
"title": "The number of reverse-path forwarding check packets dropped",
"type": "integer"
},
"service_insert_dropped_packets": {
"description": "Number of service insert packets dropped.",
"required": false,
"title": "The number of service insert packets dropped",
"type": "integer"
},
"total_bytes": {
"description": "The total number of bytes transferred.",
"required": false,
"title": "The total number of bytes",
"type": "integer"
},
"total_packets": {
"description": "The total number of packets transferred.",
"required": false,
"title": "The total number of packets",
"type": "integer"
},
"ttl_exceeded_dropped_packets": {
"description": "Number of time to live exceeded packets dropped.",
"required": false,
"title": "The number of time to live exceeded packets dropped",
"type": "integer"
}
},
"type": "object"
}
InterVrfRouteAdvertisementTypes (type)
{
"additionalProperties": false,
"description": "Inter-vrf route advertisement types. TIER0_STATIC: Redistribute user added static routes. TIER0_CONNECTED: Redistribute TIER0 connected subnets. TIER0_NAT: Redistribute NAT IPs owned by TIER0. TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets. TIER0_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER0. TIER1_STATIC: Redistribute user added static routes. TIER1_CONNECTED: Redistribute Tier1 connected subnets. TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances. TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances. TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances. TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1 instances. TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER1.",
"enum": [
"TIER0_STATIC",
"TIER0_CONNECTED",
"TIER0_NAT",
"TIER0_DNS_FORWARDER_IP",
"TIER0_IPSEC_LOCAL_ENDPOINT",
"TIER1_STATIC",
"TIER1_CONNECTED",
"TIER1_LB_SNAT",
"TIER1_LB_VIP",
"TIER1_NAT",
"TIER1_DNS_FORWARDER_IP",
"TIER1_IPSEC_LOCAL_ENDPOINT"
],
"id": "InterVrfRouteAdvertisementTypes",
"module_id": "PolicyConnectivity",
"title": "Inter-vrf route advertisement types",
"type": "string"
}
InterfaceArpCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "InterfaceArpCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
InterfaceArpEntry (type)
{
"id": "InterfaceArpEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
InterfaceArpProxy (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "InterfaceArpProxy",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"arp_proxy_entries": {
"items": {
"$ref": "PolicyArpProxyEntry
},
"readonly": true,
"title": "Array of ARP proxy table entries",
"type": "array"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"interface_path": {
"readonly": true,
"title": "Policy path of gateway interface",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
InterfaceArpProxyCsvEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "InterfaceArpProxyCsvEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"arp_proxy_ip": {
"description": "ARP proxy information for a service with ip.",
"readonly": true,
"required": false,
"title": "ARP proxy service addresses",
"type": "string"
},
"interface_path": {
"readonly": true,
"required": false,
"title": "Policy path of gateway interface",
"type": "string"
},
"service_id": {
"description": "Identifier of connected service on port.",
"readonly": true,
"required": false,
"title": "Service type id",
"type": "string"
}
},
"type": "object"
}
InterfaceArpTable (type)
{
"extends": {
"$ref": "ListResult
},
"id": "InterfaceArpTable",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point.",
"title": "Enforcement point path",
"type": "string"
},
"interface_path": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "InterfaceArpEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
InterfaceArpTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "InterfaceArpTableInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"results": {
"items": {
"$ref": "InterfaceArpCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
InterfaceDADState (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status on the interface.",
"id": "InterfaceDADState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the interface.",
"items": {
"$ref": "InterfaceIPv6DADStatus
},
"readonly": true,
"title": "IPv6 DAD status",
"type": "array"
},
"interface_path": {
"description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.",
"readonly": true,
"title": "Policy path or realization ID of interface",
"type": "string"
}
},
"title": "Interface DAD status",
"type": "object"
}
InterfaceIPv6DADStatus (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status for IP address on the interface.",
"id": "InterfaceIPv6DADStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_paths": {
"description": "Array of edge nodes on which DAD status is reported for given IP address.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Edge node paths",
"type": "array"
},
"ip_address": {
"$ref": "IPAddress,
"description": "IP address on the port for which DAD status is reported.",
"readonly": true,
"required": false,
"title": "IP address"
},
"status": {
"$ref": "DADStatus,
"description": "DAD status for IP address on the port.",
"readonly": true,
"required": false,
"title": "DAD Status"
}
},
"title": "IPv6 DAD status for Interface",
"type": "object"
}
InterfaceIgmpLocalGroupConfig (type)
{
"additionalProperties": false,
"description": "Interface IGMP[Internet Group Management Protocol] configuration parameters.",
"id": "InterfaceIgmpLocalGroupConfig",
"module_id": "LogicalRouterPorts",
"properties": {
"igmp_local_join_groups": {
"description": "IGMP join group manages the membership of hosts and routing devices in the multicast group. Host will join the group by conveying its information through IGMP.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "List of local IGMP groups",
"type": "array"
}
},
"title": "Interface Igmp configuration",
"type": "object"
}
InterfaceNeighborProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "InterfaceNeighborProperties",
"module_id": "Lldp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ifindex": {
"display": {
"order": 3
},
"readonly": true,
"required": true,
"title": "Interface index",
"type": "integer"
},
"mac": {
"display": {
"order": 2
},
"pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$",
"readonly": true,
"required": true,
"title": "Interface MAC address",
"type": "string"
},
"name": {
"display": {
"order": 1
},
"readonly": true,
"required": true,
"title": "Interface Name",
"type": "string"
},
"neighbors": {
"display": {
"order": 4
},
"items": {
"$ref": "NeighborProperties
},
"readonly": true,
"title": "Neighbor properties",
"type": "array",
"uniqueItems": true
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Interface neighbor properties",
"type": "object"
}
InterfaceNeighborPropertyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "InterfaceNeighborPropertyListResult",
"module_id": "Lldp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "InterfaceNeighborProperties
},
"title": "Interface neighbor property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Interface neighbor property query results",
"type": "object"
}
InterfacePimConfig (type)
{
"additionalProperties": false,
"description": "Interface PIM[Protocol Independent Multicast] configuration parameters.",
"id": "InterfacePimConfig",
"module_id": "LogicalRouterPorts",
"properties": {
"enabled": {
"default": false,
"description": "If the flag is set to true - it will enable PIM on the uplink interface. If the flag is set to false - it will disable PIM on the uplink interface.",
"required": false,
"title": "Flag to enable/disable PIM",
"type": "boolean"
},
"hello_interval": {
"default": 30,
"description": "PIM hello interval. Ranges from 1 to 180 seconds.",
"maximum": 180,
"minimum": 1,
"required": false,
"title": "PIM hello interval",
"type": "integer"
},
"hold_interval": {
"description": "PIM hold interval. Ranges from 1 to 630 seconds. hold_interval should be greater than hello_interval. If hold interval is not provided then it will be considered as 3.5 times of hello_interval.",
"maximum": 630,
"minimum": 1,
"required": false,
"title": "PIM hold interval",
"type": "integer"
}
},
"title": "Interface PIM configuration",
"type": "object"
}
InterfaceSubnet (type)
{
"additionalProperties": false,
"id": "InterfaceSubnet",
"module_id": "PolicyConnectivity",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"required": true,
"title": "IP addresses assigned to interface",
"type": "array"
},
"prefix_len": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet prefix length",
"type": "int"
}
},
"title": "Subnet specification for interface connectivity",
"type": "object"
}
IntersiteGatewayConfig (type)
{
"additionalProperties": false,
"description": "Intersite gateway configuration.",
"id": "IntersiteGatewayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"fallback_sites": {
"description": "Fallback site to be used as new primary site on current primary site failure. Disaster recovery must be initiated via API/UI. Fallback site configuration is supported only for T0 gateway. T1 gateway will follow T0 gateway's primary site during disaster recovery.",
"items": {
"type": "string"
},
"required": false,
"title": "Fallback sites",
"type": "array"
},
"intersite_transit_subnet": {
"default": "169.254.32.0/20",
"description": "IPv4 subnet for inter-site transit segment connecting service routers across sites for stretched gateway. For IPv6 link local subnet is auto configured. This is unused field in VRF, only applicable for stretched gateways and VRF will always use parent T0's intersite_transit_subnet.",
"format": "ip-cidr-block",
"required": false,
"title": "Transit subnet in CIDR format",
"type": "string"
},
"last_admin_active_epoch": {
"description": "Epoch(in seconds) is auto updated based on system current timestamp when primary locale service is updated. It is used for resolving conflict during site failover. If system clock not in sync then User can optionally override this. New value must be higher than the current value.",
"maximum": 4294967295,
"required": false,
"title": "Epoch of last time admin changing active LocaleServices",
"type": "integer"
},
"primary_site_path": {
"description": "Primary egress site for gateway. T0/T1 gateway in Active/Standby mode supports stateful services on primary site. In this mode primary site must be set if gateway is stretched to more than one site. For T0 gateway in Active/Active primary site is optional field. If set then secondary site prefers routes learned from primary over locally learned routes. This field is not applicable for T1 gateway with no services.",
"required": false,
"title": "Primary egress site for gateway.",
"type": "string"
}
},
"title": "Intersite gateway configuration",
"type": "object"
}
IntervalBackupSchedule (type)
{
"extends": {
"$ref": "BackupSchedule
},
"id": "IntervalBackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "IntervalBackupSchedule"
},
"properties": {
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
},
"seconds_between_backups": {
"default": 3600,
"maximum": 86400,
"minimum": 300,
"title": "Time interval in seconds between two consecutive automated backups",
"type": "integer"
}
},
"title": "Schedule to specify the interval time at which automated backups need to be taken",
"type": "object"
}
IntervalSampling (type)
{
"extends": {
"$ref": "SamplingArgument
},
"id": "IntervalSampling",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "IntervalSampling"
},
"properties": {
"sampling_interval": {
"maximum": 30000,
"minimum": 1,
"required": true,
"title": "Time interval in ms between two sampling actions.",
"type": "integer"
},
"sampling_type": {
"enum": [
"FirstNSampling",
"PacketNumberSampling",
"IntervalSampling"
],
"required": true,
"title": "Sampling type",
"type": "string"
}
},
"type": "object"
}
InvalidCertificateAction (type)
{
"additionalProperties": false,
"description": "If presented invalid certificates take this action.",
"enum": [
"BLOCK",
"ALLOW"
],
"help_summary": "Use of 'BLOCK' will terminate connection if the certificate is either\nexpired or untrusted.\nUse of 'ALLOW' will allow the connection to proceed.\n",
"id": "InvalidCertificateAction",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "Action for invalid certificates",
"type": "string"
}
InventoryConfig (type)
{
"additionalProperties": false,
"id": "InventoryConfig",
"module_id": "Inventory",
"properties": {
"compute_managers_soft_limit": {
"description": "Soft limit on number of compute managers, which can be added, beyond which, addition of compute managers will result in warning getting logged",
"readonly": false,
"required": true,
"title": "Soft limit on number of compute managers",
"type": "int"
}
},
"type": "object"
}
IpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressAllocation",
"module_id": "PolicyIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocated_ip": {
"$ref": "IPAddress,
"readonly": true,
"title": "Represents IP Address that is allocated from a pool in a NSX+ instance."
},
"allocation_ip": {
"$ref": "IPAddress,
"title": "Address that is allocated from pool"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sync_realization": {
"default": false,
"description": "Realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Parameters for IP allocation",
"type": "object"
}
IpAddressAllocationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpAddressAllocationListResult",
"module_id": "PolicyIpam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpAddressAllocation
},
"title": "List of IpAddressAllocations",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IP address allocations",
"type": "object"
}
IpAddressBlock (type)
{
"additionalProperties": false,
"description": "A block of IP addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can be added to IP pools and used for IP allocation.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressBlock",
"module_id": "PolicyIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"available_allocation_size": {
"deprecated": true,
"description": "This size indicates available allocation size of an IpAddressBlock. Note: This field is deprecated. Please use below GET API instead. https://<policy-mgr>/policy/api/v1/infra/ip-blocks/Finance-block/usage",
"title": "Current available size of an IpAddressBlock",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cidr": {
"description": "Represents a network address and the prefix length which will be associated with a layer-2 broadcast domain. Support IPv4 and IPv6 CIDR.",
"format": "ip-cidr-block",
"required": true,
"title": "A contiguous IP address space represented by network address and prefix length",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address_type": {
"description": "This indicates the type of IP address.",
"enum": [
"IPV4",
"IPV6"
],
"readonly": true,
"title": "Type of IP address.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sync_realization": {
"default": false,
"description": "If this property is set to true, realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"visibility": {
"description": "Represents visibility or scope of IpAddressBlock and expected consumption of IpAddressBlock with same scope. It is empty by default. Visibility cannot be updated once block is associated with other intents. If visibility is populated then sync_realization will be true.",
"enum": [
"PRIVATE",
"EXTERNAL"
],
"title": "Visibility of IpAddressBlock",
"type": "string"
}
},
"title": "IP address space represented by network address and prefix",
"type": "object"
}
IpAddressBlockGetRequestParameters (type)
{
"additionalProperties": false,
"id": "IpAddressBlockGetRequestParameters",
"module_id": "PolicyIpam",
"properties": {
"ignore_ipblock_usage": {
"default": false,
"description": "When flag is set to false, IpAddressBlock usage will be calculated and shown. When flag is set to true, IpAddressBlock usage will not be shown.",
"title": "Flag to specify whether to fetch block usage.\n",
"type": "boolean"
}
},
"title": "IpAddressBlock get request parameters",
"type": "object"
}
IpAddressBlockListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpAddressBlockListResult",
"module_id": "PolicyIpam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpAddressBlock
},
"required": true,
"title": "IpAddressBlock list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IpAddressBlocks",
"type": "object"
}
IpAddressBlockUsage (type)
{
"additionalProperties": false,
"description": "Shows used IP ranges and available IP ranges statistics of an IpAddressBlock.",
"id": "IpAddressBlockUsage",
"module_id": "PolicyIpam",
"properties": {
"available_ip_ranges": {
"description": "This represents available ip ranges of an IpAddressBlock.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Available IP ranges in an IpAddressBlock",
"type": "array"
},
"used_ip_ranges": {
"description": "This represents used ip ranges of an IpAddressBlock.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Used IP ranges in an IpAddressBlock",
"type": "array"
}
},
"title": "IP usage statistics of an IpAddressBlock.",
"type": "object"
}
IpAddressInfo (type)
{
"additionalProperties": false,
"id": "IpAddressInfo",
"module_id": "Inventory",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": true,
"title": "IP Addresses of the the virtual network interface, as discovered in the source.",
"type": "array"
},
"source": {
"enum": [
"VM_TOOLS"
],
"readonly": true,
"required": true,
"title": "Source of the ipaddress information.",
"type": "string"
}
},
"title": "Ipaddress information of the fabric node.",
"type": "object"
}
IpAddressPool (type)
{
"additionalProperties": false,
"description": "IpAddressPool is a collection of subnets. The subnets can either be derived from an IpBlock or specified by the user. User can request for IP addresses to be allocated from a pool. When an IP is requested from a pool, the IP that is returned can come from any subnet that belongs to the pool.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressPool",
"module_id": "PolicyIpam",
"policy_hierarchical_children": [
"ChildIpAddressAllocation",
"ChildIpAddressPoolSubnet"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"check_overlap_with_existing_pools": {
"default": false,
"description": "If an existing IpAddressPool is found that overlaps with the given IpAddressPool, then a validation error would be thrown while realization. It is false by default.",
"title": "Whether to perform overlap check with existing IpAddressPools while realization.",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address_type": {
"description": "Represents the type of IP addresses present inside the pool.",
"enum": [
"IPV4",
"IPV6",
"DUAL"
],
"readonly": true,
"title": "Type of IP Address.",
"type": "string"
},
"ip_release_delay": {
"description": "Delay in milliseconds, while releasing allocated IP address from IP pool (Default is 2 mins).",
"title": "IP address release delay in milliseconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_usage": {
"$ref": "PolicyPoolUsage,
"description": "Shows Pool statistics like total IPs, allocated IPs, requested IP allocations and available IPs of an IpAddressPool.",
"readonly": true,
"title": "IpAddressPool usage statistics"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sync_realization": {
"default": false,
"description": "Realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"visibility": {
"description": "Represents visibility or scope of IpAddressPool and expected consumption of IpAddressPool with same scope. Visibility cannot be updated once pool is created. It is empty by default.",
"enum": [
"PRIVATE",
"PUBLIC"
],
"title": "Visibility of IpAddressPool",
"type": "string"
}
},
"title": "A collection of IP subnets",
"type": "object"
}
IpAddressPoolBlockSubnet (type)
{
"additionalProperties": false,
"description": "This type of subnet allows user to dynamically carve a subnet out of a preconfigured IpAddressBlock. The user must specify the size of the subnet and the IpAddressBlock from which the subnet is to be derived. If the required amount of IP address space is available in the specified IpAddressBlock, the system automatically configures subnet range. IpAddressBlock available size is calculated based on the size of IpAddressPoolBlockSubnet intent object and not on realized. The user should delete failed IpAddressPoolBlockSubnet to utilize IpAddressBlock size correctly.",
"extends": {
"$ref": "IpAddressPoolSubnet
},
"id": "IpAddressPoolBlockSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "IpAddressPoolBlockSubnet"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_range": {
"description": "Allocation range is used to limit subnet range to be used for allocations of IPs from subnet. This must be less than or equal to subnet size. Instead of taking whole subnet range for allocations, user can limit the range used for allocation of IPs. This is very useful in IPv6 case where big subnets needs to be carved out from IpAddressBlock but whole subnet range will not be needed for IP allocations. Eg: subnet range is (2002:2345::0001-2002:2345::7fff:ffff): subnet_start_ip: 2002:2345::0001-2002:2345 subnet_end_ip: 2002:2345::7fff:ffff User would like to use only 128 IPs for allocations. allocation_range: 128 allocation range used (2002:2345::0001-2002:2345::7fff:007f): allocation_range_start_ip: 2002:2345::0001-2002:2345 allocation_range_end_ip: 2002:2345::7fff:007f",
"maximum": 1048576,
"minimum": 1,
"required": false,
"title": "Range used for allocation/release of IPs from subnet.",
"type": "integer"
},
"auto_assign_gateway": {
"default": true,
"description": "If this property is set to true, the first IP in the range will be reserved for gateway.",
"title": "Indicate whether default gateway is to be reserved from the range",
"type": "boolean"
},
"broadcast_address": {
"description": "Represents Broadcast address of the subnet in a NSX+ instance.",
"readonly": true,
"title": "Broadcast Address",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cidr": {
"description": "Represents network address and the prefix length in a NSX+ instance which will be associated with a layer-2 broadcast domain.",
"format": "ip-cidr-block",
"readonly": true,
"title": "A contiguous IP address space represented by network address and prefix length",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_address": {
"description": "Represents Gateway address of the subnet in a NSX+ instance.",
"readonly": true,
"title": "Gateway Address",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_block_path": {
"required": true,
"title": "The path of the IpAddressBlock from which the subnet is to be created.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpAddressPoolBlockSubnet"
],
"relationshipType": "IP_BLOCK_IP_POOL_SUBNET_RELATIONSHIP",
"rightType": [
"IpAddressBlock"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"network_address": {
"description": "Represents Network address of the subnet in a NSX+ instance.",
"readonly": true,
"title": "Network Address",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"size": {
"deprecated": true,
"description": "The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later. Please use subnet_size instead as integer type cannot hold big values needs for IPv6.",
"required": false,
"title": "Represents the size or number of IP addresses in the subnet",
"type": "integer"
},
"start_ip": {
"$ref": "IPAddress,
"description": "For internal system use Only. Represents start ip address of the subnet from IP block. Subnet ip adddress will start from this ip address.",
"required": false,
"title": "Represents start ip address of the subnet"
},
"subnet_size": {
"description": "The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later.",
"required": false,
"title": "Represents the size or number of IP addresses in the subnet",
"type": "string"
},
"sync_realization": {
"default": false,
"description": "Realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IpAddressPoolSubnet dynamically carved out of a IpAddressBlock",
"type": "object"
}
IpAddressPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpAddressPoolListResult",
"module_id": "PolicyIpam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpAddressPool
},
"required": true,
"title": "IpAddressPool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IpAddressPools",
"type": "object"
}
IpAddressPoolStaticSubnet (type)
{
"additionalProperties": false,
"description": "This type of subnet is statically configured by the user. The user provides the range details and the gateway for the subnet.",
"extends": {
"$ref": "IpAddressPoolSubnet
},
"id": "IpAddressPoolStaticSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "IpAddressPoolStaticSubnet"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ranges": {
"items": {
"$ref": "IpPoolRange
},
"required": true,
"title": "A collection of IPv4 or IPv6 IP Pool Ranges.",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cidr": {
"required": true,
"title": "Subnet representation is a network address and prefix length",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"items": {
"$ref": "IPAddress
},
"maxItems": 3,
"title": "The collection of upto 3 DNS servers for the subnet.",
"type": "array",
"uniqueItems": true
},
"dns_suffix": {
"format": "hostname",
"title": "The DNS suffix for the DNS server.",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress,
"title": "The default gateway address on a layer-3 router."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"sync_realization": {
"default": false,
"description": "Realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IpAddressPoolSubnet statically configured by a user",
"type": "object"
}
IpAddressPoolSubnet (type)
{
"abstract": true,
"additionalProperties": false,
"description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified by the user. In the first case where the subnet is carved out of a IpAddressBlock, the user must specify the ID of the block from which this subnet is to be derived. This block must be pre-created. The subnet range is auto populated by the system. In the second case, the user configures the subnet range directly. No IpAddressBlock is required.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressPoolSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"sync_realization": {
"default": false,
"description": "Realization of intent will be called synchronously",
"title": "Synchronize realization",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract class for IpSubnet in a IpAddressPool",
"type": "object"
}
IpAddressPoolSubnetDeleteRequestParameters (type)
{
"additionalProperties": false,
"id": "IpAddressPoolSubnetDeleteRequestParameters",
"module_id": "PolicyIpam",
"properties": {
"ignore_ip_allocations": {
"default": false,
"description": "When flag is set to true, IpAddressPoolSubnet will be deleted, even if IP allocations are present. When flag is set to false (default), error will be thrown if allocations are present. This flag works only when sync_realization field set to true.",
"title": "Flag to specify whether to ignore ip allocations.\n",
"type": "boolean"
}
},
"title": "IpAddressPoolSubnet delete request parameters",
"type": "object"
}
IpAddressPoolSubnetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpAddressPoolSubnetListResult",
"module_id": "PolicyIpam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpAddressPoolSubnet
},
"required": true,
"title": "IP Pool subnet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpAddressPoolSubnetType (type)
{
"additionalProperties": false,
"description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified. A subnet to be carved out of a IpAddressBlock is of type IpAddressPoolBlockSubnet A subnet statically specified by the user is of type IpAddressPoolStaticSubnet",
"enum": [
"IpAddressPoolBlockSubnet",
"IpAddressPoolStaticSubnet"
],
"id": "IpAddressPoolSubnetType",
"module_id": "PolicyIpam",
"title": "Type of IpAddressPoolSubnet",
"type": "string"
}
IpAllocationBase (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Base type of ip-allocation extended by ip pool and static binding.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpAllocationBase",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress,
"description": "Gateway ip address of the allocation.",
"required": false,
"title": "Gateway ip"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"options": {
"$ref": "DhcpOptions,
"description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base type of ip-allocation",
"type": "object"
}
IpAssignmentSpec (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"id": "IpAssignmentSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
}
},
"title": "Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints",
"type": "object"
}
IpBlock (type)
{
"additionalProperties": false,
"description": "A block of IPv4/IPv6 addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can later be added to IP pools and used for IP allocation. An IP pool is typically a collection of subnets that are often not a contiguous address space. Clients are allocated IP addresses only from IP pools. Sample Structure Diagram IpBlock_VMware 192.0.0.1/8 ======================================================================= / ___________________________________________/________ / IpBlockSubnet_Finance ( IpBlockSubnet_Eng1 IpBlockSubnet_Eng2 / ) / 192.168.0.1/16 ( 192.170.1.1/16 192.180.1.1/24 / ) IpPool_Eng / (___________________________________________/________) / / =======================================================================",
"extends": {
"$ref": "ManagedResource
},
"id": "IpBlock",
"module_id": "Ipam",
"nsx_feature": "Container",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cidr": {
"format": "ip-cidr-block",
"required": true,
"title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IpBlockListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpBlockListResult",
"module_id": "Ipam",
"nsx_feature": "Container",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpBlock
},
"required": true,
"title": "IP block list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpBlockSubnet (type)
{
"additionalProperties": false,
"description": "A set of IPv4/IPv6 addresses defined by a start address and a mask/prefix which will typically be associated with a layer-2 broadcast domain.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpBlockSubnet",
"module_id": "Ipam",
"nsx_feature": "Container",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ranges": {
"items": {
"$ref": "IpPoolRange
},
"readonly": true,
"title": "A collection of IPv4/IPv6 IP ranges used for IP allocation.",
"type": "array"
},
"block_id": {
"readonly": false,
"required": true,
"title": "Block id for which the subnet is created.",
"type": "string"
},
"cidr": {
"format": "ip-cidr-block",
"readonly": true,
"title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"size": {
"required": true,
"title": "Represents the size or number of ip addresses in the subnet",
"type": "integer"
},
"start_ip": {
"$ref": "IPAddress,
"description": "For internal system use Only. Represents start ip address of the subnet from IP block. Subnet ip adddress will start from this ip address.",
"required": false,
"title": "Represents start ip address of the subnet"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IpBlockSubnetListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "IpBlockSubnetListRequestParameters",
"module_id": "Ipam",
"nsx_feature": "Container",
"properties": {
"block_id": {
"required": false,
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpBlockSubnetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpBlockSubnetListResult",
"module_id": "Ipam",
"nsx_feature": "Container",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpBlockSubnet
},
"required": true,
"title": "IP block subnet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpDiscoverySwitchingProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseSwitchingProfile
},
"id": "IpDiscoverySwitchingProfile",
"module_id": "IpDiscoverySwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "IpDiscoverySwitchingProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_bindings_limit": {
"default": 1,
"description": "Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv4 addresses and is independent of the nd_bindings_limit used for IPv6 snooping.",
"maximum": 256,
"minimum": 1,
"title": "Number of IP addresses to be snooped via ARP snooping",
"type": "int"
},
"arp_nd_binding_timeout": {
"default": 10,
"description": "This property controls the ARP and ND cache timeout period.It is recommended that this property be greater than the ARP/ND cache timeout on the VM.",
"maximum": 120,
"minimum": 5,
"readonly": false,
"required": false,
"title": "ARP and ND cache timeout (in minutes)",
"type": "int"
},
"arp_snooping_enabled": {
"default": true,
"display": {
"order": 1
},
"readonly": false,
"required": false,
"title": "Indicates whether ARP snooping is enabled",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_snooping_enabled": {
"default": true,
"display": {
"order": 2
},
"readonly": false,
"required": false,
"title": "Indicates whether DHCP snooping is enabled",
"type": "boolean"
},
"dhcpv6_snooping_enabled": {
"default": false,
"description": "This option is the IPv6 equivalent of DHCP snooping.",
"readonly": false,
"required": false,
"title": "Indicates if stateful DHCPv6 snooping is enabled",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"duplicate_ip_detection": {
"$ref": "DuplicateIPDetection,
"description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.",
"readonly": false,
"required": false,
"title": "Controls whether duplicate IP detection should be enabled"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nd_bindings_limit": {
"default": 3,
"description": "Indicates the number of neighbor-discovery snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv6 addresses and is independent of the arp_bindings_limit used for IPv4 snooping.",
"maximum": 15,
"minimum": 2,
"title": "Number of IP addresses to be snooped via neighbor-discovery(ND) snooping",
"type": "int"
},
"nd_snooping_enabled": {
"default": false,
"description": "This option is the IPv6 equivalent of ARP snooping.",
"readonly": false,
"required": false,
"title": "Indicates if neighbor discovery snooping is enabled",
"type": "boolean"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_on_first_use_enabled": {
"default": true,
"description": "ARP snooping being inherently susceptible to ARP spoofing, uses a turst-on-fisrt-use (TOFU) paradigm where only the first IP address discovered via ARP snooping is trusted. The remaining are ignored. In order to allow for more flexibility, we allow the user to configure how many ARP snooped address bindings should be trusted for the lifetime of the logical port. This is controlled by the arp_bindings_limit property in the IP Discovery profile. We refer to this extension of TOFU as N-TOFU. However, if TOFU is disabled, then N ARP snooped IP addresses will be trusted until they are timed out, where N is configured by arp_bindings_limit.",
"readonly": false,
"required": false,
"title": "Controls whether trust-on-first-use should be enabled",
"type": "boolean"
},
"vm_tools_enabled": {
"default": true,
"description": "This option is only supported on ESX where vm-tools is installed.",
"display": {
"order": 3
},
"readonly": false,
"required": false,
"title": "Indicates whether fetching IP using vm-tools is enabled",
"type": "boolean"
},
"vm_tools_v6_enabled": {
"default": false,
"description": "This option is only supported on ESX where vm-tools is installed.",
"readonly": false,
"required": false,
"title": "Indicates whether fetching IPv6 addresses using vm-tools is enabled",
"type": "boolean"
}
},
"type": "object"
}
IpInfo (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Only support IP address or subnet. Its type can be of IPv4 or IPv6. It will be converted to subnet when netmask is specified(e.g., 192.168.1.3/24 => 192.168.1.0/24, 2008:12:12:12::2/64 => 2008:12:12:12::/64). This type is deprecated. Please use the type NetworkInfo instead.",
"id": "IpInfo",
"module_id": "LiveTrace",
"properties": {
"dst_ip": {
"$ref": "IPElement,
"description": "The destination IP can be an IP address or a subnet.",
"required": false,
"title": "The destination IP address or subnet"
},
"src_ip": {
"$ref": "IPElement,
"description": "The source IP can be an IP address or a subnet.",
"required": false,
"title": "The source IP address or subnet"
}
},
"type": "object"
}
IpMacPair (type) (Deprecated)
{
"deprecated": true,
"id": "IpMacPair",
"module_id": "TransportNode",
"properties": {
"ip": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "IP address"
},
"mac": {
"$ref": "MACAddress,
"readonly": false,
"required": false,
"title": "MAC address"
}
},
"title": "IP and MAC pair.",
"type": "object"
}
IpPool (type)
{
"additionalProperties": false,
"description": "A collection of one or more IPv4 or IPv6 subnets or ranges that are often not a contiguous address space. Clients are allocated IPs from an IP pool. Often used when a client that consumes addresses exhausts an initial subnet or range and needs to be expanded but the adjoining address space is not available as it has been allocated to a different client.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpPool",
"module_id": "Ipam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"check_overlap_with_existing_pools": {
"default": false,
"description": "If true, a validation error will be thrown if another IP pool is found to be overlapping with this pool. The flag is false by default.",
"title": "Specifies whether to perform overlap check with existing IP pools",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address_type": {
"description": "Represents the type of IP addresses present inside the IP Pool.",
"enum": [
"IPV4",
"IPV6",
"DUAL"
],
"readonly": true,
"title": "IpAddressType of IP Pool",
"type": "string"
},
"ip_release_delay": {
"description": "Delay in milliseconds, while releasing allocated IP address from IP pool (Default is 2 mins).",
"title": "IP address release delay in milliseconds",
"type": "integer"
},
"pool_usage": {
"$ref": "PoolUsage,
"readonly": true,
"title": "Pool usage statistics"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Subnets can be IPv4 or IPv6 and they should not overlap. The maximum number will not exceed 5 subnets.",
"items": {
"$ref": "IpPoolSubnet
},
"maxItems": 5,
"title": "The collection of one or more subnet objects in a pool",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IpPoolDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "IpPoolDeleteRequestParameters",
"module_id": "Ipam",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "IpPool delete request parameters",
"type": "object"
}
IpPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IpPoolListResult",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpPool
},
"required": true,
"title": "IP pool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpPoolRange (type)
{
"additionalProperties": false,
"description": "A set of IPv4 or IPv6 addresses defined by a start and end address.",
"extends": {
"$ref": "Resource
},
"id": "IpPoolRange",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"end": {
"$ref": "IPAddress,
"required": true,
"title": "The end IP Address of the IP Range."
},
"start": {
"$ref": "IPAddress,
"required": true,
"title": "The start IP Address of the IP Range."
}
},
"type": "object"
}
IpPoolSubnet (type)
{
"additionalProperties": false,
"description": "A set of IPv4 or IPv6 addresses defined by a network CIDR.",
"extends": {
"$ref": "Resource
},
"id": "IpPoolSubnet",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"allocation_ranges": {
"items": {
"$ref": "IpPoolRange
},
"required": true,
"title": "A collection of IPv4 or IPv6 IP Pool Ranges.",
"type": "array"
},
"cidr": {
"required": true,
"title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain",
"type": "string"
},
"dns_nameservers": {
"items": {
"$ref": "IPAddress
},
"maxItems": 3,
"title": "The collection of upto 3 DNS servers for the subnet.",
"type": "array",
"uniqueItems": true
},
"dns_suffix": {
"format": "hostname",
"title": "The DNS suffix for the DNS server.",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress,
"title": "The default gateway address on a layer-3 router."
}
},
"type": "object"
}
IpSecVpnPolicyTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN policy traffic statistics",
"id": "IpSecVpnPolicyTrafficStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVpnTrafficCounters,
"description": "Aggregate traffic statistics across all IPSec tunnels.",
"readonly": true,
"title": "Traffic summary"
},
"rule_path": {
"description": "Policy path referencing the IPSec VPN Rule.",
"readonly": true,
"title": "IPSec VPN Rule path",
"type": "string"
},
"tunnel_interface_path": {
"description": "Policy path referencing the IPSec VPN Tunnel Interface.",
"readonly": true,
"title": "IPSec VPN Tunnel Interface path",
"type": "string"
},
"tunnel_statistics": {
"description": "Tunnel statistics.",
"items": {
"$ref": "IpSecVpnTunnelTrafficStatistics
},
"readonly": true,
"title": "Tunnel statistics",
"type": "array"
}
},
"title": "IPSec VPN policy traffic statistics",
"type": "object"
}
IpSecVpnTunnelTrafficStatistics (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel traffic statistics.",
"id": "IpSecVpnTunnelTrafficStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"bytes_in": {
"description": "Total number of incoming bytes on inbound Security association.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes on outbound Security association.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"decryption_failures": {
"description": "Total number of packets dropped due to decryption failures.",
"readonly": true,
"title": "Decryption failures",
"type": "integer"
},
"dropped_packets_in": {
"description": "Total number of incoming packets dropped on inbound security association.",
"readonly": true,
"title": "Dropped incoming packets",
"type": "integer"
},
"dropped_packets_out": {
"description": "Total number of outgoing packets dropped on outbound security association.",
"readonly": true,
"title": "Dropped outgoing packets",
"type": "integer"
},
"encryption_failures": {
"description": "Total number of packets dropped because of failure in encryption.",
"readonly": true,
"title": "Encryption failures",
"type": "integer"
},
"integrity_failures": {
"description": "Total number of packets dropped due to integrity failures.",
"readonly": true,
"title": "Integrity failures",
"type": "integer"
},
"local_subnet": {
"description": "Tunnel local subnet in IPv4 CIDR Block format.",
"readonly": true,
"title": "Local subnet",
"type": "string"
},
"nomatching_policy_errors": {
"description": "Number of packets dropped because of no matching policy is available.",
"readonly": true,
"title": "Nomatching Policy errors",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets on inbound Security association.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets on outbound Security association.",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_received_other_error": {
"description": "Total number of incoming packets dropped on inbound Security association.",
"readonly": true,
"title": "Packets received other error",
"type": "integer"
},
"packets_sent_other_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent other error",
"type": "integer"
},
"peer_subnet": {
"description": "Tunnel peer subnet in IPv4 CIDR Block format.",
"readonly": true,
"title": "Peer subnet",
"type": "string"
},
"policy_id": {
"description": "Policy UUID of IPSec Tunnel.",
"readonly": true,
"title": "Policy Identifier",
"type": "string"
},
"replay_errors": {
"description": "Total number of packets dropped due to replay check on that Security association.",
"readonly": true,
"title": "Replay errors",
"type": "integer"
},
"sa_mismatch_errors_in": {
"description": "Totoal number of security association mismatch errors on incoming packets.",
"readonly": true,
"title": "Security association mismatch errors on incoming packets.",
"type": "integer"
},
"sa_mismatch_errors_out": {
"description": "Totoal number of security association mismatch errors on outgoing packets.",
"readonly": true,
"title": "Security association mismatch errors on outgoing packets",
"type": "integer"
},
"seq_number_overflow_error": {
"description": "Total number of packets dropped while sending due to overflow in sequence number.",
"readonly": true,
"title": "Sequence number overflow error",
"type": "integer"
},
"tunnel_down_reason": {
"description": "Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.",
"readonly": true,
"title": "Tunnel down reason",
"type": "string"
},
"tunnel_status": {
"description": "Specifies the status of tunnel, if it is UP/DOWN.",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "Tunnel Status",
"type": "string"
}
},
"title": "IPSec VPN tunnel traffic statistics",
"type": "object"
}
IpfixCollector (type)
{
"id": "IpfixCollector",
"module_id": "Ipfix",
"properties": {
"collector_ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "IP address for the IPFIX collector"
},
"collector_port": {
"default": 4739,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port for the IPFIX collector",
"type": "int"
}
},
"type": "object"
}
IpfixCollectorConfig (type)
{
"description": "This managed entity contains a set of IPFIX collectors.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpfixCollectorConfig",
"module_id": "Ipfix",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"collectors": {
"items": {
"$ref": "IpfixCollector
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "IPFIX Collectors",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
IpfixCollectorConfigListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "IpfixCollectorConfigListResult",
"module_id": "Ipfix",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpfixCollectorConfig
},
"readonly": true,
"required": false,
"title": "IPFIX Collector Config",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IPFIX Collector Configs",
"type": "object"
}
IpfixCollectorUpmProfile (type)
{
"description": "The configuration for Internet protocol flow information export (IPFIX) collector. It should be referenced in other IPFIX profile as a collecor config. The IPFIX exporter will send records to these collectors.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpfixCollectorUpmProfile",
"module_id": "UpmIpfixCollector",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"collectors": {
"items": {
"$ref": "IpfixCollector
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "IPFIX Collector Set",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "IpfixCollectorUpmProfileType,
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPFIX Collector Profile",
"type": "object"
}
IpfixCollectorUpmProfileListParameters (type)
{
"description": "Query parameters for IPFIX collector profile list",
"extends": {
"$ref": "ListRequestParameters
},
"id": "IpfixCollectorUpmProfileListParameters",
"module_id": "UpmIpfixCollector",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"profile_types": {
"description": "An English comma-separated list of profile types. Enumerated value in IpfixCollectorUpmProfileType can be listed here as a filter param.",
"required": false,
"title": "IPFIX Collector Profile Type List",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX Collector Profile List Parameters",
"type": "object"
}
IpfixCollectorUpmProfileListResult (type)
{
"description": "IPFIX collector profile list result for query with profile list parameters",
"extends": {
"$ref": "ListResult
},
"id": "IpfixCollectorUpmProfileListResult",
"module_id": "UpmIpfixCollector",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpfixCollectorUpmProfile
},
"readonly": true,
"required": false,
"title": "IPFIX Collector Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IPFIX Collector Profiles",
"type": "object"
}
IpfixCollectorUpmProfileType (type)
{
"description": "All IPFIX collector profile types.",
"enum": [
"IpfixCollectorUpmProfile"
],
"id": "IpfixCollectorUpmProfileType",
"module_id": "UpmIpfixCollector",
"title": "IPFIX Collector Profile Types",
"type": "string"
}
IpfixConfig (type)
{
"abstract": true,
"extends": {
"$ref": "ManagedResource
},
"id": "IpfixConfig",
"module_id": "Ipfix",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the IPFIX Config will be enabled.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "IpfixConfigType,
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "IPFIX Config base representation",
"type": "object"
}
IpfixConfigListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "IpfixConfigListParameters",
"module_id": "Ipfix",
"properties": {
"applied_to": {
"description": "An applied to UUID working as listing condition",
"required": false,
"title": "Applied To",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ipfix_config_type": {
"$ref": "IpfixConfigType,
"required": false,
"title": "Type of IPFIX Config"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX Config List Parameters",
"type": "object"
}
IpfixConfigListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "IpfixConfigListResult",
"module_id": "Ipfix",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpfixConfig
},
"readonly": true,
"required": false,
"title": "IPFIX Config",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IPFIX Config",
"type": "object"
}
IpfixConfigType (type)
{
"enum": [
"IpfixDfwConfig"
],
"id": "IpfixConfigType",
"module_id": "Ipfix",
"title": "Supported IPFIX Config Types.",
"type": "string"
}
IpfixDfwConfig (type)
{
"description": "It defines IPFIX DFW Configuration.",
"extends": {
"$ref": "IpfixConfig
},
"id": "IpfixDfwConfig",
"module_id": "Ipfix",
"polymorphic-type-descriptor": {
"type-identifier": "IpfixDfwConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_flow_export_timeout": {
"default": 1,
"description": "For long standing active flows, IPFIX records will be sent per timeout period",
"maximum": 60,
"minimum": 1,
"required": false,
"title": "Active flow export timeout (minutes)",
"type": "integer"
},
"applied_tos": {
"description": "List of objects where the IPFIX Config will be enabled.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"collector": {
"description": "Each IPFIX DFW config can have its own collector config.",
"required": true,
"title": "UUID of IPFIX DFW Collector Config",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"observation_domain_id": {
"description": "An identifier that is unique to the exporting process and used to meter the Flows.",
"maximum": 4294967295,
"minimum": 0,
"required": true,
"title": "Observation domain ID",
"type": "integer"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Logical Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 65536,
"minimum": 0,
"required": true,
"title": "Config Priority",
"type": "integer"
},
"resource_type": {
"$ref": "IpfixConfigType,
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"template_parameters": {
"$ref": "IpfixDfwTemplateParameters,
"description": "An object that indicates whether each corresponding template parameter is required or not.",
"required": false,
"title": "Template Parameters"
}
},
"title": "IPFIX Config for the DFW Module",
"type": "object"
}
IpfixDfwTemplateParameters (type)
{
"description": "This entity represents the flow parameters which are exported.",
"id": "IpfixDfwTemplateParameters",
"module_id": "Ipfix",
"properties": {
"destination_address": {
"default": true,
"description": "The destination IP address of a monitored network flow.",
"readonly": true,
"type": "boolean"
},
"destination_transport_port": {
"default": true,
"description": "The destination transport port of a monitored network flow.",
"readonly": true,
"type": "boolean"
},
"firewall_event": {
"default": true,
"description": "Five valid values are allowed: 1. Flow Created. 2. Flow Deleted. 3. Flow Denied. 4. Flow Alert (not used in DropKick implementation). 5. Flow Update.",
"readonly": true,
"type": "boolean"
},
"flow_direction": {
"default": true,
"description": "Two valid values are allowed: 1. 0x00: igress flow to VM. 2. 0x01: egress flow from VM.",
"readonly": true,
"type": "boolean"
},
"flow_end": {
"default": true,
"description": "The absolute timestamp (seconds) of the last packet of this flow.",
"readonly": true,
"type": "boolean"
},
"flow_start": {
"default": true,
"description": "The absolute timestamp (seconds) of the first packet of this flow.",
"readonly": true,
"type": "boolean"
},
"icmp_code": {
"default": true,
"description": "Code of the IPv4 ICMP message.",
"readonly": true,
"type": "boolean"
},
"octet_delta_count": {
"default": true,
"description": "The number of octets since the previous report (if any) in incoming packets for this flow at the observation point. The number of octets include IP header(s) and payload.",
"readonly": true,
"type": "boolean"
},
"packet_delta_count": {
"default": true,
"description": "The number of incoming packets since the previous report (if any) for this flow at the observation point.",
"readonly": true,
"type": "boolean"
},
"protocol_identifier": {
"default": true,
"description": "The value of the protocol number in the IP packet header.",
"readonly": true,
"type": "boolean"
},
"rule_id": {
"default": true,
"description": "Firewall rule Id - enterprise specific Information Element that uniquely identifies firewall rule.",
"readonly": true,
"type": "boolean"
},
"source_address": {
"default": true,
"description": "The source IP address of a monitored network flow.",
"readonly": true,
"type": "boolean"
},
"source_icmp_type": {
"default": true,
"description": "Type of the IPv4 ICMP message.",
"readonly": true,
"type": "boolean"
},
"source_transport_port": {
"default": true,
"description": "The source transport port of a monitored network flow.",
"readonly": true,
"type": "boolean"
},
"vif_uuid": {
"default": true,
"description": "VIF UUID - enterprise specific Information Element that uniquely identifies VIF.",
"readonly": true,
"type": "boolean"
}
},
"title": "IPFIX DFW Template Parameters",
"type": "object"
}
IpfixServiceAssociationListResult (type)
{
"extends": {
"$ref": "ServiceAssociationListResult
},
"id": "IpfixServiceAssociationListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Ipfix config list result with pagination support.",
"items": {
"$ref": "IpfixConfig
},
"readonly": true,
"required": true,
"title": "IpfixConfig list result",
"type": "array"
},
"service_type": {
"enum": [
"FireWallServiceAssociationListResult",
"IpfixServiceAssociationListResult"
],
"required": true,
"type": "string"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IpfixSwitchUpmProfile (type)
{
"description": "The configuration for Internet protocol flow information export (IPFIX) and would be enabled on the switching module to collect flow information.",
"extends": {
"$ref": "IpfixUpmProfile
},
"id": "IpfixSwitchUpmProfile",
"module_id": "UpmIpfix",
"polymorphic-type-descriptor": {
"type-identifier": "IpfixSwitchUpmProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired even if more packets matching this Flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"required": false,
"title": "Active Timeout",
"type": "int"
},
"applied_tos": {
"$ref": "AppliedTos,
"description": "Entities where the IPFIX profile will be enabled on. Maximum entity count of all types is 128.",
"required": false,
"title": "Entitys Applied with Profile"
},
"collector_profile": {
"description": "Each IPFIX switching profile can have its own collector profile.",
"required": true,
"title": "UUID of IPFIX Collector Profile",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"export_overlay_flow": {
"default": true,
"description": "It controls whether sample result includes overlay flow info.",
"required": false,
"title": "Export Overlay Flow",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"required": false,
"title": "Idle Timeout",
"type": "int"
},
"max_flows": {
"default": 16384,
"description": "The maximum number of flow entries in each exporter flow cache.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Max Flows",
"type": "integer"
},
"observation_domain_id": {
"description": "An identifier that is unique to the exporting process and used to meter the Flows.",
"maximum": 4294967295,
"minimum": 0,
"required": true,
"title": "Observation Domain ID",
"type": "integer"
},
"packet_sample_probability": {
"default": 0.1,
"description": "The probability in percentage that a packet is sampled. The value should be in range (0,100] and can only have three decimal places at most. The probability is equal for every packet.",
"exclusiveMinimum": true,
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Packet Sample Probability",
"type": "number"
},
"priority": {
"description": "This priority field is used to resolve conflicts in logical ports/switch which inherit multiple switch IPFIX profiles from NSGroups. Override rule is : for multiple profiles inherited from NSGroups, the one with highest priority (lowest number) overrides others; the profile directly applied to logical switch overrides profiles inherited from NSGroup; the profile directly applied to logical port overides profiles inherited from logical switch and/or nsgroup; The IPFIX exporter will send records to collectors of final effective profile only.",
"maximum": 65536,
"minimum": 0,
"required": true,
"title": "Profile Priority",
"type": "int"
},
"resource_type": {
"$ref": "IpfixUpmProfileType,
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Switching IPFIX Profile",
"type": "object"
}
IpfixUpmProfile (type)
{
"abstract": true,
"description": "Parent profile of all IPFIX profiles.",
"extends": {
"$ref": "ManagedResource
},
"id": "IpfixUpmProfile",
"module_id": "UpmIpfix",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "IpfixUpmProfileType,
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base IPFIX Profile",
"type": "object"
}
IpfixUpmProfileListParameters (type)
{
"description": "Query parameters for IPFIX profile list",
"extends": {
"$ref": "ListRequestParameters
},
"id": "IpfixUpmProfileListParameters",
"module_id": "UpmIpfix",
"properties": {
"applied_to_entity_id": {
"description": "The entity ID works as a filter param. Entity ID and entity type should be both provided or not at a query.",
"readonly": false,
"required": false,
"title": "ID of Entity Applied with Profile",
"type": "string"
},
"applied_to_entity_type": {
"$ref": "UpmEntityType,
"description": "The entity type works as a filter param. Enumerated value in UpmEntityType could be used here. Entity ID and entity type should be both provided or not at a query.",
"readonly": false,
"required": false,
"title": "Type of Entity Applied with Profile"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"profile_types": {
"description": "An English comma-separated list of profile types. Enumerated value in IpfixUpmProfileType could be listed here as a filter param.",
"required": false,
"title": "IPFIX Profile Type List",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX Profile List Parameters",
"type": "object"
}
IpfixUpmProfileListResult (type)
{
"description": "IPFIX profile list result for query with list parameters",
"extends": {
"$ref": "ListResult
},
"id": "IpfixUpmProfileListResult",
"module_id": "UpmIpfix",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IpfixUpmProfile
},
"readonly": true,
"required": false,
"title": "IPFIX Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IPFIX Profiles",
"type": "object"
}
IpfixUpmProfileType (type)
{
"description": "All IPFIX profile types.",
"enum": [
"IpfixSwitchUpmProfile"
],
"id": "IpfixUpmProfileType",
"module_id": "UpmIpfix",
"title": "IPFIX Profile Types",
"type": "string"
}
Ipv4Header (type)
{
"additionalProperties": false,
"id": "Ipv4Header",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv4Address,
"required": false,
"title": "The destination ip address."
},
"flags": {
"default": 0,
"maximum": 8,
"minimum": 0,
"required": false,
"title": "IP flags",
"type": "integer"
},
"protocol": {
"default": 1,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "IP protocol - defaults to ICMP",
"type": "integer"
},
"src_ip": {
"$ref": "IPv4Address,
"required": false,
"title": "The source ip address."
},
"src_subnet_prefix_len": {
"description": "This is used together with src_ip to calculate dst_ip for broadcast when dst_ip is not given; not used in all other cases.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "source subnet prefix length.",
"type": "integer"
},
"ttl": {
"default": 64,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Time to live (ttl)",
"type": "integer"
}
},
"type": "object"
}
Ipv6AssignmentSpec (type)
{
"abstract": true,
"id": "Ipv6AssignmentSpec",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "Abstract base type for specification of IPv6 IPs to be used with host switch virtual tunnel endpoints",
"type": "object"
}
Ipv6DadProfile (type)
{
"additionalProperties": false,
"description": "Duplicate address detection profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Ipv6DadProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"dad_mode": {
"$ref": "DADMode,
"default": "LOOSE",
"required": false,
"title": "DAD Mode"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ns_retries": {
"default": 3,
"description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.",
"maximum": 10,
"minimum": 0,
"required": false,
"title": "NS retries count",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"wait_time": {
"default": 1,
"description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.",
"maximum": 60,
"minimum": 0,
"required": false,
"title": "Wait time",
"type": "integer"
}
},
"type": "object"
}
Ipv6DadProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Ipv6DadProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Ipv6DadProfile
},
"required": true,
"title": "Paginated list of Ipv6DadProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
Ipv6Header (type)
{
"id": "Ipv6Header",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv6Address,
"required": false,
"title": "The destination ip address."
},
"hop_limit": {
"default": 64,
"description": "Decremented by 1 by each node that forwards the packets. The packet is discarded if Hop Limit is decremented to zero.",
"maximum": 255,
"minimum": 0,
"required": false,
"title": "hop limit",
"type": "integer"
},
"next_header": {
"default": 58,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Identifies the type of header immediately following the IPv6 header.",
"type": "integer"
},
"src_ip": {
"$ref": "IPv6Address,
"required": false,
"title": "The source ip address."
}
},
"type": "object"
}
Ipv6MacPair (type)
{
"id": "Ipv6MacPair",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"properties": {
"ipv6": {
"$ref": "IPv6Address,
"readonly": false,
"required": true,
"title": "IP address"
},
"mac": {
"$ref": "MACAddress,
"readonly": false,
"required": false,
"title": "MAC address"
}
},
"title": "IPv6 and MAC pair.",
"type": "object"
}
Ipv6NdraProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Ipv6NdraProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_config": {
"$ref": "RaDNSConfig,
"required": false,
"title": "DNS Configurations"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ndra_advertised_route": {
"description": "Route advertised in NDRAProfile.",
"items": {
"$ref": "NDRAAdvertisedRoute
},
"required": false,
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"ra_config": {
"$ref": "RAConfig,
"required": true,
"title": "RA Configuration"
},
"ra_mode": {
"$ref": "RAMode,
"default": "SLAAC_DNS_THROUGH_RA",
"required": true,
"title": "RA Mode"
},
"reachable_timer": {
"default": 0,
"description": "Neighbour reachable time duration in milliseconds. A value of 0 means unspecified.",
"maximum": 3600000,
"minimum": 0,
"required": false,
"title": "Reachable timer",
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retransmit_interval": {
"default": 1000,
"description": "The time, in milliseconds, between retransmitted neighbour solicitation messages.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Retransmission interval",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
Ipv6NdraProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Ipv6NdraProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Ipv6NdraProfile
},
"required": true,
"title": "Paginated list of Ipv6NdraProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IssuerSerialNumber (type)
{
"additionalProperties": false,
"id": "IssuerSerialNumber",
"module_id": "CertificateManager",
"properties": {
"issuer": {
"description": "Issuer Distinguished Name of the revoked certificates.",
"title": "Issuer Distinguished Name (DN)",
"type": "string"
},
"serial_numbers": {
"description": "List of Certificate Serial Numbers issued by the specified issuers.",
"items": {
"type": "string"
},
"title": "Certificate Serial Numbers",
"type": "array"
}
},
"type": "object"
}
JoinClusterParameters (type)
{
"additionalProperties": false,
"description": "To join a new node to the NSX cluster, issue a JoinCluster API on the new node. The JoinCluster API takes this object as a parameter. Provide the ID of the NSX cluster you want the new node to join and the IP address of one of the nodes already in that cluster. The Cluster Boot Manager running on the new node will then add the new node to the NSX cluster by making a AttachClusterNode REST API call on the node that is already part of the cluster. In order to make a REST API call to the node in the cluster, the Cluster Boot Manager will need username and password of a priviledged user on the node in the cluster. In place of a username and password, Cluster Boot Manager could also use a OAuth token provided. The Cluster Boot Manager needs either the username and password or the OAuth token to make the REST call but not both.",
"id": "JoinClusterParameters",
"module_id": "ClusterBootManager",
"properties": {
"certficate_sha256_thumbprint": {
"deprecated": true,
"description": "SHA256 Thumbprint of the API certificate of the cluster node.",
"required": false,
"title": "SHA256 Thumbprint of the API certificate",
"type": "string"
},
"certificate_sha256_thumbprint": {
"description": "SHA256 Thumbprint of the API certificate of the cluster node.",
"required": false,
"title": "SHA256 Thumbprint of the API certificate",
"type": "string"
},
"cluster_id": {
"description": "UUID of the cluster to join.",
"required": true,
"title": "UUID of the cluster to join",
"type": "string"
},
"ip_address": {
"description": "IP address of a node already part of the cluster to join.",
"required": true,
"title": "IP address of a node",
"type": "string"
},
"password": {
"description": "Password of the user on the cluster node.",
"required": false,
"sensitive": true,
"title": "Password of the user",
"type": "secure_string"
},
"port": {
"default": 443,
"description": "API port on the cluster node.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "API port on the cluster node",
"type": "integer"
},
"token": {
"description": "Limited time OAuth token instead of the username/password.",
"required": false,
"sensitive": true,
"title": "Limited time OAuth token",
"type": "secure_string"
},
"username": {
"description": "Username on the cluster node.",
"required": false,
"title": "Username on the cluster node",
"type": "string"
}
},
"title": "Parameters needed for this node to join the NSX cluster",
"type": "object"
}
KeySize (type)
{
"id": "KeySize",
"module_id": "CertificateManager",
"title": "Crypto key size",
"type": "integer"
}
KeyStoreInfo (type)
{
"additionalProperties": false,
"description": "Key Store information about the url alias or datasource.",
"id": "KeyStoreInfo",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"keystore": {
"description": "A location of the keystor file which stores private key and identity certificates that will be presented to both parties (server or client) for verification.",
"title": "A location of the keystore file",
"type": "string"
},
"keystore_alias": {
"description": "Its an alias specified when an entity is added to the keystore.",
"title": "An alias is used to uniquely identifies the entry in keystore",
"type": "string"
},
"keystore_phrase": {
"description": "A location of the key store pass phrase file.",
"title": "A location of the key store pass phrase file.",
"type": "string"
},
"truststore": {
"description": "A location of the trust store file which stores the certificate from CA that verify the certificate presented by the server in SSL connection.",
"title": "A location of the trust store file.",
"type": "string"
}
},
"title": "KeyStoreInfo",
"type": "object"
}
KeyValue (type)
{
"additionalProperties": false,
"id": "KeyValue",
"module_id": "CertificateManager",
"properties": {
"key": {
"description": "Key name.",
"readonly": false,
"required": true,
"type": "string"
},
"value": {
"description": "Key value.",
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
KeyValuePair (type)
{
"additionalProperties": false,
"id": "KeyValuePair",
"module_id": "Common",
"properties": {
"key": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "An arbitrary key-value pair",
"type": "object"
}
KnownHostParameter (type)
{
"additionalProperties": false,
"id": "KnownHostParameter",
"properties": {
"host": {
"$ref": "HostnameOrIPv46Address,
"required": true,
"title": "Known host hostname or IPv4/v6 address"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Known host port",
"type": "integer"
}
},
"type": "object"
}
KubeconfigInfo (type)
{
"additionalProperties": false,
"description": "Infromation about kubeconfig file.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "KubeconfigInfo",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bundle_id": {
"description": "Bundle id of uploaded file.",
"title": "Bundle id",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster": {
"description": "Kubernetes cluster to be used for deployment.",
"title": "Kubernetes cluster",
"type": "string"
},
"connection_status": {
"default": false,
"description": "Show whether connection to Kubernetes cluster is available or not.",
"title": "Kubernetes connection status",
"type": "boolean"
},
"current_context": {
"description": "Kubernetes cluster current context to be used for NSX Application Platform deployment.",
"title": "Kubernetes cluster current context",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expiry": {
"$ref": "EpochMsTimestamp,
"description": "Date and time when Kubernetes cluster user token is going to expire.",
"title": "Expiry of Kubernetes cluster user token"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"name": {
"description": "Kubernetes cluster kubeconfig file name",
"title": "Kubeconfig file name",
"type": "string"
},
"namespace": {
"description": "Kubernetes cluster namespace to be used for NSX Application Platform deployment.",
"title": "Kubernetes cluster namespace",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server": {
"description": "Kubernetes api server url.",
"title": "Server url",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"user": {
"description": "User name to access Kubernetes cluster.",
"title": "User name",
"type": "string"
}
},
"title": "Infromation about kubeconfig file",
"type": "object"
}
KubernetesToolsInfo (type)
{
"additionalProperties": false,
"description": "Information about Kubernetes tools like kubectl client and server versions.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "KubernetesToolsInfo",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"client_version": {
"description": "kubectl client version.",
"title": "Client version",
"type": "string"
},
"compatible": {
"default": true,
"description": "Show compatibility flag, whether kubectl client version is compatible with Kubernetes api server version. kubectl is supported within one minor version (older or newer) of kube-apiserver.",
"title": "Kubectl compatibility",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_version": {
"description": "Kubernetes api server version.",
"title": "Server version",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Information about Kubernetes tools",
"type": "object"
}
L2AutoRD (type)
{
"id": "L2AutoRD",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"l2_auto_rd": {
"title": "Layer 2 auto assigned route distinghusher",
"type": "string"
},
"l2_vni": {
"title": "Layer 2 Virtual Network Interface",
"type": "string"
}
},
"title": "Layer 2 Auto assigned Route Distinguisher",
"type": "object"
}
L2BridgeEndpointProfile (type)
{
"additionalProperties": false,
"description": "Used to configure L2 Bridge endpoint profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2BridgeEndpointProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_paths": {
"description": "List of policy paths to edge nodes. Edge allocation for L2 bridging.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 1,
"title": "List of path of Edge nodes",
"type": "array"
},
"failover_mode": {
"default": "PREEMPTIVE",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"title": "Failover mode for the edge bridge cluster",
"type": "string"
},
"ha_mode": {
"default": "ACTIVE_STANDBY",
"description": "High avaialability mode can be active-active or active-standby. High availability mode cannot be modified after realization.",
"enum": [
"ACTIVE_STANDBY"
],
"title": "High availability mode for the edge bridge cluster",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Layer 2 Bridge Endpoint Profile",
"type": "object"
}
L2BridgeEndpointProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "L2BridgeEndpointProfileListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Layer 2 bridge endpoint list request parameters",
"type": "object"
}
L2BridgeEndpointProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "L2BridgeEndpointProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L2BridgeEndpointProfile
},
"required": true,
"title": "L2BridgeEndpointProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of L2BridgeEndpointProfile",
"type": "object"
}
L2Extension (type)
{
"additionalProperties": false,
"id": "L2Extension",
"module_id": "PolicyConnectivity",
"properties": {
"l2vpn_path": {
"deprecated": true,
"description": "This property has been deprecated. Please use the property l2vpn_paths for setting the paths of associated L2 VPN session. This property will continue to work as expected to provide backwards compatibility. However, when both l2vpn_path and l2vpn_paths properties are specified, only l2vpn_paths is used.",
"required": false,
"title": "Policy path of associated L2 VPN session",
"type": "string"
},
"l2vpn_paths": {
"description": "Policy paths corresponding to the associated L2 VPN sessions",
"items": {
"type": "string"
},
"required": false,
"title": "Policy paths of associated L2 VPN sessions",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_L2VPN_SESSION_RELATIONSHIP",
"rightType": [
"L2VPNSession"
]
}
]
},
"local_egress": {
"$ref": "LocalEgress,
"description": "Local Egress.",
"title": "Local Egress"
},
"tunnel_id": {
"maximum": 4093,
"minimum": 1,
"required": false,
"title": "Tunnel ID",
"type": "int"
}
},
"title": "Segment specific L2 VPN configuration",
"type": "object"
}
L2ForwarderRemoteMacs (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderRemoteMacs",
"module_id": "AggSvcL2Forwarder",
"properties": {
"inter_site_forwarder_status": {
"description": "Inter-site forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode
},
"readonly": true,
"title": "Inter-site forwarder status per node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the l2 forwarder remote mac addresses was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"logical_switch_id": {
"description": "Logical switch id on which the L2 forwarder is created.",
"readonly": true,
"required": true,
"title": "Logical switch id of L2 forwarder",
"type": "string"
},
"remote_macs_per_site": {
"description": "L2 forwarder remote mac addresses per site for logical switch.",
"items": {
"$ref": "L2ForwarderRemoteMacsPerSite
},
"readonly": true,
"title": "L2 forwarder remote mac addresses per site",
"type": "array"
}
},
"type": "object"
}
L2ForwarderRemoteMacsPerSite (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderRemoteMacsPerSite",
"module_id": "AggSvcL2Forwarder",
"properties": {
"remote_active_ips": {
"description": "Remote active IP addresses.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote active IPs",
"type": "array"
},
"remote_mac_addresses": {
"description": "Remote mac addresses.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Remote mac addresses",
"type": "array"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"required": true,
"title": "Remote site"
},
"remote_standby_ips": {
"description": "Remote standby IP addresses.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote standby IPs",
"type": "array"
},
"rtep_group_id": {
"description": "32 bit unique RTEP group id of the logical switch per site.",
"readonly": true,
"required": true,
"title": "RTEP group id of logical switch per site",
"type": "integer"
}
},
"type": "object"
}
L2ForwarderStatistics (type)
{
"additionalProperties": false,
"id": "L2ForwarderStatistics",
"module_id": "AggSvcL2Forwarder",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the l2 forwarder statistics was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"logical_switch_id": {
"description": "Logical switch id on which the L2 forwarder is created.",
"readonly": true,
"required": true,
"title": "Logical switch id of L2 forwarder",
"type": "string"
},
"rx": {
"$ref": "InterSitePortCounters,
"description": "Total received data counters.",
"readonly": true,
"title": "Received data counters"
},
"tx": {
"$ref": "InterSitePortCounters,
"description": "Total sent data counters.",
"readonly": true,
"title": "Sent data counters"
}
},
"type": "object"
}
L2ForwarderStatus (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderStatus",
"module_id": "AggSvcL2Forwarder",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the service router status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"logical_switch_id": {
"description": "Logical switch id on which the L2 forwarder is created.",
"readonly": true,
"required": true,
"title": "Logical switch id of L2 forwarder",
"type": "string"
},
"status_per_node": {
"description": "L2 forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode
},
"readonly": true,
"title": "L2 forwarder status per node",
"type": "array"
}
},
"type": "object"
}
L2ForwarderStatusPerNode (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderStatusPerNode",
"module_id": "AggSvcL2Forwarder",
"properties": {
"high_availability_status": {
"description": "High Availability status of a service router on the edge node.",
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Service router's HA status",
"type": "string"
},
"transport_node": {
"$ref": "ResourceReference,
"description": "Edge node details from where the router status is being retrieved.",
"readonly": true,
"required": true,
"title": "Transport node"
}
},
"type": "object"
}
L2L3RuntimeRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L2L3RuntimeRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"bgp_neighbor_type": {
"description": "Bgp neighbor type that can be used as filter for T0 bgp neighbor status filter.",
"enum": [
"INTER_SR",
"USER"
],
"required": false,
"title": "Bgp neighbor type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"description": "The data source can be either realtime or cached. If not provided, cached data is returned.",
"experimental": true,
"required": false,
"title": "Source of statistics data"
},
"stats_type": {
"description": "This indicates the type of statistics being requested. We support statistics from the data plane.",
"enum": [
"DATAPATH_STATS"
],
"experimental": true,
"required": false,
"title": "Segment statistics type",
"type": "string"
},
"transport_node_id": {
"description": "Identifer of the transport node. This is a UUID.",
"experimental": true,
"required": false,
"title": "Transport Node Id",
"type": "string"
}
},
"title": "L2 L3 connectivity runtime status request parameters",
"type": "object"
}
L2TcpMaxSegmentSizeClamping (type)
{
"additionalProperties": false,
"description": "TCP MSS Clamping Direction and Value.",
"id": "L2TcpMaxSegmentSizeClamping",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"direction": {
"default": "BOTH",
"description": "Specifies the traffic direction for which to apply MSS Clamping.",
"enum": [
"NONE",
"BOTH"
],
"required": false,
"title": "Maximum Segment Size Clamping Direction",
"type": "string"
},
"max_segment_size": {
"description": "MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8852.",
"maximum": 8860,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size Value",
"type": "integer"
}
},
"title": "TCP MSS Clamping",
"type": "object"
}
L2VPNPerLSTrafficStatistics (type)
{
"additionalProperties": false,
"description": "Traffic statistics for a logical switch.",
"id": "L2VPNPerLSTrafficStatistics",
"module_id": "L2VPNStatistics",
"properties": {
"bum_bytes_in": {
"description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) bytes in",
"type": "integer"
},
"bum_bytes_out": {
"description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) bytes out",
"type": "integer"
},
"bum_packets_in": {
"description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) packets in",
"type": "integer"
},
"bum_packets_out": {
"description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) packets out",
"type": "integer"
},
"bytes_in": {
"description": "Total number of incoming bytes.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"logical_switch": {
"$ref": "ResourceReference,
"description": "Logical switch",
"readonly": true,
"title": "Logical switch"
},
"packets_in": {
"description": "Total number of incoming packets.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets.",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_error": {
"description": "Total number of incoming packets dropped.",
"readonly": true,
"title": "Packets recieved error",
"type": "integer"
},
"packets_sent_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent error",
"type": "integer"
}
},
"title": "Traffic statistics per logical switch",
"type": "object"
}
L2VPNService (type)
{
"additionalProperties": false,
"description": "L2VPN Service defines if service running as server or client. It also defines all the common properties for the multiple L2VPN Sessions associated with this service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VPNService",
"module_id": "PolicyVpnLayer2VPN",
"policy_hierarchical_children": [
"ChildL2VPNSession"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_hub": {
"default": false,
"description": "This property applies only in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint.",
"required": false,
"title": "Enable spoke to spoke (client) forwarding via hub (server)",
"type": "boolean"
},
"encap_ip_pool": {
"description": "IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical tap.",
"items": {
"$ref": "IPv4CIDRBlock
},
"required": false,
"title": "IP Pool for Logical Taps",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mode": {
"default": "SERVER",
"description": "Specify an L2VPN service mode as SERVER or CLIENT.",
"enum": [
"SERVER",
"CLIENT"
],
"title": "L2VPN Service Mode",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2VPN Service",
"type": "object"
}
L2VPNServiceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L2VPNServiceListRequestParameters",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "L2VPNService list request parameters",
"type": "object"
}
L2VPNServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "L2VPNServiceListResult",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L2VPNService
},
"required": true,
"title": "L2VPNService list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of L2VPNServices",
"type": "object"
}
L2VPNSession (type)
{
"additionalProperties": false,
"description": "Defines the tunnel local and peer addresses along with multiple tansport tunnels for redundancy. L2VPNSession belongs to only one L2VPNService.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VPNSession",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated segments.",
"required": false,
"title": "Enable L2VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "L2TcpMaxSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value. This feature is supported for L2VPN Sessions that are Server mode only.",
"title": "TCP MSS Clamping"
},
"transport_tunnels": {
"description": "List of transport tunnels for redundancy.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of transport tunnels",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"L2VPNSession"
],
"relationshipType": "L2VPN_SESSION_TRANSPORT_TUNNEL_RELATIONSHIP",
"rightType": [
"IPSecVpnSession"
]
}
]
},
"tunnel_encapsulation": {
"$ref": "L2VPNTunnelEncapsulation,
"description": "Tunnel encapsulation config. This property only applies in CLIENT mode. It is auto-populated from the L2VPNSessionData.",
"readonly": true,
"required": false,
"title": "Tunnel encapsulation config"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2VPN Session",
"type": "object"
}
L2VPNSessionData (type)
{
"additionalProperties": false,
"description": "L2VPN Session Data represents meta data necessary to create the L2VPN Session. It is represented by an array of peer code for each tunnel.",
"id": "L2VPNSessionData",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"description": {
"maxLength": 1024,
"title": "Description of L2VPN Session",
"type": "string"
},
"display_name": {
"description": "Defaults to id if not set.",
"maxLength": 255,
"title": "Identifier to use when displaying L2VPN Session",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated segments.",
"required": false,
"title": "Enable L2VPN session",
"type": "boolean"
},
"transport_tunnels": {
"description": "List of L2VPN transport tunnel data.",
"items": {
"$ref": "L2VPNSessionTransportTunnelData
},
"maxItems": 1,
"minItems": 1,
"title": "List of L2VPN Transport Tunnel Data",
"type": "array"
}
},
"title": "L2VPN Session Data",
"type": "object"
}
L2VPNSessionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L2VPNSessionListRequestParameters",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "L2VPNSession list request parameters",
"type": "object"
}
L2VPNSessionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "L2VPNSessionListResult",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L2VPNSession
},
"required": true,
"title": "L2VPNSession list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of L2VPNSession",
"type": "object"
}
L2VPNSessionPeerConfigNsxT (type)
{
"additionalProperties": false,
"description": "L2VPNSessionPeerCodes represents an array of peer code for each tunnel. The peer code is necessary to configure the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel.",
"extends": {
"$ref": "L2VPNSessionPeerConfigPerEP
},
"id": "L2VPNSessionPeerConfigNsxT",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "L2VPNSessionPeerConfigNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"peer_codes": {
"description": "List of peer codes per transport tunnel.",
"items": {
"$ref": "L2VPNSessionTransportTunnelPeerCode
},
"maxItems": 1,
"minItems": 1,
"readonly": true,
"title": "List of peer codes",
"type": "array"
},
"resource_type": {
"enum": [
"L2VPNSessionPeerConfigNsxT"
],
"required": true,
"type": "string"
}
},
"title": "Peer code to configure the other side of the tunnel",
"type": "object"
}
L2VPNSessionPeerConfigPerEP (type)
{
"abstract": true,
"description": "Peer config per Enforcement Point to configure the other side of the tunnel.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "L2VPNSessionPeerConfigPerEP",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VPNSessionPeerConfigNsxT"
],
"required": true,
"type": "string"
}
},
"title": "Peer config per Enforcement Point",
"type": "object"
}
L2VPNSessionRemoteMacs (type)
{
"additionalProperties": false,
"description": "Remote MAC addresses for all logical switches for a L2VPN session.",
"id": "L2VPNSessionRemoteMacs",
"module_id": "L2VPNStatistics",
"properties": {
"display_name": {
"description": "L2VPN display name.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"remote_mac_addresses": {
"description": "List MAC addresses for all logical switch for a particular L2VPN session.",
"items": {
"$ref": "L2VPNSessionRemoteMacsForLS
},
"readonly": true,
"title": "Remote MAC addresses for all logical switches",
"type": "array"
},
"session_id": {
"description": "L2VPN session identifier.",
"readonly": true,
"title": "Session identifier",
"type": "string"
}
},
"title": "Remote MAC addresses list",
"type": "object"
}
L2VPNSessionRemoteMacsForLS (type)
{
"additionalProperties": false,
"description": "Remote MAC addresses for logical switch.",
"id": "L2VPNSessionRemoteMacsForLS",
"module_id": "L2VPNStatistics",
"properties": {
"logical_switch": {
"$ref": "ResourceReference,
"description": "Logical switch.",
"readonly": true,
"title": "Logical switch"
},
"remote_mac_addresses": {
"description": "Mac addresses.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Mac addresses",
"type": "array"
},
"tags": {
"description": "Contains policy specific information like policy path.",
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Attributes Tags",
"type": "array"
}
},
"title": "Remote MAC addresses for logical switch",
"type": "object"
}
L2VPNSessionStatistics (type)
{
"additionalProperties": false,
"description": "Session statistics gives VPN session status and traffic statistics per logical switch.",
"id": "L2VPNSessionStatistics",
"module_id": "L2VPNStatistics",
"properties": {
"display_name": {
"description": "L2VPN display name.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"partial_stats": {
"description": "Partial statistics is set to true if onle active node responds while standby does not. In case of both nodes responded statistics will be summed and partial stats will be false. If cluster has only active node, partial statistics will always be false.",
"readonly": true,
"title": "Partial Statistics",
"type": "boolean"
},
"session_id": {
"description": "Session identifier for L2VPN.",
"readonly": true,
"title": "L2VPN session id",
"type": "string"
},
"tap_traffic_counters": {
"description": "Tunnel port traffic counters.",
"items": {
"$ref": "L2VPNTapTrafficStatistics
},
"readonly": true,
"title": "Tunnel port traffic counters",
"type": "array"
},
"traffic_statistics_per_logical_switch": {
"description": "Traffic statistics per logical switch.",
"items": {
"$ref": "L2VPNPerLSTrafficStatistics
},
"readonly": true,
"title": "Traffic statistics per logical switch",
"type": "array"
}
},
"title": "L2VPN session statistics",
"type": "object"
}
L2VPNSessionStatisticsNsxT (type)
{
"additionalProperties": false,
"description": "L2VPN session statistics gives session status and traffic statistics per segment.",
"extends": {
"$ref": "L2VPNSessionStatisticsPerEP
},
"id": "L2VPNSessionStatisticsNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "L2VPNSessionStatisticsNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display name of l2vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VPNSessionStatisticsNsxT"
],
"required": true,
"type": "string"
},
"tap_traffic_counters": {
"description": "Tunnel port traffic counters.",
"items": {
"$ref": "L2VPNTapStatistics
},
"readonly": true,
"title": "Tunnel port traffic counters",
"type": "array"
},
"traffic_statistics_per_segment": {
"description": "Traffic statistics per segment.",
"items": {
"$ref": "L2VPNTrafficStatisticsPerSegment
},
"readonly": true,
"title": "Traffic statistics per segment",
"type": "array"
}
},
"title": "L2VPN session statistics",
"type": "object"
}
L2VPNSessionStatisticsPerEP (type)
{
"abstract": true,
"description": "L2VPN Session Statistics Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "L2VPNSessionStatisticsPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VPNSessionStatisticsNsxT"
],
"required": true,
"type": "string"
}
},
"title": "L2VPN Session Statistics Per Enforcement Point",
"type": "object"
}
L2VPNSessionStatus (type)
{
"additionalProperties": false,
"description": "L2VPN session status.",
"id": "L2VPNSessionStatus",
"module_id": "L2VPNStatistics",
"properties": {
"display_name": {
"description": "L2VPN display name.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"session_id": {
"description": "L2VPN session identifier.",
"readonly": true,
"title": "Session identifier",
"type": "string"
},
"status": {
"description": "L2 VPN session status, specifies UP/DOWN.",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "L2 VPN session status",
"type": "string"
},
"transport_tunnels": {
"description": "Transport tunnels status.",
"items": {
"$ref": "L2VPNTransportTunnelStatus
},
"readonly": true,
"title": "Transport tunnels status",
"type": "array"
}
},
"title": "L2VPN Session Status",
"type": "object"
}
L2VPNSessionStatusNsxT (type)
{
"additionalProperties": false,
"description": "L2VPN Session Status represents status on an NSX-T type of enforcement point.",
"extends": {
"$ref": "L2VPNSessionStatusPerEP
},
"id": "L2VPNSessionStatusNsxT",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"type-identifier": "L2VPNSessionStatusNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display name of l2vpn session.",
"readonly": true,
"title": "Display name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VPNSessionStatusNsxT"
],
"required": true,
"type": "string"
},
"runtime_status": {
"description": "L2 VPN session status, specifies UP/DOWN.",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "L2 VPN session status",
"type": "string"
},
"transport_tunnels": {
"description": "Transport tunnels status.",
"items": {
"$ref": "L2VPNSessionTransportTunnelStatus
},
"readonly": true,
"title": "Transport tunnels status",
"type": "array"
}
},
"title": "L2VPN session status summary",
"type": "object"
}
L2VPNSessionStatusPerEP (type)
{
"abstract": true,
"description": "L2VPN Session Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "L2VPNSessionStatusPerEP",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VPNSessionStatusNsxT"
],
"required": true,
"type": "string"
}
},
"title": "L2VPN Session Status Per Enforcement Point",
"type": "object"
}
L2VPNSessionSummary (type)
{
"additionalProperties": false,
"description": "List summary of L2VPN sessions.",
"id": "L2VPNSessionSummary",
"module_id": "L2VPNStatistics",
"properties": {
"established_l2vpn_sessions": {
"description": "Number of established L2VPN sessions. L2VPN session is established when all the tunnels are up.",
"readonly": true,
"title": "Established L2VPN sessions",
"type": "integer"
},
"failed_l2vpn_sessions": {
"description": "Number of failed L2VPN sessions. L2VPN session is failed when all the tunnels are down.",
"readonly": true,
"title": "Failed L2VPN sessions",
"type": "integer"
},
"total_l2vpn_sessions": {
"description": "Total L2VPN sessions configured.",
"readonly": true,
"title": "Total L2VPN sessions",
"type": "integer"
}
},
"title": "L2VPN session status summary",
"type": "object"
}
L2VPNSessionTransportTunnelData (type)
{
"additionalProperties": false,
"description": "L2VPN Session Transport Tunnel Data uses a peer code which has all the information to create the transport tunnel.",
"id": "L2VPNSessionTransportTunnelData",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"local_address": {
"$ref": "IPv4Address,
"description": "IPv4 Address of local endpoint.",
"required": true,
"title": "IPv4 Address of local endpoint"
},
"peer_address": {
"$ref": "IPv4Address,
"description": "IPv4 Address of Peer endpoint on remote site.",
"required": true,
"title": "IPv4 Address of Peer endpoint"
},
"peer_code": {
"description": "Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it.",
"required": false,
"sensitive": true,
"title": "Peer code for the transport tunnel",
"type": "secure_string"
}
},
"title": "L2VPN Session Transport Tunnel Data",
"type": "object"
}
L2VPNSessionTransportTunnelPeerCode (type)
{
"additionalProperties": false,
"description": "L2VPN transport tunnel peer code.",
"id": "L2VPNSessionTransportTunnelPeerCode",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"peer_code": {
"description": "Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it.",
"readonly": true,
"title": "Peer code for the transport tunnel",
"type": "string"
},
"transport_tunnel_path": {
"readonly": true,
"title": "Policy Path referencing the transport tunnel.",
"type": "string"
}
},
"title": "L2VPN Transport Tunnel Peer Code",
"type": "object"
}
L2VPNSessionTransportTunnelStatus (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Transport tunnel status.",
"id": "L2VPNSessionTransportTunnelStatus",
"module_id": "PolicyVpnStats",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"IPSecVpnTransportStatus"
],
"required": true,
"type": "string"
},
"transport_tunnel_path": {
"description": "Policy path referencing Transport Tunnel.",
"readonly": true,
"title": "Policy path referencing Transport Tunnel",
"type": "string"
}
},
"title": "Transport tunnel status",
"type": "object"
}
L2VPNTapStatistics (type)
{
"additionalProperties": false,
"description": "TAP (Terminal access point) traffic statistics for L2VPN.",
"id": "L2VPNTapStatistics",
"module_id": "PolicyVpnStats",
"properties": {
"bytes_in": {
"description": "Total number of incoming bytes.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets.",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_error": {
"description": "Total number of incoming packets dropped.",
"readonly": true,
"title": "packets recieved error",
"type": "integer"
},
"packets_sent_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent error",
"type": "integer"
}
},
"title": "L2VPN TAP (Terminal access point) traffic statistics",
"type": "object"
}
L2VPNTapTrafficStatistics (type)
{
"additionalProperties": false,
"description": "TAP (Terminal access point) traffic statistics for L2VPN.",
"id": "L2VPNTapTrafficStatistics",
"module_id": "L2VPNStatistics",
"properties": {
"bytes_in": {
"description": "Total number of incoming bytes.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets.",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_error": {
"description": "Total number of incoming packets dropped.",
"readonly": true,
"title": "packets recieved error",
"type": "integer"
},
"packets_sent_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent error",
"type": "integer"
}
},
"title": "L2VPN TAP (Terminal access point) traffic statistics",
"type": "object"
}
L2VPNTrafficStatisticsPerSegment (type)
{
"additionalProperties": false,
"description": "Traffic statistics for a segment.",
"id": "L2VPNTrafficStatisticsPerSegment",
"module_id": "PolicyVpnStats",
"properties": {
"bum_bytes_in": {
"description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) bytes in",
"type": "integer"
},
"bum_bytes_out": {
"description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) bytes out",
"type": "integer"
},
"bum_packets_in": {
"description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) packets in",
"type": "integer"
},
"bum_packets_out": {
"description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.",
"readonly": true,
"title": "Broadcast, Unknown unicast and Multicast (BUM) packets out",
"type": "integer"
},
"bytes_in": {
"description": "Total number of incoming bytes.",
"readonly": true,
"title": "Bytes in",
"type": "integer"
},
"bytes_out": {
"description": "Total number of outgoing bytes.",
"readonly": true,
"title": "Bytes out",
"type": "integer"
},
"packets_in": {
"description": "Total number of incoming packets.",
"readonly": true,
"title": "Packets in",
"type": "integer"
},
"packets_out": {
"description": "Total number of outgoing packets.",
"readonly": true,
"title": "Packets out",
"type": "integer"
},
"packets_receive_error": {
"description": "Total number of incoming packets dropped.",
"readonly": true,
"title": "Packets received error",
"type": "integer"
},
"packets_sent_error": {
"description": "Total number of packets dropped while sending for any reason.",
"readonly": true,
"title": "Packets sent error",
"type": "integer"
},
"segment_path": {
"description": "Policy path referencing the segment on which stats are gathered.",
"readonly": true,
"title": "Segment Path",
"type": "string"
}
},
"title": "Traffic statistics per segment",
"type": "object"
}
L2VPNTransportTunnelStatus (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Transport tunnel status.",
"id": "L2VPNTransportTunnelStatus",
"module_id": "L2VPNStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"$ref": "TransportTunnelResourceType,
"required": true
},
"tunnel_id": {
"$ref": "ResourceReference,
"description": "Transport tunnel id.",
"readonly": true,
"title": "Transport tunnel id"
}
},
"title": "Transport tunnel status",
"type": "object"
}
L2VPNTunnelEncapsulation (type)
{
"additionalProperties": false,
"description": "L2VPN tunnel encapsulation config.",
"id": "L2VPNTunnelEncapsulation",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"local_endpoint_address": {
"$ref": "IPv4Address,
"description": "IP Address of the local tunnel port. This property only applies in CLIENT mode.",
"readonly": true,
"required": false,
"title": "IP Address of the tunnel port"
},
"peer_endpoint_address": {
"$ref": "IPv4Address,
"description": "IP Address of the peer tunnel port. This property only applies in CLIENT mode.",
"readonly": true,
"required": false,
"title": "IP Address of the peer tunnel port"
},
"protocol": {
"default": "GRE",
"description": "Encapsulation protocol used by the tunnel.",
"enum": [
"GRE"
],
"readonly": true,
"required": false,
"title": "Encapsulation protocol",
"type": "string"
}
},
"title": "L2VPN Tunnel Encapsulation",
"type": "object"
}
L2Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contains information necessary to configure L2Vpn.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2Vpn",
"module_id": "PolicyL2Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated segments.",
"required": false,
"title": "Enable L2Vpn",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_tunnels": {
"description": "List of paths referencing transport tunnels.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of paths referencing transport tunnels",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2 Virtual Private Network Configuration",
"type": "object"
}
L2VpnAttachmentContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "AttachmentContext
},
"id": "L2VpnAttachmentContext",
"module_id": "LogicalPort",
"polymorphic-type-descriptor": {
"type-identifier": "L2VpnAttachmentContext"
},
"properties": {
"allocate_addresses": {
"enum": [
"IpPool",
"MacPool",
"Both",
"None",
"Dhcp",
"DhcpV6",
"SLAAC"
],
"required": false,
"title": "A flag to indicate whether to allocate addresses from allocation\n pools bound to the parent logical switch.\n",
"type": "string"
},
"local_egress_ip": {
"description": "List of local egress IP addresses, used for local egress optimization.",
"items": {
"$ref": "IPElement
},
"required": false,
"title": "Array of local egress IPs",
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n",
"required": true,
"title": "Used to identify which concrete class it is",
"type": "string"
},
"tunnel_id": {
"maximum": 4093,
"minimum": 1,
"required": true,
"title": "Tunnel Id to uniquely identify the extension.",
"type": "int"
}
},
"type": "object"
}
L2VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "L2Vpn Context provides meta-data information about the parent Tier-0.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VpnContext",
"module_id": "PolicyL2Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_hub": {
"default": false,
"description": "If enabled, the tier-0 acts as a Hub and replicates traffic received from peer to all other peers. If disabled, the tier-0 acts as a Spoke and replicates only the local.",
"title": "Enable to act as hub",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2Vpn Context",
"type": "object"
}
L2VpnService (type)
{
"additionalProperties": false,
"description": "Defines if service running as server or client Also defines all the common properties for the multiple L2VpnSessions associated with this service.",
"extends": {
"$ref": "ManagedResource
},
"id": "L2VpnService",
"module_id": "L2VPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_full_mesh": {
"default": false,
"deprecated": true,
"description": "Full mesh topology auto disables traffic replication between connected peers. However, this property is deprecated. Please refer enable_hub property instead to control client to client forwarding via the server. The value of enable_full_mesh will not be used anymore. If enable_hub is not provided explicitly, the default value of it will be used.",
"required": false,
"title": "Enable full mesh topology",
"type": "boolean"
},
"enable_hub": {
"default": false,
"description": "This property only applies in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint.",
"required": false,
"title": "Enable client to client forwarding via server",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"description": "Logical router id",
"required": true,
"title": "Logical router id",
"type": "string"
},
"logical_tap_ip_pool": {
"description": "IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical Tap.",
"items": {
"$ref": "IPv4CIDRBlock
},
"required": false,
"title": "IP Pool for Logical Taps",
"type": "array"
},
"mode": {
"default": "SERVER",
"description": "Specify an L2VPN service mode as SERVER or CLIENT. L2VPN service in SERVER mode requires user to configure L2VPN session explicitly. L2VPN service in CLIENT mode can use peercode generated from SERVER to configure L2VPN session.",
"enum": [
"SERVER",
"CLIENT"
],
"required": false,
"title": "L2VPN Service Mode",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"l2 vpn service (manager)"
],
"title": "L2VPN Service",
"type": "object"
}
L2VpnServiceListResult (type)
{
"additionalProperties": false,
"description": "Paginated list all the L2VPN services.",
"extends": {
"$ref": "ListResult
},
"id": "L2VpnServiceListResult",
"module_id": "L2VPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L2VpnService
},
"required": true,
"title": "L2VPN serivce list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List all L2VPN services",
"type": "object"
}
L2VpnSession (type)
{
"additionalProperties": false,
"description": "Defines the tunnel local and peer addresses along with the multiple tansport tunnels for redundancy. L2VpnSession belongs on to only one L2VpnService.",
"extends": {
"$ref": "ManagedResource
},
"id": "L2VpnSession",
"module_id": "L2VPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated logical switches.",
"required": false,
"title": "Enable L2VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l2vpn_service_id": {
"description": "L2VPN service id",
"required": true,
"title": "L2VPN service id",
"type": "string"
},
"l2vpn_tcp_mss_clamping": {
"$ref": "L2VpnTcpMssClamping,
"descrpition": "Contains information about TCP MSS feature configuration for L2VPN Session. This feature is supported for sessions that run on L2VPN services of Server Mode only.",
"required": false,
"title": "L2VPN TCP MSS Clamping"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_tunnels": {
"description": "List of transport tunnels for redundancy.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of transport tunnels",
"type": "array"
},
"tunnel_encapsulation": {
"$ref": "L2VpnTunnelEncapsulation,
"description": "Tunnel encapsulation config. For hub, this property should not be provided as it will be auto-generated. For spoke, this property must be provided.",
"required": false,
"title": "Tunnel encapsulation config"
}
},
"search_dsl_name": [
"l2 vpn session (manager)"
],
"title": "L2VPN Session",
"type": "object"
}
L2VpnSessionListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "L2VpnSessionListParameters",
"module_id": "L2VPN",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"l2vpn_service_id": {
"description": "If provided, only sessions associated with the given L2Vpn service will be returned",
"required": false,
"title": "Id of the L2Vpn Service",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "L2VPNSession list parameters",
"type": "object"
}
L2VpnSessionListResult (type)
{
"additionalProperties": false,
"description": "Paginated list all the L2VPN sessions",
"extends": {
"$ref": "ListResult
},
"id": "L2VpnSessionListResult",
"module_id": "L2VPN",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L2VpnSession
},
"required": true,
"title": "L2VPN sessions list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List all L2VPN sessions",
"type": "object"
}
L2VpnSessionPeerCodes (type)
{
"additionalProperties": false,
"description": "Get the peer_code for each tunnel to paste on the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel.",
"id": "L2VpnSessionPeerCodes",
"module_id": "L2VPN",
"properties": {
"peer_codes": {
"description": "List of peer codes per transport tunnel.",
"items": {
"$ref": "L2VpnTunnelPeerCode
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of peer codes",
"type": "array"
}
},
"title": "Peer code to configure the other side of the tunnel",
"type": "object"
}
L2VpnSessionRemoteMacForSegment (type)
{
"additionalProperties": false,
"description": "Remote MAC addresses for logical switch.",
"id": "L2VpnSessionRemoteMacForSegment",
"module_id": "PolicyVPNStatistics",
"properties": {
"remote_mac_addresses": {
"description": "Remote Mac addresses.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Mac addresses",
"type": "array"
},
"segment_path": {
"description": "Intent path of the segment.",
"required": true,
"title": "Segment Path",
"type": "string"
}
},
"title": "Remote MAC addresses for logical switch",
"type": "object"
}
L2VpnSessionRemoteMacNsxT (type)
{
"additionalProperties": false,
"description": "Remote Macs of L2Vpn Session on NsxT.",
"extends": {
"$ref": "L2VpnSessionRemoteMacPerEP
},
"id": "L2VpnSessionRemoteMacNsxT",
"module_id": "PolicyVPNStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "L2VpnSessionRemoteMacNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"display_name": {
"description": "Display name of L2Vpn session.",
"readonly": true,
"title": "Display Name",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"remote_macs": {
"description": "List of mac addresses of logical switches for an l2vpn session.",
"items": {
"$ref": "L2VpnSessionRemoteMacForSegment
},
"readonly": true,
"title": "Remote mac addresses",
"type": "array"
},
"resource_type": {
"enum": [
"L2VpnSessionRemoteMacNsxT"
],
"required": true,
"type": "string"
}
},
"title": "L2Vpn session Remote Mac",
"type": "object"
}
L2VpnSessionRemoteMacPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"description": "L2Vpn Session Remote Macs Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "L2VpnSessionRemoteMacPerEP",
"module_id": "PolicyVPNStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"enum": [
"L2VpnSessionRemoteMacNsxT"
],
"required": true,
"type": "string"
}
},
"title": "L2Vpn Session Remote Macs Per EP",
"type": "object"
}
L2VpnTcpMssClamping (type)
{
"additionalProperties": false,
"description": "TCP MSS Clamping Direction and value for L2VPN session.",
"id": "L2VpnTcpMssClamping",
"module_id": "L2VPN",
"properties": {
"direction": {
"default": "BOTH",
"description": "Specifies the traffic direction for which to apply MSS Clamping. If direction is None, the feature is disabled.",
"enum": [
"NONE",
"BOTH"
],
"required": false,
"title": "MSS Clamping direction",
"type": "string"
},
"max_segment_size": {
"description": "It defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8860.",
"maximum": 8860,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size value",
"type": "integer"
}
},
"title": "TCP MSS Clamping Object for L2VPN Session",
"type": "object"
}
L2VpnTunnelEncapsulation (type)
{
"additionalProperties": false,
"description": "L2VPN tunnel encapsulation config",
"id": "L2VpnTunnelEncapsulation",
"module_id": "L2VPN",
"properties": {
"local_endpoint_ip": {
"$ref": "IPv4Address,
"description": "IP Address of the tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. All sessions on same L2VpnService get the same local_endpoint_ip. For spoke, the IP must be provided.",
"required": false,
"title": "IP Address of the tunnel port"
},
"peer_endpoint_ip": {
"$ref": "IPv4Address,
"description": "IP Address of the peer tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. For spoke, the IP must be provided.",
"required": false,
"title": "IP Address of the peer tunnel port"
},
"protocol": {
"default": "GRE",
"description": "Encapsulation protocol used by the tunnel",
"enum": [
"GRE"
],
"required": false,
"title": "Encapsulation protocol",
"type": "string"
}
},
"title": "L2VPN tunnel encapsulation config",
"type": "object"
}
L2VpnTunnelPeerCode (type)
{
"additionalProperties": false,
"description": "L2Vpn tunnel peer code",
"id": "L2VpnTunnelPeerCode",
"module_id": "L2VPN",
"properties": {
"peer_code": {
"description": "Copy this code to paste on the remote end of the tunnel. This is a base64 encoded string which has all the configuration for tunnel. E.g tap device local/peer ips and protocol, encryption algorithm, etc. The peer code also contains a pre-shared key; be careful when sharing or storing it.",
"required": true,
"title": "Peer code for the tunnel",
"type": "string"
},
"transport_tunnel": {
"$ref": "ResourceReference,
"required": true,
"title": "Transport tunnel"
}
},
"title": "L2Vpn tunnel peer code",
"type": "object"
}
L3Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contains information necessary to configure IPSec VPN.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3Vpn",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.",
"items": {
"$ref": "PolicyDHGroup
},
"maxItems": 1,
"title": "DH group",
"type": "array",
"uniqueItems": true
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "Flag to enable L3Vpn. Default is enabled.",
"title": "Enable L3Vpn",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.",
"items": {
"$ref": "PolicyIKEDigestAlgorithm
},
"maxItems": 1,
"title": "Digest Algorithm for IKE",
"type": "array",
"uniqueItems": true
},
"ike_encryption_algorithms": {
"description": "Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "PolicyIKEEncryptionAlgorithm
},
"maxItems": 1,
"title": "Encryption algorithm for IKE",
"type": "array",
"uniqueItems": true
},
"ike_version": {
"$ref": "PolicyIKEVersion,
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"title": "IKE version"
},
"l3vpn_session": {
"$ref": "L3VpnSession,
"required": true,
"title": "L3Vpn Session"
},
"local_address": {
"$ref": "IPv4Address,
"required": true,
"title": "IPv4 address of local gateway"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passphrases": {
"description": "List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any.",
"items": {
"type": "secure_string"
},
"maxItems": 1,
"sensitive": true,
"title": "List of IPSec pre-shared keys",
"type": "array",
"uniqueItems": true
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"remote_private_address": {
"description": "This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address.",
"title": "Identifier of the remote site",
"type": "string"
},
"remote_public_address": {
"$ref": "IPv4Address,
"required": true,
"title": "Public IPv4 address of remote gateway"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tunnel_digest_algorithms": {
"description": "Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty.",
"items": {
"$ref": "PolicyTunnelDigestAlgorithm
},
"maxItems": 1,
"title": "Digest Algorithm for Tunnel Establishment",
"type": "array",
"uniqueItems": true
},
"tunnel_encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "PolicyTunnelEncryptionAlgorithm
},
"maxItems": 1,
"title": "Encryption algorithm for Tunnel Establishement",
"type": "array",
"uniqueItems": true
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3 Virtual Private Network Configuration",
"type": "object"
}
L3VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "L3Vpn Context provides the configuration context that different L3Vpns can consume.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3VpnContext",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"available_local_addresses": {
"description": "Local gateway IPv4 addresses available for configuration of each L3Vpn.",
"items": {
"$ref": "PolicyIPAddressInfo
},
"title": "IPv4 addresses of the local gateway",
"type": "array",
"uniqueItems": true
},
"bypass_rules": {
"description": "Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is supported on these L3Vpn rules.",
"items": {
"$ref": "L3VpnRule
},
"title": "List of Bypass L3VpnRules",
"type": "array",
"uniqueItems": true
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable L3Vpn Service for given tier-0. Enabling/disabling this service affects all L3Vpns under the given tier-0.",
"title": "Enable L3 Virtual Private Network (VPN) service",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"label": {
"description": "Policy path referencing Label. A label is used as a mechanism to group route-based L3Vpns in order to apply edge firewall rules on members' VTIs.",
"required": false,
"title": "Policy path referencing Label",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3Vpn Context",
"type": "object"
}
L3VpnRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used for transit traffic that meets the rule's match criteria.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3VpnRule",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"default": "PROTECT",
"description": "Action to exchange data with or without protection. PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per L3Vpn. BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"title": "Action to apply to the traffic transiting through the L3Vpn",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of remote subnets used in policy-based L3Vpn.",
"items": {
"$ref": "L3VpnSubnet
},
"maxItems": 128,
"minItems": 1,
"required": true,
"title": "List of remote subnets",
"type": "array",
"uniqueItems": true
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple L3VpnRules associated with a single L3Vpn or L3VpnContext.",
"required": false,
"title": "Sequence number of the L3VpnRule",
"type": "int"
},
"sources": {
"description": "List of local subnets used in policy-based L3Vpn.",
"items": {
"$ref": "L3VpnSubnet
},
"maxItems": 128,
"minItems": 1,
"required": true,
"title": "List of local subnets",
"type": "array",
"uniqueItems": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3Vpn Rule",
"type": "object"
}
L3VpnSession (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Contains information about L3Vpn session.",
"id": "L3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
}
},
"title": "L3Vpn Session",
"type": "object"
}
L3VpnSessionResourceType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "- A Policy Based L3Vpn is a configuration in which protect rules to match local and remote subnet needs to be defined. Tunnel is established for each pair of local and remote subnet defined in protect rules. - A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet (commonly known as VTI) is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.",
"enum": [
"PolicyBasedL3VpnSession",
"RouteBasedL3VpnSession"
],
"id": "L3VpnSessionResourceType",
"module_id": "PolicyL3Vpn",
"title": "Resource type of L3Vpn Session",
"type": "string"
}
L3VpnSubnet (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Used to specify subnets in L3Vpn rule.",
"id": "L3VpnSubnet",
"module_id": "PolicyL3Vpn",
"properties": {
"subnet": {
"$ref": "IPv4CIDRBlock,
"description": "Subnet used in L3Vpn Rule.",
"required": true,
"title": "Subnet"
}
},
"title": "Subnet used in L3Vpn Rule",
"type": "object"
}
L4PortSetNSService (type)
{
"additionalProperties": false,
"description": "L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: \"22, 33-70, 44\".",
"extends": {
"$ref": "NSServiceElement
},
"id": "L4PortSetNSService",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "L4PortSetNSService"
},
"properties": {
"destination_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"title": "Destination ports",
"type": "array"
},
"l4_protocol": {
"enum": [
"TCP",
"UDP"
],
"required": true,
"type": "string"
},
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
},
"source_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"title": "Source ports",
"type": "array"
}
},
"title": "An NSService element that represents TCP or UDP protocol",
"type": "object"
}
L4PortSetServiceEntry (type)
{
"additionalProperties": false,
"description": "L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: \"22, 33-70, 44\".",
"extends": {
"$ref": "ServiceEntry
},
"id": "L4PortSetServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "L4PortSetServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l4_protocol": {
"enum": [
"TCP",
"UDP"
],
"required": true,
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"source_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An ServiceEntry that represents TCP or UDP protocol",
"type": "object"
}
L7AccessAttributes (type)
{
"additionalProperties": false,
"description": "Supported Attribute Keys are APP_ID, URL_CATEGORY, URL_REPUTATION, CUSTOM_URL",
"extends": {
"$ref": "PolicyAttributes
},
"id": "L7AccessAttributes",
"module_id": "L7AccessProfile",
"properties": {
"attribute_source": {
"default": "SYSTEM",
"enum": [
"SYSTEM",
"CUSTOM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"custom_url_partial_match": {
"description": "True value for this flag will be treated as a partial match for custom url",
"required": false,
"title": "true value would be treated as a partial match for custom url",
"type": "boolean"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"isALGType": {
"description": "Describes whether the APP_ID value is ALG type or not.",
"required": false,
"title": "Is the value ALG type",
"type": "boolean"
},
"key": {
"description": "Policy Attribute Key",
"enum": [
"APP_ID",
"DOMAIN_NAME",
"URL_CATEGORY",
"URL_REPUTATION",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For URL CATEGORY key , it specified super category for url category value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Attributes data holder",
"type": "object"
}
L7AccessEntry (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes like APP_ID, CUSTOM_URL, URL_CATEGORY, URL_REPUTATION.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L7AccessEntry",
"module_id": "L7AccessProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"$ref": "L7AccessEntryAction,
"required": true
},
"attributes": {
"description": "Property containing attributes/sub-attributes for Policy L7 Access Profile. APP_ID, CUSTOM_URL, URL_CATEGORY, are system created attributes, and user can use below API to get list of valid attributes and values and consume them in L7AccessEntry: GET /policy/api/v1/infra/l7-access-profiles/attributes?attribute_source=ALL <br> CUSTOM_URL attribute value must be created explicitly by the user using below API: POST /policy/api/v1/infra/context-profiles/custom-attributes/default?action=add",
"items": {
"$ref": "L7AccessAttributes
},
"maxItems": 1,
"required": true,
"title": "Array of Policy L7 Access Profile attributes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the entry. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the entry",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "Flag to activate packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Determines the order of the entry in this profile. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic.",
"required": false,
"title": "Policy L7 Access Entry Order",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy L7 Access entry",
"type": "object"
}
L7AccessEntryAction (type)
{
"description": "The action to be applied to all the services.",
"enum": [
"ALLOW",
"REJECT",
"REJECT_WITH_RESPONSE"
],
"id": "L7AccessEntryAction",
"module_id": "L7AccessProfile",
"required": true,
"title": "L7 acces profile entry action",
"type": "string"
}
L7AccessEntryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L7AccessEntryListRequestParameters",
"module_id": "L7AccessProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy L7 access entry list request parameters",
"type": "object"
}
L7AccessEntryListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "L7AccessEntryListResult",
"module_id": "L7AccessProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L7AccessEntry
},
"required": true,
"title": "L7 access Entry list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of l7 profile entries",
"type": "object"
}
L7AccessProfile (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates multiple L7 access profile entries. The entity wil be consumed in firewall rules and can be added in new tuple called profile in firewall rules. One of either Context Profile or L7 Access Profile can be used in firewall rule.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L7AccessProfile",
"module_id": "L7AccessProfile",
"policy_hierarchical_children": [
"ChildL7AccessEntry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_action": {
"$ref": "L7AccessEntryAction,
"required": true
},
"default_action_logged": {
"default": false,
"description": "Flag to activate packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable default logging flag",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entry_count": {
"description": "The count of entries in the L7 profile.",
"readonly": true,
"title": "Entry count",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l7_access_entries": {
"description": "Property containing L7 access entries for Policy L7 Access Profile.",
"items": {
"$ref": "L7AccessEntry
},
"maxItems": 1000,
"required": false,
"title": "Array of Policy L7 Access Profile entries",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy L7 Acces profile",
"type": "object"
}
L7AccessProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L7AccessProfileListRequestParameters",
"module_id": "L7AccessProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_entry_count": {
"default": false,
"description": "If true, populate the entry_count field with the count of rules in the particular policy. By default, entry_count will not be populated.",
"required": false,
"title": "Include the count of entries in L7 Profile",
"type": "boolean"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy L7 access profile list request parameters",
"type": "object"
}
L7AccessProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "L7AccessProfileListResult",
"module_id": "L7AccessProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "L7AccessProfile
},
"required": true,
"title": "Policy L7 Access profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy L7 Access profiles",
"type": "object"
}
LBAccessListControl (type)
{
"additionalProperties": false,
"description": "LBAccessListControl is used to define how IP access list control can filter the connections from clients.",
"id": "LBAccessListControl",
"module_id": "PolicyLoadBalancer",
"properties": {
"action": {
"description": "ALLOW means connections matching grouping object IP list are allowed and requests not matching grouping object IP list are dropped. DROP means connections matching grouping object IP list are dropped and requests not matching grouping object IP list are allowed.",
"enum": [
"ALLOW",
"DROP"
],
"required": true,
"title": "IP access list control action",
"type": "string"
},
"enabled": {
"default": false,
"description": "The enabled flag indicates whether to enable access list control option. It is false by default.",
"required": false,
"title": "Whether to enable access list control option",
"type": "boolean"
},
"group_path": {
"description": "The path of grouping object which defines the IP addresses or ranges to match the client IP.",
"required": true,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
}
},
"title": "IP access list control to filter the connections from clients",
"type": "object"
}
LBActiveMonitor (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "All the active types of LBMonitorProfile extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "LBMonitorProfile
},
"id": "LBActiveMonitor",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBActiveMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of active LBMonitorProfile",
"type": "object"
}
LBAppProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "App profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBAppProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "App profile",
"type": "object"
}
LBAppProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LBAppProfileListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBAppProfile
},
"required": true,
"title": "LBAppProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBAppProfile",
"type": "object"
}
LBApplicationProfileType (type)
{
"additionalProperties": false,
"description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile. LBFastTCPProfile or LBFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LBHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LBHttpProfile is intended to simplify enabling certain common use cases. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBHttpProfile",
"LBFastTcpProfile",
"LBFastUdpProfile"
],
"id": "LBApplicationProfileType",
"module_id": "PolicyLoadBalancer",
"title": "Application profile type",
"type": "string"
}
LBClientCertificateIssuerDnCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Match condition for client certficate issuer DN.",
"id": "LBClientCertificateIssuerDnCondition",
"module_id": "PolicyLoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing issuer DN value.",
"required": false,
"title": "A case sensitive flag for issuer DN comparing",
"type": "boolean"
},
"issuer_dn": {
"description": "Value of issuer DN. The format should follow RFC 2253.",
"required": true,
"title": "Value of issuer DN",
"type": "string"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of issuer DN.",
"required": false,
"title": "Match type of issuer DN"
}
},
"title": "Match condition for client certficate issuer DN",
"type": "object"
}
LBClientCertificateSubjectDnCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Match condition for client certficate subject DN.",
"id": "LBClientCertificateSubjectDnCondition",
"module_id": "PolicyLoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing subject DN value.",
"required": false,
"title": "A case sensitive flag for subject DN comparing",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of subject DN.",
"required": false,
"title": "Match type of subject DN"
},
"subject_dn": {
"description": "Value of subject DN. The format should follow RFC 2253.",
"required": true,
"title": "Value of subject DN",
"type": "string"
}
},
"title": "Match condition for client certficate subject DN",
"type": "object"
}
LBClientSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client SSL profile. LBClientSslProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBSslProfile
},
"id": "LBClientSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"description": "Supported SSL cipher list to client side.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefer_server_ciphers": {
"default": true,
"description": "During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.",
"required": false,
"title": "Prefer server ciphers flag",
"type": "boolean"
},
"protocols": {
"description": "SSL version TLS1.2 is supported and enabled.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "Supported SSL protocol list to client side",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "Session cache Activate or deactivate flag",
"type": "boolean"
},
"session_cache_timeout": {
"default": 300,
"description": "Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.",
"maximum": 86400,
"minimum": 1,
"required": false,
"title": "SSL session cache timeout value",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Client SSL profile",
"type": "object"
}
LBClientSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client SSL profile binding. LBClientSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBClientSslProfileBinding",
"module_id": "PolicyLoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "Authentication depth is used to set the verification depth in the client certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "The maximum traversal depth of client certificate chain",
"type": "integer"
},
"client_auth": {
"$ref": "ClientAuthType,
"default": "IGNORE",
"description": "Client authentication mode.",
"required": false,
"title": "Client authentication mode",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"client_auth_ca_paths": {
"description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA path list to verify client certificate",
"type": "array"
},
"client_auth_crl_paths": {
"description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL path list to verify client certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_CLIENT_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBClientSslProfile"
]
}
]
},
"default_certificate_path": {
"description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.",
"required": true,
"title": "Default service certificate identifier",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"sni_certificate_paths": {
"description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.",
"items": {
"type": "string"
},
"required": false,
"title": "SNI certificate path list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"ssl_profile_path": {
"description": "Client SSL profile defines reusable, application-independent client side SSL properties.",
"required": false,
"title": "Client SSL profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_CLIENT_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBClientSslProfile"
]
}
]
}
},
"title": "Client SSL profile binding",
"type": "object"
}
LBClientSslProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LBClientSslProfileListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBClientSslProfile
},
"required": true,
"title": "Paginated list of load balancer client SSL profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LBConnectionDropAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to drop the connections. There is no extra propery in this action. If there is no match condition specified, the connection will be always dropped. This action can be specified at HTTP_ACCESS or HTTP_FORWARDING pahse.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBConnectionDropAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBConnectionDropAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to drop connections",
"type": "object"
}
LBCookiePersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBCookiePersistenceProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBCookiePersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBCookiePersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cookie_domain": {
"description": "HTTP cookie domain could be configured, only available for insert mode.",
"required": false,
"title": "Cookie domain",
"type": "string"
},
"cookie_fallback": {
"default": true,
"description": "If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server.",
"required": false,
"title": "Cookie persistence fallback",
"type": "boolean"
},
"cookie_garble": {
"default": true,
"description": "If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.",
"required": false,
"title": "Cookie persistence garble",
"type": "boolean"
},
"cookie_httponly": {
"default": false,
"description": "If cookie httponly flag is true, it prevents a script running in the browser from accessing the cookie. Only available for insert mode.",
"required": false,
"title": "Cookie httponly flag",
"type": "boolean"
},
"cookie_mode": {
"$ref": "CookiePersistenceModeType,
"default": "INSERT",
"description": "Cookie persistence mode.",
"required": false,
"title": "Cookie persistence mode"
},
"cookie_name": {
"default": "NSXLB",
"description": "Cookie name.",
"required": false,
"title": "Cookie name",
"type": "string"
},
"cookie_path": {
"description": "HTTP cookie path could be set, only available for insert mode.",
"required": false,
"title": "Cookie path",
"type": "string"
},
"cookie_secure": {
"default": false,
"description": "If cookie secure flag is true, it prevents the browser from sending a cookie over http. The cookie is sent only over https. Only available for insert mode.",
"required": false,
"title": "Cookie secure flag",
"type": "boolean"
},
"cookie_time": {
"$ref": "LBCookieTime,
"description": "Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.",
"required": false,
"title": "Cookie time setting"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBPersistenceProflie using Cookies for L7 LBVirtualServer",
"type": "object"
}
LBCookieTime (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Cookie time.",
"id": "LBCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Cookie time",
"type": "object"
}
LBCookieTimeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting",
"enum": [
"LBSessionCookieTime",
"LBPersistenceCookieTime"
],
"id": "LBCookieTimeType",
"module_id": "PolicyLoadBalancer",
"title": "CookieTime type",
"type": "string"
}
LBEdgeNodeUsage (type)
{
"additionalProperties": false,
"description": "The capacity contains basic information and load balancer entity usages and capacity for the given edge node.",
"extends": {
"$ref": "LBNodeUsage
},
"id": "LBEdgeNodeUsage",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBEdgeNodeUsage"
},
"properties": {
"current_large_load_balancer_count": {
"description": "The count of large load balancer services configured on the node.",
"readonly": true,
"title": "The current large load balancer count",
"type": "integer"
},
"current_load_balancer_credits": {
"description": "The current load balancer credits means the current credits used on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20.",
"readonly": true,
"title": "Current load balancer credits",
"type": "integer"
},
"current_medium_load_balancer_count": {
"description": "The count of medium load balancer services configured on the node.",
"readonly": true,
"title": "The current medium load balancer count",
"type": "integer"
},
"current_pool_count": {
"description": "The count of pools configured on the node.",
"readonly": true,
"title": "The current pool count.",
"type": "integer"
},
"current_pool_member_count": {
"description": "The count of pool members configured on the node.",
"readonly": true,
"title": "The current pool member count",
"type": "integer"
},
"current_small_load_balancer_count": {
"description": "The count of small load balancer services configured on the node.",
"readonly": true,
"title": "The current small load balancer count",
"type": "integer"
},
"current_virtual_server_count": {
"description": "The count of virtual servers configured on the node.",
"readonly": true,
"title": "The current virtual server count",
"type": "integer"
},
"current_xlarge_load_balancer_count": {
"description": "The count of xlarge load balancer services configured on the node.",
"readonly": true,
"title": "The current xlarge load balancer count",
"type": "integer"
},
"edge_cluster_path": {
"description": "The path of edge cluster which contains the edge node.",
"readonly": true,
"title": "The path of edge cluster",
"type": "string"
},
"form_factor": {
"description": "The form factor of the given edge node.",
"enum": [
"SMALL_VIRTUAL_MACHINE",
"MEDIUM_VIRTUAL_MACHINE",
"LARGE_VIRTUAL_MACHINE",
"XLARGE_VIRTUAL_MACHINE",
"PHYSICAL_MACHINE"
],
"readonly": true,
"title": "The form factor of the given edge node",
"type": "string"
},
"load_balancer_credit_capacity": {
"description": "The load balancer credit capacity means the maximum credits which can be used for load balancer configuration for the given edge node.",
"readonly": true,
"title": "Load balancer credit capacity",
"type": "integer"
},
"node_path": {
"description": "The property identifies the node path for load balancer node usage. For example, node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.",
"required": true,
"title": "The node path for load balancer node usage",
"type": "string"
},
"pool_member_capacity": {
"description": "Pool member capacity means maximum number of pool members which can be configured on the given edge node.",
"readonly": true,
"title": "The pool member capacity",
"type": "integer"
},
"remaining_large_load_balancer_count": {
"description": "The remaining count of large load balancer services which can be configured on the given edge node.",
"readonly": true,
"title": "The remaining large load balancer count",
"type": "integer"
},
"remaining_medium_load_balancer_count": {
"description": "The remaining count of medium load balancer services which can be configured on the given edge node.",
"readonly": true,
"title": "The remaining medium load balancer count",
"type": "integer"
},
"remaining_small_load_balancer_count": {
"description": "The remaining count of small load balancer services which can be configured on the given edge node.",
"readonly": true,
"title": "The remaining small load balancer count",
"type": "integer"
},
"remaining_xlarge_load_balancer_count": {
"description": "The remaining count of xlarge load balancer services which can be configured on the given edge node.",
"readonly": true,
"title": "The remaining xlarge load balancer count",
"type": "integer"
},
"resource_type": {
"description": "The property identifies the load balancer node usage type.",
"required": true,
"title": "Type of load balancer node usage",
"type": "string"
},
"severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on current credit usage percentage of load balancer for one node.",
"readonly": true,
"title": "LB usage severity"
},
"usage_percentage": {
"description": "The usage percentage of the edge node for load balancer. The value is the larger value between load balancer credit usage percentage and pool member usage percentage for the edge node.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
}
},
"title": "The load balancer usage for an edge node",
"type": "object"
}
LBFastTcpProfile (type)
{
"additionalProperties": false,
"description": "Fast TCP profile.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBFastTcpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBFastTcpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"close_timeout": {
"default": 8,
"description": "It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection.",
"maximum": 60,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "Flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 1800,
"description": "It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Fast TCP profile",
"type": "object"
}
LBFastUdpProfile (type)
{
"additionalProperties": false,
"description": "Fast UDP profile.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBFastUdpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBFastUdpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "Flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "UDP idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Fast UDP profile",
"type": "object"
}
LBGenericPersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to virtual server directly, it can be specified in LB rule actions. In HTTP forwarding phase, the profile can be specified in LBVariablePersistenceOnAction. In HTTP response rewriting phase, the profile can be specified in LBVariablePersistenceLearnAction. LBGenericPersistenceProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBGenericPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBGenericPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"description": "The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.",
"required": false,
"title": "Mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Persistence entry expiration time in seconds",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LB generic persistence profile",
"type": "object"
}
LBHttpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBHttpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"request_body": {
"description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.",
"required": false,
"title": "HTTP health check request body",
"type": "string"
},
"request_headers": {
"description": "Array of HTTP request headers.",
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"description": "The health check method for HTTP monitor type.",
"required": false,
"title": "The health check method for HTTP monitor type"
},
"request_url": {
"default": "/",
"description": "For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters.",
"required": false,
"title": "Customized HTTP request url for active health checks",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"description": "HTTP request version.",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "Response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over HTTP",
"type": "object"
}
LBHttpProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Http profile. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBHttpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"http_redirect_to": {
"description": "If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL.",
"required": false,
"title": "Http redirect static URL",
"type": "string"
},
"http_redirect_to_https": {
"default": false,
"description": "Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.",
"required": false,
"title": "Flag to indicate whether enable HTTP-HTTPS redirect",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 15,
"description": "It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.",
"maximum": 5400,
"minimum": 1,
"required": false,
"title": "HTTP application idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ntlm": {
"deprecated": true,
"description": "NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology. This property is deprecated. Please use the property server_keep_alive in order to keep the backend server connection alive for the client connection. When create a new profile, if both ntlm and server_keep_alive are set as different values, ERROR will be reported. When update an existing profile, if either ntlm or server_keep_alive value is changed, both of them are updated with the changed value.",
"required": false,
"title": "NTLM support flag",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"request_body_size": {
"description": "If it is not specified, it means that request body size is unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request body",
"type": "integer"
},
"request_header_size": {
"default": 1024,
"description": "A request with header equal to or below this size is guaranteed to be processed. A request with header larger than request_header_size will be processed up to 32K bytes on best effort basis.",
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request headers",
"type": "integer"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"response_buffering": {
"default": false,
"description": "When buffering is deactivated, the response is passed to a client synchronously, immediately as it is received. When buffering is activated, LB receives a response from the backend server as soon as possible, saving it into the buffers.",
"required": false,
"title": "Activate or deactivate buffering of responses",
"type": "boolean"
},
"response_header_size": {
"default": 4096,
"description": "A response with header larger than response_header_size will be dropped.",
"maximum": 65536,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP response headers",
"type": "integer"
},
"response_timeout": {
"default": 60,
"description": "If server doesn\u2019t send any packet within this time, the connection is closed.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum server idle time in seconds",
"type": "integer"
},
"server_keep_alive": {
"description": "If server_keep_alive is true, it means the backend connection will keep alive for the client connection. Every client connection is tied 1:1 with the corresponding server-side connection. If server_keep_alive is false, it means the backend connection won't keep alive for the client connection. If server_keep_alive is not specified for API input, its value in API output will be the same with the property ntlm.",
"required": false,
"title": "Server keep-alive flag",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"x_forwarded_for": {
"$ref": "LBXForwardedForType,
"description": "When X-Forwareded-For is configured, X-Forwarded-Proto and X-Forwarded-Port information is added automatically. The two additional header information can be also modified or deleted in load balancer rules.",
"required": false,
"title": "Insert or replace x_forwarded_for"
}
},
"title": "Http profile",
"type": "object"
}
LBHttpRedirectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LBRule without any conditions, add an LBHttpRedirectAction to the rule. Set the redirect_url field of the LBHttpRedirectAction to: https://$_host$_request_uri And set redirect_status to \"302\", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRedirectAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRedirectAction"
},
"properties": {
"redirect_status": {
"description": "HTTP response status code.",
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"redirect_url": {
"description": "The URL that the HTTP request is redirected to.",
"required": true,
"title": "The URL that the HTTP request is redirected to",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to redirect HTTP request messages",
"type": "object"
}
LBHttpRejectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LBHttpRejectAction does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRejectAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRejectAction"
},
"properties": {
"reply_message": {
"description": "Response message.",
"required": false,
"title": "Response message",
"type": "string"
},
"reply_status": {
"description": "HTTP response status code.",
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to reject HTTP request messages",
"type": "object"
}
LBHttpRequestBodyCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestBodyCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestBodyCondition"
},
"properties": {
"body_value": {
"required": true,
"title": "HTTP request body",
"type": "string"
},
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP body value.",
"required": false,
"title": "A case sensitive flag for HTTP body comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP body"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match content of HTTP request message body",
"type": "object"
}
LBHttpRequestCookieCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestCookieCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestCookieCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing cookie value.",
"required": false,
"title": "A case sensitive flag for cookie value comparing",
"type": "boolean"
},
"cookie_name": {
"description": "Cookie name.",
"required": true,
"title": "Name of cookie",
"type": "string"
},
"cookie_value": {
"description": "Cookie value.",
"required": true,
"title": "Value of cookie",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of cookie value.",
"required": false,
"title": "Match type of cookie value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request cookie",
"type": "object"
}
LBHttpRequestHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"default": "Host",
"required": false,
"title": "Name of HTTP header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request header",
"type": "object"
}
LBHttpRequestHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestHeaderDeleteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderDeleteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP request message.",
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP request header fields",
"type": "object"
}
LBHttpRequestHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestHeaderRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderRewriteAction"
},
"properties": {
"header_name": {
"description": "Name of HTTP request header.",
"required": true,
"title": "Name of HTTP request header",
"type": "string"
},
"header_value": {
"description": "Value of HTTP request header.",
"required": true,
"title": "Value of HTTP request header",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite header fields of HTTP request messages",
"type": "object"
}
LBHttpRequestMethodCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestMethodCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestMethodCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"method": {
"$ref": "HttpRequestMethodType,
"required": true,
"title": "Type of HTTP request method"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match method of HTTP request messages",
"type": "object"
}
LBHttpRequestUriArgumentsCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the \"foo=1&bar=2\" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark (\"?\") character and terminated by a number sign (\"#\") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, \"foo=(?<x>\\d+)\". It matches HTTP requests whose URI arguments containing \"foo\", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LBRuleAction fields which support variables.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestUriArgumentsCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriArgumentsCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI arguments.",
"required": false,
"title": "A case sensitive flag for URI arguments comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI arguments"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri_arguments": {
"description": "URI arguments, aka query string of URI.",
"required": true,
"title": "URI arguments",
"type": "string"
}
},
"title": "Condition to match URI arguments of HTTP requests",
"type": "object"
}
LBHttpRequestUriCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LBRuleAction. For example, specify uri field as: \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\" If the URI path is /articles/news/2017/06/xyz.html, then substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can then be used in an LBRuleAction field which supports variables, such as uri field of LBHttpRequestUriRewriteAction. For example, set the uri field of LBHttpRequestUriRewriteAction as: \"/articles/news/$year-$month-$article\" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: \"/articles/news/2017-06-xyz.html\"",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestUriCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI.",
"required": false,
"title": "A case sensitive flag for URI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri": {
"required": true,
"title": "A string used to identify resource",
"type": "string"
}
},
"title": "Condition to match URIs of HTTP request messages",
"type": "object"
}
LBHttpRequestUriRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LBRuleAction to see how to use variables in this action.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestUriRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriRewriteAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"uri": {
"description": "URI of HTTP request.",
"required": true,
"title": "URI of HTTP request",
"type": "string"
},
"uri_arguments": {
"description": "Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2.",
"required": false,
"title": "URI arguments",
"type": "string"
}
},
"title": "Action to rewrite HTTP request URIs.",
"type": "object"
}
LBHttpRequestVersionCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the HTTP protocol version of the HTTP request messages.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestVersionCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestVersionCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"version": {
"$ref": "HttpRequestVersionType,
"required": true,
"title": "HTTP version"
}
},
"title": "Condition to match HTTP protocol version of HTTP requests",
"type": "object"
}
LBHttpResponseHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpResponseHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"required": true,
"title": "Name of HTTP header field",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header field",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match a header field of HTTP response",
"type": "object"
}
LBHttpResponseHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpResponseHeaderDeleteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderDeleteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP response message.",
"required": true,
"title": "Name of a header field of HTTP response message",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP response header fields",
"type": "object"
}
LBHttpResponseHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpResponseHeaderRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderRewriteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP request message.",
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"header_value": {
"description": "Value of header field",
"required": true,
"title": "Value of header field",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite HTTP response header fields",
"type": "object"
}
LBHttpSslCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpSslCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpSslCondition"
},
"properties": {
"client_certificate_issuer_dn": {
"$ref": "LBClientCertificateIssuerDnCondition,
"description": "The issuer DN match condition of the client certificate for an established SSL connection.",
"required": false,
"title": "The issuer DN match condition of the client certificate"
},
"client_certificate_subject_dn": {
"$ref": "LBClientCertificateSubjectDnCondition,
"description": "The subject DN match condition of the client certificate for an established SSL connection.",
"required": false,
"title": "The subject DN match condition of the client certificate"
},
"client_supported_ssl_ciphers": {
"description": "Cipher list which supported by client.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Cipher list which supported by client",
"type": "array"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"session_reused": {
"$ref": "LbSslSessionReusedType,
"default": "IGNORE",
"description": "The type of SSL session reused.",
"required": false,
"title": "The type of SSL session reused"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"used_protocol": {
"$ref": "SslProtocol,
"description": "Protocol of an established SSL connection.",
"required": false,
"title": "Protocol of an established SSL connection"
},
"used_ssl_cipher": {
"$ref": "SslCipher,
"description": "Cipher used for an established SSL connection.",
"required": false,
"title": "Cipher used for an established SSL connection"
}
},
"title": "Condition to match SSL handshake and SSL connection",
"type": "object"
}
LBHttpsMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTPS. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpsMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBHttpsMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpsMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"request_body": {
"description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.",
"required": false,
"title": "HTTP health check request body",
"type": "string"
},
"request_headers": {
"description": "Array of HTTP request headers.",
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"description": "The health check method for HTTP monitor type.",
"required": false,
"title": "The health check method for HTTP monitor type"
},
"request_url": {
"default": "/",
"description": "For HTTPS active healthchecks, the HTTPS request url sent can be customized and can include query parameters.",
"required": false,
"title": "Customized HTTPS request url for active health checks",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"description": "HTTP request version.",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "Response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"server_ssl_profile_binding": {
"$ref": "LBServerSslProfileBinding,
"description": "The setting is used when the monitor acts as an SSL client and establishing a connection to the backend server.",
"required": false,
"title": "Pool side SSL binding setting"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over HTTPS",
"type": "object"
}
LBIcmpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over ICMP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healt hchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBIcmpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBIcmpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBIcmpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"data_length": {
"default": 56,
"maximum": 65507,
"minimum": 0,
"required": false,
"title": "The data size (in byte) of the ICMP healthcheck packet",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over ICMP",
"type": "object"
}
LBIpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match IP header fields of HTTP messages. Either source_address or group_id should be specified.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBIpHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBIpHeaderCondition"
},
"properties": {
"group_path": {
"description": "Source IP address of HTTP message should match IP addresses which are configured in Group in order to perform actions.",
"required": false,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_address": {
"$ref": "IPElement,
"description": "Source IP address of HTTP message. IP Address can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.",
"required": false,
"title": "Source IP address of HTTP message"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LBJwtAuthAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to control access to backend server resources using JSON Web Token(JWT) authentication. The JWT authentication is done before any HTTP manipulation if the HTTP request matches the given condition in LBRule. Any verification failed, the HTTP process will be terminated, and HTTP response with 401 status code and WWW-Authentication header will be returned to client.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBJwtAuthAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtAuthAction"
},
"properties": {
"key": {
"$ref": "LBJwtKey,
"descrption": "Keys are used for verifying the signature of JWT token. In current\nversion, only symmetric (HMAC SHA256) key and asymmetric (RS256) key\nare supported. It is optional, in case no key specified, the jwt\nsignature won't be verified.\n",
"required": false,
"title": "LBJwtKey used for verifying the signature of JWT token"
},
"pass_jwt_to_pool": {
"default": false,
"description": "Specify whether to pass the JWT to backend server or remove it. By default, it is false which means will not pass the JWT to backend servers.",
"required": false,
"title": "Whether to pass the JWT to backend server or remove it",
"type": "boolean"
},
"realm": {
"description": "A description of the protected area. If no realm is specified, clients often display a formatted hostname instead. The configured realm is returned when client request is rejected with 401 http status. In the response, it will be \"WWW-Authentication: Bearer realm=<realm>\".",
"required": false,
"title": "JWT realm",
"type": "string"
},
"tokens": {
"description": "JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Load balancer will search for every specified tokens one by one for the jwt message until found. This parameter is optional. In case not found or this field is not configured, load balancer searches the Bearer header by default in the http request \"Authorization: Bearer <token>\".",
"items": {
"type": "string"
},
"required": false,
"title": "JWT tokens",
"type": "array"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to control access using JWT authentication",
"type": "object"
}
LBJwtCertificateKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify certificate which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtCertificateKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtCertificateKey"
},
"properties": {
"certificate_path": {
"required": true,
"title": "Certificate identifier",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies certificate used to verify the signature of JWT tokens",
"type": "object"
}
LBJwtKey (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "LBJwtKey specifies the symmetric key or asymmetric public key used to decrypt the data in JWT.",
"id": "LBJwtKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Load balancer JWT key",
"type": "object"
}
LBJwtKeyType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "It is used to identify JWT key type.",
"enum": [
"LBJwtCertificateKey",
"LBJwtSymmetricKey",
"LBJwtPublicKey"
],
"id": "LBJwtKeyType",
"module_id": "PolicyLoadBalancer",
"title": "Type of load balancer JWT key",
"type": "string"
}
LBJwtPublicKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the public key content which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtPublicKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtPublicKey"
},
"properties": {
"public_key_content": {
"required": true,
"title": "Content of public key",
"type": "string"
},
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies public key content used to verify the signature of JWT tokens",
"type": "object"
}
LBJwtSymmetricKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the symmetric key which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtSymmetricKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtSymmetricKey"
},
"properties": {
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies the symmetric key used to verify the signature of JWT tokens",
"type": "object"
}
LBMonitorProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
LBMonitorProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LBMonitorProfileListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBMonitorProfile
},
"required": true,
"title": "LBMonitorProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBMonitorProfiles",
"type": "object"
}
LBMonitorProfileType (type) (Deprecated)
{
"deprecated": true,
"description": "There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.",
"enum": [
"LBTcpMonitorProfile",
"LBUdpMonitorProfile",
"LBIcmpMonitorProfile",
"LBHttpMonitorProfile",
"LBHttpsMonitorProfile",
"LBPassiveMonitorProfile"
],
"id": "LBMonitorProfileType",
"module_id": "PolicyLoadBalancer",
"title": "Monitor type",
"type": "string"
}
LBNodeCountPerSeverity (type)
{
"additionalProperties": false,
"description": "The node count for specific load balancer usage severity.",
"id": "LBNodeCountPerSeverity",
"module_id": "PolicyLBStatistics",
"properties": {
"node_count": {
"description": "Node count for specific serverity.",
"readonly": true,
"title": "Node count for specific serverity",
"type": "integer"
},
"severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on current credit usage percentage of load balancer for one node.",
"readonly": true,
"title": "LB usage severity"
}
},
"title": "The node count for specific severity",
"type": "object"
}
LBNodeUsage (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Node usage for load balancer contains basic information and LB entity usages and capacity for the given node. Only edge node is supported.",
"id": "LBNodeUsage",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"node_path": {
"description": "The property identifies the node path for load balancer node usage. For example, node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.",
"required": true,
"title": "The node path for load balancer node usage",
"type": "string"
},
"resource_type": {
"description": "The property identifies the load balancer node usage type.",
"required": true,
"title": "Type of load balancer node usage",
"type": "string"
}
},
"title": "Node usage for load balancer",
"type": "object"
}
LBNodeUsageRequestParameters (type)
{
"additionalProperties": false,
"id": "LBNodeUsageRequestParameters",
"module_id": "PolicyLBStatistics",
"properties": {
"node_path": {
"description": "The property identifies the node path for load balancer node usage. For example, ?node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.",
"required": true,
"title": "The node path for load balancer node usage",
"type": "string"
}
},
"type": "object"
}
LBNodeUsageSummary (type)
{
"additionalProperties": false,
"description": "The load balancer node usage summary for all nodes from specific enforcement point. Only edge node is supported. The summary contains all edge nodes which are configured in edge clusters.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBNodeUsageSummary",
"module_id": "PolicyLBStatistics",
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"current_load_balancer_credits": {
"description": "Current load balancer credits in use for all nodes. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured, the current load balancer credit number is 2 * 10 = 20.",
"readonly": true,
"title": "Current load balancer credits",
"type": "integer"
},
"current_pool_member_count": {
"description": "The overall count of pool members configured on all nodes.",
"readonly": true,
"title": "The current pool member count",
"type": "integer"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"load_balancer_credit_capacity": {
"description": "The load balancer credit capacity means the maximum credits which can be used for load balancer service configuration for all nodes.",
"readonly": true,
"title": "Load balancer credit capacity",
"type": "integer"
},
"node_counts": {
"description": "The property identifies array of node count for each severity.",
"items": {
"$ref": "LBNodeCountPerSeverity
},
"readonly": true,
"title": "Array of node count for each severity",
"type": "array"
},
"node_usages": {
"description": "The property identifies all LB node usages. By default, it is not included in response. It exists when parameter ?include_usages=true.",
"items": {
"$ref": "LBNodeUsage
},
"readonly": true,
"title": "LB node usages",
"type": "array"
},
"pool_member_capacity": {
"description": "Pool member capacity means maximum number of pool members which can be configured on all nodes.",
"readonly": true,
"title": "The overall pool member capacity",
"type": "integer"
},
"severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on overall credit usage percentage of load balancer for all nodes.",
"readonly": true,
"title": "LB usage severity"
},
"usage_percentage": {
"description": "The overall usage percentage of all nodes for load balancer. The value is the larger value between overall pool member usage percentage and overall load balancer credit usage percentage.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
}
},
"title": "LB node usage summary for all nodes",
"type": "object"
}
LBNodeUsageSummaryRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LBUsageSummaryRequestParameters
},
"id": "LBNodeUsageSummaryRequestParameters",
"module_id": "PolicyLBStatistics",
"properties": {
"enforcement_point_path": {
"description": "Specify enforcement point path.",
"required": false,
"title": "enforcement point path",
"type": "string"
},
"include_usages": {
"description": "Specify whether to include usages in response.",
"required": false,
"title": "Whether to include usages",
"type": "boolean"
}
},
"title": "Load balancer node usage summary request parameters",
"type": "object"
}
LBPassiveMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The passive type of LBMonitorProfile. LBPassiveMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBMonitorProfile
},
"id": "LBPassiveMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBPassiveMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_fails": {
"default": 5,
"description": "When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Number of consecutive connection failures",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "After this timeout period, the member is tried again for a new connection to see if it is available.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Timeout in seconds before it is selected again for a new connection",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of active LBMonitorProfile",
"type": "object"
}
LBPersistenceCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Persistence cookie time.",
"extends": {
"$ref": "LBCookieTime
},
"id": "LBPersistenceCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBPersistenceCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "HTTP cookie max-age to expire cookie, only available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": true,
"title": "Persistence cookie max idle time in seconds",
"type": "integer"
},
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Persistence cookie time",
"type": "object"
}
LBPersistenceProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to LBVirtualServer directly, it can be specified in LBVariablePersistenceOnAction or LBVariablePersistenceLearnAction in LBRule. If a user attaches a LBGenericPersistenceProfile directly to a virtual server, the operation is rejected.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains the information related to load balancer persistence options",
"type": "object"
}
LBPersistenceProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LBPersistenceProfileListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBPersistenceProfile
},
"required": true,
"title": "LBPersistenceProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBPersistenceProfiles",
"type": "object"
}
LBPool (type)
{
"additionalProperties": false,
"description": "Defining access of a Group from a LBVirtualServer and binding to LBMonitorProfile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBPool",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_monitor_paths": {
"deprecated": true,
"description": "In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the pool. If multiple active monitors are configured, the pool member status is UP only when the health check status for all the monitors are UP. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"type": "string"
},
"required": false,
"title": "Active monitor path list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_LB_MONITOR_PROFILE_RELATIONSHIP",
"rightType": [
"LBMonitorProfile"
]
}
]
},
"algorithm": {
"default": "ROUND_ROBIN",
"description": "Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies.",
"enum": [
"ROUND_ROBIN",
"WEIGHTED_ROUND_ROBIN",
"LEAST_CONNECTION",
"WEIGHTED_LEAST_CONNECTION",
"IP_HASH"
],
"required": false,
"title": "Load balancing algorithm",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_group": {
"$ref": "LBPoolMemberGroup,
"description": "Load balancer pool support grouping object as dynamic pool members. When member group is defined, members setting should not be specified.",
"required": false,
"title": "Load balancer member setting with grouping object"
},
"members": {
"description": "Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port.",
"items": {
"$ref": "LBPoolMember
},
"required": false,
"title": "Load balancer pool members",
"type": "array"
},
"min_active_members": {
"default": 1,
"description": "A pool is considered active if there are at least certain minimum number of members.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Minimum number of active pool members to consider pool as active",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passive_monitor_path": {
"deprecated": true,
"description": "Passive healthchecks are deactivated by default and can be activated by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Passive monitor path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_LB_MONITOR_PROFILE_RELATIONSHIP",
"rightType": [
"LBMonitorProfile"
]
}
]
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snat_translation": {
"$ref": "LBSnatTranslation,
"description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode. By default Source NAT is enabled as LBSnatAutoMap.",
"required": false,
"title": "Snat translation configuration"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_multiplexing_enabled": {
"default": false,
"deprecated": true,
"description": "TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "TCP multiplexing enable flag",
"type": "boolean"
},
"tcp_multiplexing_number": {
"default": 6,
"deprecated": true,
"description": "The maximum number of TCP connections per pool that are idly kept alive for sending future client requests. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Maximum number of TCP connections for multiplexing",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Defining access a Group from a LBVirtualServer and binding to LBMonitorProfile",
"type": "object"
}
LBPoolListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of LBPool.",
"extends": {
"$ref": "ListResult
},
"id": "LBPoolListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "LBPool list results.",
"items": {
"$ref": "LBPool
},
"required": true,
"title": "LBPool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBPool",
"type": "object"
}
LBPoolMember (type)
{
"additionalProperties": false,
"description": "Pool member.",
"id": "LBPoolMember",
"module_id": "PolicyLoadBalancer",
"properties": {
"admin_state": {
"$ref": "PoolMemberAdminStateType,
"default": "ENABLED",
"description": "Member admin state.",
"required": false,
"title": "Member admin state"
},
"backup_member": {
"default": false,
"description": "Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s).",
"required": false,
"title": "Determine whether the pool member is for backup usage",
"type": "boolean"
},
"display_name": {
"description": "Pool member name.",
"required": false,
"title": "Pool member name",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Pool member IP address.",
"required": true,
"title": "Pool member IP address"
},
"max_concurrent_connections": {
"description": "To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum concurrent connection number",
"type": "integer"
},
"port": {
"$ref": "PortElement,
"description": "If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case.",
"required": false,
"title": "Pool member port number"
},
"weight": {
"default": 1,
"description": "Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Pool member weight",
"type": "integer"
}
},
"title": "Pool member",
"type": "object"
}
LBPoolMemberGroup (type)
{
"additionalProperties": false,
"description": "Pool member group.",
"id": "LBPoolMemberGroup",
"module_id": "PolicyLoadBalancer",
"properties": {
"customized_members": {
"description": "The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address.",
"items": {
"$ref": "PoolMemberSetting
},
"readonly": false,
"title": "List of customized pool member settings",
"type": "array"
},
"group_path": {
"description": "Load balancer pool support Group as dynamic pool members. The IP list of the Group would be used as pool member IP setting.",
"required": true,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"ip_revision_filter": {
"default": "IPV4",
"description": "Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"required": false,
"title": "Filter of ipv4 or ipv6 address of grouping object IP list",
"type": "string"
},
"max_ip_list_size": {
"description": "The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Maximum number of grouping object IP address list",
"type": "integer"
},
"port": {
"description": "If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Pool member port for all IP addresses of the grouping object",
"type": "int"
}
},
"title": "Pool member group",
"type": "object"
}
LBPoolMemberStatistics (type)
{
"id": "LBPoolMemberStatistics",
"module_id": "PolicyLBStatistics",
"properties": {
"ip_address": {
"$ref": "IPAddress,
"description": "Pool member IP address.",
"readonly": true,
"title": "Pool member IP address"
},
"port": {
"$ref": "PortElement,
"description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.",
"readonly": true,
"title": "Pool member port"
},
"statistics": {
"$ref": "LBStatisticsCounter,
"description": "Pool member statistics counter.",
"readonly": true,
"title": "Pool member statistics counter"
}
},
"type": "object"
}
LBPoolMemberStatus (type)
{
"id": "LBPoolMemberStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"failure_cause": {
"description": "If multiple active monitors are configured, the failure_cause contains failure cause for each monitors. Like \"Monitor_1:failure_cause_1. Monitor_2:failure_cause_2.\"",
"readonly": true,
"title": "The healthcheck failure cause when status is DOWN",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Pool member IP address.",
"readonly": true,
"title": "Pool member IP address"
},
"last_check_time": {
"$ref": "EpochMsTimestamp,
"description": "If multiple active monitors are configured, the property value is the latest last_check_time among all the monitors.",
"readonly": true,
"title": "Timestamp when the monitor status was last checked"
},
"last_state_change_time": {
"$ref": "EpochMsTimestamp,
"description": "If multiple active monitors are configured, the property value is the latest last_state_change_time among all the monitors.",
"readonly": true,
"title": "Timestamp when the monitor status was last changed"
},
"port": {
"$ref": "PortElement,
"description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.",
"readonly": true,
"title": "Pool member port"
},
"status": {
"description": "UP means that pool member is enabled and monitors have marked the pool member as UP. If the pool member has no monitor configured, it would be treated as UP. DOWN means that pool member is enabled and monitors have marked the pool member as DOWN. DISABLED means that admin state of pool member is set to DISABLED. GRACEFUL_DISABLED means that admin state of pool member is set to GRACEFUL_DISABLED. UNUSED means that the pool member is not used when the IP list size of member group exceeds the maximum setting. The remaining IP addresses would not be used as available backend servers, hence mark the status as UNUSED. UNKNOWN means that the related pool is not associated to any enabled virtual servers, or no status reported from transport-nodes, the associated load balancer service may be working(or not working).",
"enum": [
"UP",
"DOWN",
"DISABLED",
"GRACEFUL_DISABLED",
"UNUSED",
"UNKNOWN"
],
"readonly": true,
"title": "Pool member status",
"type": "string"
}
},
"type": "object"
}
LBPoolStatistics (type)
{
"extends": {
"$ref": "LBPoolStatisticsPerEP
},
"id": "LBPoolStatistics",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBPoolStatistics"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated"
},
"members": {
"description": "Statistics of load balancer pool members.",
"items": {
"$ref": "LBPoolMemberStatistics
},
"readonly": true,
"title": "Statistics of load balancer pool members",
"type": "array"
},
"pool_path": {
"description": "Load balancer pool object path.",
"readonly": true,
"title": "Load balancer pool object path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"statistics": {
"$ref": "LBStatisticsCounter,
"description": "Virtual server statistics counter.",
"readonly": true,
"title": "Virtual server statistics counter"
}
},
"type": "object"
}
LBPoolStatisticsPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBPoolStatisticsPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBPoolStatistics on specific Enforcement Point",
"type": "object"
}
LBPoolStatus (type)
{
"extends": {
"$ref": "LBPoolStatusPerEP
},
"id": "LBPoolStatus",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBPoolStatus"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated"
},
"members": {
"description": "Status of load balancer pool members.",
"items": {
"$ref": "LBPoolMemberStatus
},
"readonly": true,
"title": "Status of load balancer pool members",
"type": "array"
},
"pool_path": {
"description": "Load balancer pool object path.",
"readonly": true,
"title": "Load balancer pool object path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"status": {
"description": "UP means that all primary members are in UP status. PARTIALLY_UP means that some(not all) primary members are in UP status, the number of these active members is larger or equal to certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members are in UP status but backup members are in UP status, connections to this pool would be dispatched to backup members. DOWN means that all primary and backup members are DOWN. DETACHED means that the pool is not bound to any virtual server. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"PRIMARY_DOWN",
"DOWN",
"DETACHED",
"UNKNOWN"
],
"readonly": true,
"title": "Virtual server status",
"type": "string"
}
},
"type": "object"
}
LBPoolStatusPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBPoolStatusPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBPoolStatus on specific Enforcement Point",
"type": "object"
}
LBRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Binding of a LBPool and Group to a LBVirtualServer used to route application traffic passing through load balancers. LBRule uses match conditions to match application traffic passing through a LBVirtualServer using HTTP or HTTPS. Can bind multiple LBVirtualServers to a Group. Each LBRule consists of two optional match conditions, each match contidion defines a criterion for application traffic. If no match conditions are specified, then the LBRule will always match and it is used typically to define default rules. If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LBRule to be considered a match. A match indicates that the LBVirtualServer should route the request to the Group (parent of LBRule). LBRule is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBRule",
"module_id": "PolicyLoadBalancer",
"properties": {
"actions": {
"description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.",
"items": {
"$ref": "LBRuleAction
},
"maxItems": 60,
"required": true,
"title": "Actions to be executed",
"type": "array"
},
"display_name": {
"description": "A display name useful for identifying an LBRule.",
"required": false,
"title": "Display name for LBRule",
"type": "string"
},
"match_conditions": {
"description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.",
"items": {
"$ref": "LBRuleCondition
},
"maxItems": 60,
"required": false,
"title": "Conditions to match application traffic",
"type": "array"
},
"match_strategy": {
"default": "ANY",
"description": "If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LB Rule to be considered a match. - ALL indicates that both host_match and path_match must match for this LBRule to be considered a match. - ANY indicates that either host_match or patch match may match for this LBRule to be considered a match.",
"enum": [
"ALL",
"ANY"
],
"required": false,
"title": "Match strategy for determining match of multiple conditions",
"type": "string"
},
"phase": {
"default": "HTTP_FORWARDING",
"description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool.",
"enum": [
"HTTP_REQUEST_REWRITE",
"HTTP_FORWARDING",
"HTTP_RESPONSE_REWRITE",
"HTTP_ACCESS",
"TRANSPORT"
],
"required": false,
"title": "Load balancer processing phase",
"type": "string"
}
},
"title": "Binding of a LBPool and Group to a LBVirtualServer",
"type": "object"
}
LBRuleAction (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUST_REWRITE phase are: LBHttpRequestUriRewriteAction LBHttpRequestHeaderRewriteAction LBHttpRequestHeaderDeleteAction LBVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are: LBHttpRejectAction LBHttpRedirectAction LBSelectPoolAction LBVariablePersistenceOnAction LBConnectionDropAction Supported action in HTTP_RESPONSE_REWRITE phase is: LBHttpResponseHeaderRewriteAction LBHttpResponseHeaderDeleteAction LBVariablePersistenceLearnAction Supported action in HTTP_ACCESS phase is: LBJwtAuthAction LBConnectionDropAction LBVariableAssignmentAction Supported action in TRANSPORT phase is: LBSslModeSelectionAction LBSelectPoolAction If the match type of an LBRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LBRuleAction fields. For example, define a rule with LBHttpRequestUriCondition as match condition and LBHttpRequestUriRewriteAction as action. Set match_type field of LBHttpRequestUriCondition to REGEX, and set uri field to \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\". Set uri field of LBHttpRequestUriRewriteAction to: \"/news/$year-$month/$article\" In uri field of LBHttpRequestUriCondition, the (?<year>\\d+), (?<month>\\d+) and (?<article>.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LBHttpRequestUriRewriteAction. For a matched HTTP request with URI \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable $year, \"06\" is captured in variable $month, and \"xyz.html\" is captured in variable $article. The LBHttpRequestUriRewriteAction will rewrite the URI to: \"/news/2017-06/xyz.html\" A set of built-in variables can be used in LBRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables: $_scheme: Reference the scheme part of matched HTTP messages, could be \"http\" or \"https\". $_host: Host of matched HTTP messages, for example \"www.example.com\". $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https. $_uri: The URI path, for example \"/products/sample.html\". $_request_uri: Full original request URI with arguments, for example, \"/products/sample.html?a=b&c=d\". $_args: URI arguments, for instance \"a=b&c=d\" $_is_args: \"?\" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"id": "LBRuleAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Load balancer rule action",
"type": "object"
}
LBRuleActionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Types of load balancer rule actions.",
"enum": [
"LBSelectPoolAction",
"LBHttpRequestUriRewriteAction",
"LBHttpRequestHeaderRewriteAction",
"LBHttpRejectAction",
"LBHttpRedirectAction",
"LBHttpResponseHeaderRewriteAction",
"LBHttpRequestHeaderDeleteAction",
"LBHttpResponseHeaderDeleteAction",
"LBVariableAssignmentAction",
"LBVariablePersistenceOnAction",
"LBVariablePersistenceLearnAction",
"LBJwtAuthAction",
"LBSslModeSelectionAction",
"LBConnectionDropAction"
],
"id": "LBRuleActionType",
"module_id": "PolicyLoadBalancer",
"title": "Types of load balancer rule actions",
"type": "string"
}
LBRuleCondition (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition LBSslSniCondition Supported match conditions in HTTP_RESPONSE_REWRITE phase are: LBHttpResponseHeaderCondition LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in HTTP_ACCESS phase is: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in TRANSPORT phase is: LBSslSniCondition",
"id": "LBRuleCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Match condition of load balancer rule",
"type": "object"
}
LBRuleConditionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Type of load balancer rule match condition.",
"enum": [
"LBHttpRequestUriCondition",
"LBHttpRequestHeaderCondition",
"LBHttpRequestMethodCondition",
"LBHttpRequestUriArgumentsCondition",
"LBHttpRequestVersionCondition",
"LBHttpRequestCookieCondition",
"LBHttpRequestBodyCondition",
"LBHttpResponseHeaderCondition",
"LBTcpHeaderCondition",
"LBIpHeaderCondition",
"LBVariableCondition",
"LBHttpSslCondition",
"LBSslSniCondition"
],
"id": "LBRuleConditionType",
"module_id": "PolicyLoadBalancer",
"title": "Type of load balancer rule match condition",
"type": "string"
}
LBSelectPoolAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select a pool for matched HTTP request messages. The pool is specified by path. The matched HTTP request messages are forwarded to the specified pool.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBSelectPoolAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSelectPoolAction"
},
"properties": {
"pool_id": {
"description": "Path of load balancer pool.",
"required": true,
"title": "Path of load balancer pool",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select a pool for HTTP request messages",
"type": "object"
}
LBServerAuthType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server authentication could be AUTO_APPLY, REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is automatic by default when server_auth_ca_certificate_paths are configured and IGNORED when they are not configured. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.",
"enum": [
"REQUIRED",
"IGNORE",
"AUTO_APPLY"
],
"id": "LBServerAuthType",
"module_id": "PolicyLoadBalancer",
"title": "server authentication mode",
"type": "string"
}
LBServerSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server SSL profile. LBServerSslProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBSslProfile
},
"id": "LBServerSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"description": "Supported SSL cipher list to client side.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocols": {
"description": "SSL version TLS1.2 is supported and enabled.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "Supported SSL protocol list to client side",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "Session cache activate/deactivate falg",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Server SSL profile",
"type": "object"
}
LBServerSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server SSL profile binding. LBServerSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBServerSslProfileBinding",
"module_id": "PolicyLoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "Authentication depth is used to set the verification depth in the server certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "The maximum traversal depth of server certificate chain",
"type": "integer"
},
"client_certificate_path": {
"description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding",
"required": false,
"title": "Client certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"server_auth": {
"$ref": "LBServerAuthType,
"default": "AUTO_APPLY",
"description": "Server authentication mode.",
"title": "Server authentication mode"
},
"server_auth_ca_paths": {
"description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA path list to verify server certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"server_auth_crl_paths": {
"description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL path list to verify server certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CRL_RELATIONSHIP",
"rightType": [
"TlsCrl"
]
}
]
},
"ssl_profile_path": {
"description": "Server SSL profile defines reusable, application-independent server side SSL properties.",
"required": false,
"title": "Server SSL profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_SERVER_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBServerSslProfile"
]
},
{
"leftType": [
"LBMonitorProfile"
],
"relationshipType": "LB_MONTOR_PROFILE_LB_SERVER_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBServerSslProfile"
]
}
]
}
},
"title": "Server SSL profile binding",
"type": "object"
}
LBServerSslProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LBServerSslProfileListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBServerSslProfile
},
"required": true,
"title": "Paginated list of load balancer server SSL profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LBService (type)
{
"additionalProperties": false,
"description": "Loadbalancer Service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBService",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_log_enabled": {
"deprecated": true,
"details": "This is a deprecated property, please use 'access_log_enabled' in\nLBVirtualServer. If both virtual server and load balancer service have\nthe setting, the setting in virtual server layer would override it and\ntake effect.\nIf access log is enabled, all HTTP requests sent to a L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n",
"required": false,
"title": "Flag to enable access log",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_path": {
"description": "LBS could be instantiated (or created) on the Tier-1, etc. For now, only the Tier-1 object is supported.",
"required": false,
"title": "The connectivity target used to instantiate the LBService",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBService"
],
"relationshipType": "LB_SERVICE_NETWORK_RELATIONSHIP",
"rightType": [
"Tier1"
]
},
{
"leftType": [
"LBService"
],
"relationshipType": "LB_SERVICE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable the load balancer service.",
"required": false,
"title": "Flag to enable the load balancer service",
"type": "boolean"
},
"error_log_level": {
"$ref": "LbLogLevel,
"default": "INFO",
"description": "Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log.",
"required": false,
"title": "Error log level of load balancer service"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"relax_scale_validation": {
"default": false,
"deprecated": true,
"description": "If relax_scale_validation is true, the scale validations for virtual servers/pools/pool members/rules are relaxed for load balancer service. When load balancer service is deployed on edge nodes, the scale of virtual servers/pools/pool members for the load balancer service should not exceed the scale number of the largest load balancer size which could be configured on a certain edge form factor. For example, the largest load balancer size supported on a MEDIUM edge node is MEDIUM. So one SMALL load balancer deployed on MEDIUM edge nodes can support the scale number of MEDIUM load balancer. It is not recommended to enable active monitors if relax_scale_validation is true due to performance consideration. If relax_scale_validation is false, scale numbers should be validated for load balancer service. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Whether scale validation is relaxed",
"type": "boolean"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"size": {
"$ref": "LbServiceSize,
"default": "SMALL",
"description": "Load balancer service size. The load balancer service sizes, SMALL, MEDIUM, LARGE and XLARGE are all deprecated. Customers who are using this set of features are advised to migrate to NSX Advanced Load Balancer (Avi) which provides a superset of the NSX-T load balancing functionality.",
"required": false,
"title": "Load balancer service size"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Loadbalancer Service",
"type": "object"
}
LBServiceCountPerSeverity (type)
{
"additionalProperties": false,
"description": "The service count for specific load balancer usage severity.",
"id": "LBServiceCountPerSeverity",
"module_id": "PolicyLBStatistics",
"properties": {
"service_count": {
"description": "Service count for specific serverity.",
"readonly": true,
"title": "Service count for specific serverity",
"type": "integer"
},
"severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on current usage percentage for one load balancer service.",
"readonly": true,
"title": "LB usage severity"
}
},
"title": "The service count for specific severity",
"type": "object"
}
LBServiceDebugInfo (type)
{
"additionalProperties": false,
"description": "The information for a given LBService could be used for debugging and troubleshooting. It includes LBService, associated LBVirtualServers, associated LBPools, associated profiles such as LBPersistenceProfiles, LBServerSslProfiles, LBClientSslProfiles, LBAppProfiles, associated LBMonitors.",
"id": "LBServiceDebugInfo",
"module_id": "PolicyLoadBalancer",
"properties": {
"application_profiles": {
"description": "The application profiles are associated to virtual servers",
"items": {
"$ref": "LBAppProfile
},
"readonly": true,
"title": "Associated load balancer application profile settings",
"type": "array"
},
"client_ssl_profiles": {
"deprecated": true,
"description": "The client SSL profiles are associated to virtual servers. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LBClientSslProfile
},
"readonly": true,
"title": "Associated load balancer client SSL profile settings",
"type": "array"
},
"monitors": {
"deprecated": true,
"description": "The load balancer monitors are associated to pools. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LBMonitorProfile
},
"readonly": true,
"title": "Associated load balancer monitor configurations",
"type": "array"
},
"persistence_profiles": {
"description": "The persistence profiles are associated to virtual servers",
"items": {
"$ref": "LBPersistenceProfile
},
"readonly": true,
"title": "Associated load balancer persistence profile settings",
"type": "array"
},
"pools": {
"description": "The pools which are associated to the given load balancer service would be included. The pools could be defined in virtual server default pool, sorry pool or load balancer rule action.",
"items": {
"$ref": "LBPool
},
"readonly": true,
"title": "Associated load balancer pool settings",
"type": "array"
},
"server_ssl_profiles": {
"deprecated": true,
"description": "The server SSL profiles are associated to virtual servers. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LBServerSslProfile
},
"readonly": true,
"title": "Associated load balancer server SSL profile settings",
"type": "array"
},
"service": {
"$ref": "LBService,
"description": "Load balancer service setting for a given load balancer service identifier.",
"readonly": true,
"title": "Load balancer service setting"
},
"virtual_servers": {
"description": "The virtual servers which are associated to the given load balancer service would be included.",
"items": {
"$ref": "LBVirtualServer
},
"readonly": true,
"title": "Associated virtual server settings",
"type": "array"
}
},
"title": "The debug information of the LBService",
"type": "object"
}
LBServiceInstanceDetail (type)
{
"id": "LBServiceInstanceDetail",
"module_id": "PolicyLBStatistics",
"properties": {
"attachment_display_name": {
"description": "The display name of the resource which the load balancer instance deploys on.",
"title": "The display name of load balancer instance attachment",
"type": "string"
},
"attachment_path": {
"description": "The path of the resource which the load balancer instance deploys on.",
"title": "The path of load balancer instance attachment",
"type": "string"
},
"error_message": {
"description": "The error message for the load balancer instance. If the instance status is NOT_READY, error message will be attached.",
"title": "The error message for this instance",
"type": "string"
}
},
"type": "object"
}
LBServiceInstanceDetailPerStatus (type)
{
"id": "LBServiceInstanceDetailPerStatus",
"module_id": "PolicyLBStatistics",
"properties": {
"instance_details": {
"description": "The detailed information of the load balancer instance. This field will be only returned on realtime status API.",
"items": {
"$ref": "LBServiceInstanceDetail
},
"title": "The detail information of load balancer instance",
"type": "array"
},
"instance_number": {
"description": "It means the total number of instances in this status type for the given transport node.",
"title": "The number of instances in this status type",
"type": "integer"
},
"status": {
"$ref": "LBServiceInstanceStatusEnum,
"description": "The type of load balancer instance status.",
"title": "Load balancer instance status type"
}
},
"type": "object"
}
LBServiceInstanceDetailPerTransportNode (type)
{
"id": "LBServiceInstanceDetailPerTransportNode",
"module_id": "PolicyLBStatistics",
"properties": {
"instance_detail_per_status": {
"description": "Load balancer instances details for each load balancer instance status type from the given transport node.",
"items": {
"$ref": "LBServiceInstanceDetailPerStatus
},
"title": "Load balancer instances details for each status",
"type": "array"
},
"transport_node_id": {
"description": "The UUID of the transport node.",
"title": "The UUID of the transport node",
"type": "string"
}
},
"type": "object"
}
LBServiceInstanceStatusEnum (type)
{
"additionalProperties": false,
"description": "READY means that the LBS instance is the oldest and applied. Sometimes, the oldest LBS might not be applied successfully, the next oldest one could be applied. CONFLICT means that the LBS instance is not the oldest and not applied. NOT_READY means that the LBS instance is the oldest, should be applied, but not applied.",
"enum": [
"READY",
"CONFLICT",
"NOT_READY"
],
"id": "LBServiceInstanceStatusEnum",
"module_id": "PolicyLBStatistics",
"title": "Distributed load balancer service instance status",
"type": "string"
}
LBServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LBServiceListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBService
},
"required": true,
"title": "LBService list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBServices",
"type": "object"
}
LBServiceStatistics (type)
{
"extends": {
"$ref": "LBServiceStatisticsPerEP
},
"id": "LBServiceStatistics",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBServiceStatistics"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated"
},
"pools": {
"description": "Statistics of load balancer pools",
"items": {
"$ref": "LBPoolStatistics
},
"readonly": true,
"title": "Statistics of load balancer pools",
"type": "array"
},
"resource_type": {
"required": true,
"type": "string"
},
"service_path": {
"description": "load balancer service identifier.",
"readonly": true,
"title": "load balancer service identifier",
"type": "string"
},
"statistics": {
"$ref": "LBServiceStatisticsCounter,
"description": "Load balancer service statistics counter.",
"readonly": true,
"title": "Load balancer service statistics counter"
},
"virtual_servers": {
"description": "Statistics of load balancer virtual servers.",
"items": {
"$ref": "LBVirtualServerStatistics
},
"readonly": true,
"title": "Statistics of load balancer virtual servers",
"type": "array"
}
},
"type": "object"
}
LBServiceStatisticsCounter (type)
{
"id": "LBServiceStatisticsCounter",
"module_id": "PolicyLBStatistics",
"properties": {
"l4_current_session_rate": {
"description": "The average number of l4 current sessions per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of l4 current sessions per second",
"type": "number"
},
"l4_current_sessions": {
"description": "Number of l4 current live sessions.",
"readonly": true,
"title": "Number of l4 current sessions",
"type": "integer"
},
"l4_max_sessions": {
"description": "The l4_max_sessions property is used to show the peak value of l4_current_sessions data since load balancer starts to provide service.",
"readonly": true,
"title": "Number of l4 maximum sessions",
"type": "integer"
},
"l4_total_sessions": {
"description": "Number of l4 total sessions since load balancer starts to provide service.",
"readonly": true,
"title": "Number of l4 total sessions",
"type": "integer"
},
"l7_current_session_rate": {
"description": "The average number of l7 current requests per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "averabe number of l7 current requests per second",
"type": "number"
},
"l7_current_sessions": {
"description": "Number of l7 current live sessions.",
"readonly": true,
"title": "Number of l7 current sessions",
"type": "integer"
},
"l7_max_sessions": {
"description": "The l7_max_sessions property is used to show the peak value of l7_current_sessions data since load balancer starts to provide service.",
"readonly": true,
"title": "Number of l7 maximum sessions",
"type": "integer"
},
"l7_total_sessions": {
"description": "Number of l7 total sessions since load balancer starts to provide service.",
"readonly": true,
"title": "Number of l7 total sessions",
"type": "integer"
}
},
"type": "object"
}
LBServiceStatisticsPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBServiceStatisticsPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBServiceStatistics on specific Enforcement Point",
"type": "object"
}
LBServiceStatus (type)
{
"extends": {
"$ref": "LBServiceStatusPerEP
},
"id": "LBServiceStatus",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBServiceStatus"
},
"properties": {
"active_transport_nodes": {
"description": "Ids of load balancer service related active transport nodes.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Ids of load balancer service related active transport nodes",
"type": "array"
},
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"cpu_usage": {
"description": "Cpu usage in percentage.",
"readonly": true,
"title": "Cpu usage in percentage",
"type": "integer"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"error_message": {
"description": "Error message, if available.",
"readonly": true,
"title": "Error message, if available",
"type": "string"
},
"instance_detail_per_tn": {
"description": "Details of load balancer service instance per transport node.",
"items": {
"$ref": "LBServiceInstanceDetailPerTransportNode
},
"title": "Details of load balancer service instance per transport node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated"
},
"memory_usage": {
"description": "Memory usage in percentage.",
"readonly": true,
"title": "Memory usage in percentage",
"type": "integer"
},
"pools": {
"description": "status of load balancer pools.",
"items": {
"$ref": "LBPoolStatus
},
"readonly": true,
"title": "status of load balancer pools",
"type": "array"
},
"resource_type": {
"required": true,
"type": "string"
},
"service_path": {
"description": "Load balancer service object path.",
"readonly": true,
"title": "Load balancer service object path",
"type": "string"
},
"service_status": {
"description": "UP means the load balancer service is working fine on both transport-nodes(if have); PARTIALLY_UP means that some DLB instances on transport node are working successfully and some instances are not working successfully; DOWN means the load balancer service is down on both transport-nodes (if have), hence the load balancer will not respond to any requests; ERROR means error happens on transport-node(s) or no status is reported from transport-node(s). The load balancer service may be working (or not working); NO_STANDBY means load balancer service is working in one of the transport node while not in the other transport-node (if have). Hence if the load balancer service in the working transport-node goes down, the load balancer service will go down; DETACHED means that the load balancer service has no attachment setting and is not instantiated in any transport nodes; DISABLED means that admin state of load balancer service is DISABLED; UNKNOWN means that no status reported from transport-nodes.The load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"DOWN",
"ERROR",
"NO_STANDBY",
"DETACHED",
"DISABLED",
"UNKNOWN"
],
"readonly": true,
"title": "Status of load balancer service",
"type": "string"
},
"standby_transport_nodes": {
"description": "Ids of load balancer service related standby transport nodes.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Ids of load balancer service related standby transport nodes",
"type": "array"
},
"virtual_servers": {
"description": "status of load balancer virtual servers.",
"items": {
"$ref": "LBVirtualServerStatus
},
"readonly": true,
"title": "status of load balancer virtual servers",
"type": "array"
}
},
"type": "object"
}
LBServiceStatusPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBServiceStatusPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBServiceStatus on specific Enforcement Point",
"type": "object"
}
LBServiceStatusQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeRequestParameters
},
"id": "LBServiceStatusQueryParameters",
"module_id": "PolicyLBStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_instance_details": {
"default": false,
"description": "The flag to indicate whether include detail information. Load balancer instance detail information will be returned if this field is set to true. It's only valid in realtime status query.",
"required": false,
"title": "Flag to indicate whether include detail information",
"type": "boolean"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_ids": {
"description": "The UUIDs of transport nodes. Multiple UUIDs should be separated by commas. If this field is specified, only the status from the given transport nodes will be returned. It's only valid in realtime status query.",
"required": false,
"title": "The UUIDs of transport nodes",
"type": "string"
}
},
"type": "object"
}
LBServiceUsage (type)
{
"additionalProperties": false,
"description": "Describes the capacity and current usage of virtual servers, pools and pool members for the given load balancer service.",
"extends": {
"$ref": "LBServiceUsagePerEP
},
"id": "LBServiceUsage",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBServiceUsage"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"current_pool_count": {
"description": "The current number of pools which has been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of pools",
"type": "integer"
},
"current_pool_member_count": {
"description": "The current number of pool members which has been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of pool members",
"type": "integer"
},
"current_virtual_server_count": {
"description": "The current number of virtual servers which has been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of virtual servers",
"type": "integer"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"title": "Timestamp when the data was last updated."
},
"pool_capacity": {
"description": "Pool capacity means maximum number of pools which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of pools",
"type": "integer"
},
"pool_member_capacity": {
"description": "Pool member capacity means maximum number of pool members which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of pool members",
"type": "integer"
},
"resource_type": {
"required": true,
"type": "string"
},
"service_path": {
"description": "LBService object path.",
"readonly": true,
"title": "LBService object path",
"type": "string"
},
"service_size": {
"$ref": "LbServiceSize,
"description": "The size of load balancer service.",
"readonly": true,
"title": "The size of load balancer service"
},
"severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on the largest usage percentage from virtual servers, pools and pool members for one load balancer service.",
"readonly": true,
"title": "LB usage severity"
},
"usage_percentage": {
"description": "The usage percentage is the largest usage percentage from virtual servers, pools and pool members for the load balancer service. If the property relax_scale_validation is set as true for LBService, it is possible that the value is larger than 100.0. For example, if SMALL LBS is deployed on MEDIUM edge node and configured with MEDIUM LBS virtual server scale number, LBS usage percentage is shown larger than 100.0.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
},
"virtual_server_capacity": {
"description": "Virtual server capacity means maximum number of virtual servers which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of virtual servers",
"type": "integer"
}
},
"title": "The usage information of the load balancer service",
"type": "object"
}
LBServiceUsagePerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBServiceUsagePerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBServiceUsage on specific Enforcement Point",
"type": "object"
}
LBServiceUsageSummary (type)
{
"additionalProperties": false,
"description": "Describes usage summary of virtual servers, pools and pool members for all load balancer services.",
"id": "LBServiceUsageSummary",
"module_id": "PolicyLBStatistics",
"properties": {
"current_pool_count": {
"description": "The current count of pools configured for all load balancer services.",
"readonly": true,
"title": "The current pool count",
"type": "integer"
},
"current_pool_member_count": {
"description": "The current count of pool members configured for all load balancer services.",
"readonly": true,
"title": "The current pool member count",
"type": "integer"
},
"current_virtual_server_count": {
"description": "The current count of virtual servers configured for all load balancer services.",
"readonly": true,
"title": "The current virtual server count",
"type": "integer"
},
"pool_capacity": {
"description": "Pool capacity means maximum number of pools which can be configured for all load balancer services.",
"readonly": true,
"title": "The capacity of pools",
"type": "integer"
},
"pool_member_capacity": {
"description": "Pool capacity means maximum number of pool members which can be configured for all load balancer services.",
"readonly": true,
"title": "The capacity of pool members",
"type": "integer"
},
"pool_member_severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on the overall usage percentage of pool members for all load balancer services.",
"readonly": true,
"title": "LB usage severity"
},
"pool_member_usage_percentage": {
"description": "Overall pool member usage percentage for all load balancer services.",
"readonly": true,
"title": "Pool member usage percentage",
"type": "number"
},
"pool_severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on the overall usage percentage of pools for all load balancer services.",
"readonly": true,
"title": "LB usage severity"
},
"pool_usage_percentage": {
"description": "Overall pool usage percentage for all load balancer services.",
"readonly": true,
"title": "Pool usage percentage",
"type": "number"
},
"service_counts": {
"description": "The service count for each load balancer usage severity.",
"items": {
"$ref": "LBServiceCountPerSeverity
},
"readonly": true,
"title": "LB service count for each severity",
"type": "array"
},
"service_usages": {
"description": "The property identifies all lb service usages. By default, it is not included in response. It exists when parameter ?include_usages=true.",
"items": {
"$ref": "LBServiceUsage
},
"readonly": true,
"title": "LB service usages",
"type": "array"
},
"virtual_server_capacity": {
"description": "Virtual server capacity means maximum number of virtual servers which can be configured for all load balancer services.",
"readonly": true,
"title": "The capacity of virtual servers",
"type": "integer"
},
"virtual_server_severity": {
"$ref": "LBUsageSeverity,
"description": "The severity calculation is based on the overall usage percentage of virtual servers for all load balancer services.",
"readonly": true,
"title": "LB usage severity"
},
"virtual_server_usage_percentage": {
"description": "Overall virtual server usage percentage for all load balancer services.",
"readonly": true,
"title": "Virtual server usage percentage",
"type": "number"
}
},
"title": "The usage summary for all load balancer services",
"type": "object"
}
LBSessionCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Session cookie time.",
"extends": {
"$ref": "LBCookieTime
},
"id": "LBSessionCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSessionCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Session cookie max idle time in seconds",
"type": "integer"
},
"cookie_max_life": {
"description": "Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Session cookie max lifetime in seconds",
"type": "integer"
},
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Session cookie time",
"type": "object"
}
LBSnatAutoMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat auto map.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatAutoMap",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatAutoMap"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat auto map",
"type": "object"
}
LBSnatDisabled (type)
{
"additionalProperties": false,
"description": "Snat disabled.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatDisabled",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatDisabled"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat disabled",
"type": "object"
}
LBSnatIpElement (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat Ip element.",
"id": "LBSnatIpElement",
"module_id": "PolicyLoadBalancer",
"properties": {
"ip_address": {
"$ref": "IPElement,
"description": "Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160.",
"required": true,
"title": "Ip address or ip range"
},
"prefix_length": {
"description": "Subnet prefix length should be not specified if there is only one single IP address or IP range.",
"required": false,
"title": "Subnet prefix length",
"type": "integer"
}
},
"title": "Snat Ip element",
"type": "object"
}
LBSnatIpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat Ip pool.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatIpPool",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatIpPool"
},
"properties": {
"ip_addresses": {
"description": "If an IP range is specified, the range may contain no more than 64 IP addresses.",
"items": {
"$ref": "LBSnatIpElement
},
"maxItems": 64,
"required": true,
"title": "List of Ip address or ip range",
"type": "array"
},
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat Ip pool",
"type": "object"
}
LBSnatTranslation (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Snat Translation.",
"id": "LBSnatTranslation",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat Translation",
"type": "object"
}
LBSnatTranslationType (type)
{
"additionalProperties": false,
"description": "Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are three modes: LBSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LBSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool. LBSnatDisabled deactivates Source NAT. This is referred to as no-SNAT or TRANSPARENT mode. LBSnatAutoMap and LBSnatIpPool are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSnatAutoMap",
"LBSnatIpPool",
"LBSnatDisabled"
],
"id": "LBSnatTranslationType",
"module_id": "PolicyLoadBalancer",
"title": "Snat translation type",
"type": "string"
}
LBSourceIpPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBSourceIpPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSourceIpPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"deprecated": true,
"description": "Persistence entries are not synchronized to the HA peer by default. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Mirroring enabled flag to synchronize persistence entries",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"purge": {
"$ref": "SourceIpPersistencePurge,
"default": "FULL",
"description": "Persistence purge setting.",
"required": false,
"title": "Persistence purge setting"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Persistence entry expiration time in seconds",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBPersistenceProflie using SourceIP",
"type": "object"
}
LBSslModeSelectionAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select SSL mode. Three types of SSL mode actions can be specified in Transport phase, ssl passthrough, ssl offloading and ssl end-to-end.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBSslModeSelectionAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSslModeSelectionAction"
},
"properties": {
"ssl_mode": {
"description": "SSL Passthrough: LB establishes a TCP connection with client and another connection with selected backend server. LB won't inspect the stream data between client and backend server, but just pass it through. Backend server exchanges SSL connection with client. SSL Offloading: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTP without SSL. LB estalishes new connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. SSL End-to-End: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTPS. LB estalishes new SSL connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured.",
"enum": [
"SSL_PASSTHROUGH",
"SSL_END_TO_END",
"SSL_OFFLOAD"
],
"required": true,
"title": "Type of SSL mode",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select SSL mode",
"type": "object"
}
LBSslProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer abstract SSL profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Load balancer abstract SSL profile",
"type": "object"
}
LBSslSniCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL SNI in client hello. This condition is only supported in TRANSPORT phase and HTTP_FORWARDING.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBSslSniCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSslSniCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing SNI value.",
"required": false,
"title": "A case sensitive flag for SNI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of SNI"
},
"sni": {
"description": "The SNI(Server Name indication) in client hello message.",
"required": true,
"title": "The server name indication",
"type": "string"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match SSL SNI in client hello",
"type": "object"
}
LBStatisticsCounter (type)
{
"id": "LBStatisticsCounter",
"module_id": "PolicyLBStatistics",
"properties": {
"bytes_in": {
"description": "Number of bytes in.",
"readonly": true,
"title": "Number of bytes in",
"type": "integer"
},
"bytes_in_rate": {
"description": "The average number of inbound bytes per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of inbound bytes per second",
"type": "number"
},
"bytes_out": {
"description": "Number of bytes out.",
"readonly": true,
"title": "Number of bytes out",
"type": "integer"
},
"bytes_out_rate": {
"description": "The average number of outbound bytes per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of outbound bytes per second",
"type": "number"
},
"current_session_rate": {
"description": "The average number of current sessions per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of current sessions per second",
"type": "number"
},
"current_sessions": {
"description": "Number of current live sessions.",
"readonly": true,
"title": "Number of current sessions",
"type": "integer"
},
"dropped_packets_by_access_list": {
"description": "The total number of dropped TCP SYN or UDP packets by access list control.",
"title": "The total number of dropped packets by access list control",
"type": "integer"
},
"dropped_sessions_by_lbrule_action": {
"description": "The total number of dropped sessions by LB rule action.",
"title": "The total number of dropped sessions by LB rule action",
"type": "integer"
},
"http_request_rate": {
"description": "The average number of http requests per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "averabe number of http requests per second",
"type": "number"
},
"http_requests": {
"description": "The total number of http requests.",
"readonly": true,
"title": "The total number of http requests.",
"type": "integer"
},
"max_sessions": {
"description": "The max_sessions property is used to show the peak value of the current_sessions data since the load balancer object starts to provide service.",
"readonly": true,
"title": "Number of maximum sessions",
"type": "integer"
},
"packets_in": {
"description": "Number of packets in.",
"readonly": true,
"title": "Number of packets in",
"type": "integer"
},
"packets_in_rate": {
"description": "The average number of inbound packets per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of inbound packets per second",
"type": "number"
},
"packets_out": {
"description": "Number of packets out.",
"readonly": true,
"title": "Number of packets out",
"type": "integer"
},
"packets_out_rate": {
"description": "The average number of outbound packets per second, the number is averaged over the last 5 one-second intervals.",
"readonly": true,
"title": "average number of outbound packets per second",
"type": "number"
},
"source_ip_persistence_entry_size": {
"description": "Number of source IP persistence entries",
"readonly": true,
"title": "Number of source IP persistence entries",
"type": "integer"
},
"total_sessions": {
"description": "The total sessions since the load balancer object starts to provide service.",
"readonly": true,
"title": "Number of total sessions",
"type": "integer"
}
},
"type": "object"
}
LBTcpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBTcpHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBTcpHeaderCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_port": {
"$ref": "PortElement,
"required": true,
"title": "TCP source port of HTTP message"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match TCP header fields",
"type": "object"
}
LBTcpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over TCP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBTcpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBTcpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBTcpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receive": {
"description": "Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.",
"required": false,
"title": "Expected data received from server",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"send": {
"description": "If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.",
"required": false,
"title": "Data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over TCP",
"type": "object"
}
LBUdpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are deactivated by default and can be activated for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over UDP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBUdpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBUdpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBUdpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receive": {
"description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.",
"required": true,
"title": "Expected data received from server",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"send": {
"description": "The data to be sent to the monitored server.",
"required": true,
"title": "Data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over UDP",
"type": "object"
}
LBUsageSeverity (type)
{
"additionalProperties": false,
"description": "Severity is calculated from usage percentage: GREEN means the current usage percentage is less than 60%. ORANGE means the current usage percentage is less than 80% and larger than or equal to 60%. RED means the current usage percentage is larger than or equal to 80%.",
"enum": [
"GREEN",
"ORANGE",
"RED"
],
"id": "LBUsageSeverity",
"module_id": "PolicyLBStatistics",
"title": "Load balancer usage severity",
"type": "string"
}
LBUsageSummaryRequestParameters (type)
{
"additionalProperties": false,
"id": "LBUsageSummaryRequestParameters",
"module_id": "PolicyLBStatistics",
"properties": {
"include_usages": {
"description": "Specify whether to include usages in response.",
"required": false,
"title": "Whether to include usages",
"type": "boolean"
}
},
"title": "Load balancer usage summary request parameters",
"type": "object"
}
LBVariableAssignmentAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LBVariableCondition, etc.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariableAssignmentAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariableAssignmentAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_name": {
"description": "Name of the variable to be assigned.",
"required": true,
"title": "Name of the variable to be assigned",
"type": "string"
},
"variable_value": {
"description": "Value of variable.",
"required": true,
"title": "Value of variable",
"type": "string"
}
},
"title": "Action to create variable and assign value to it",
"type": "object"
}
LBVariableCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LBVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBVariableCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariableCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing variable value.",
"required": false,
"title": "A case sensitive flag for variable value comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of variable value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"variable_name": {
"required": true,
"title": "Name of the variable to be matched",
"type": "string"
},
"variable_value": {
"required": true,
"title": "Value of variable to be matched",
"type": "string"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LBVariablePersistenceLearnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariablePersistenceLearnAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariablePersistenceLearnAction"
},
"properties": {
"persistence_profile_path": {
"description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.",
"required": false,
"title": "Path to LBPersistenceProfile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to learn the variable value",
"type": "object"
}
LBVariablePersistenceOnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariablePersistenceOnAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariablePersistenceOnAction"
},
"properties": {
"persistence_profile_path": {
"description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.",
"required": false,
"title": "Path to LBPersistenceProfile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to persist the variable value",
"type": "object"
}
LBVirtualServer (type)
{
"additionalProperties": false,
"description": "All the types of LBVirtualServer extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBVirtualServer",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_list_control": {
"$ref": "LBAccessListControl,
"description": "Specifies the access list control to define how to filter the connections from clients.",
"required": false,
"title": "IP access list control to filter the connections"
},
"access_log_enabled": {
"default": false,
"description": "If access log is enabled, all HTTP requests sent to L7 virtual server are logged to the access log file. Both successful returns information responses(1xx), successful responses(2xx), redirection messages(3xx) and unsuccessful requests, backend server returns 4xx or 5xx, are logged to access log, if enabled. All L4 virtual server connections are also logged to the access log if enabled. The non-significant events such as successful requests are not logged if log_significant_event_only is set to true.",
"required": false,
"title": "Access log enabled setting",
"type": "boolean"
},
"application_profile_path": {
"description": "The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile, etc are supported.",
"required": true,
"title": "Application profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_APP_PROFILE_RELATIONSHIP",
"rightType": [
"LBAppProfile"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"client_ssl_profile_binding": {
"$ref": "LBClientSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Virtual server side SSL binding setting"
},
"default_pool_member_ports": {
"description": "Default pool member ports when member port is not defined.",
"items": {
"$ref": "PortElement
},
"maxItems": 14,
"required": false,
"title": "Default pool member ports when member port is not defined.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable the load balancer virtual server.",
"required": false,
"title": "whether the virtual server is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Configures the IP address of the LBVirtualServer where it receives all client connections and distributes them among the backend servers.",
"required": true,
"title": "IP address of the LBVirtualServer"
},
"lb_persistence_profile_path": {
"description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is deactivated by default.",
"required": false,
"title": "Persistence Profile used by LBVirtualServer",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"lb_service_path": {
"description": "virtual servers can be associated to LBService(which is similar to physical/virtual load balancer), LB virtual servers, pools and other entities could be defined independently, the LBService identifier list here would be used to maintain the relationship of LBService and other LB entities.",
"required": false,
"title": "Path to LBService object for LBVirtualServer",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_SERVICE_RELATIONSHIP",
"rightType": [
"LBService"
]
}
]
},
"log_significant_event_only": {
"default": false,
"description": "The property log_significant_event_only can take effect only when access_log_enabled is true. If log_significant_event_only is true, significant events are logged in access log. For L4 virtual server, significant event means unsuccessful(error or dropped) TCP/UDP connections. For L7 virtual server, significant event means unsuccessful connections or HTTP/HTTPS requests which have error response code(e.g. 4xx, 5xx).",
"required": false,
"title": "Log only significant event in access log",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_concurrent_connections": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum concurrent connection number",
"type": "integer"
},
"max_new_connection_rate": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum new connection rate in connections per second",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_path": {
"description": "The server pool(LBPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application.",
"required": false,
"title": "Default server pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"ports": {
"description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.",
"items": {
"$ref": "PortElement
},
"required": true,
"title": "Virtual server port number(s) or port range(s)",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"deprecated": true,
"description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LBHttpProfile. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LBRule
},
"maxItems": 4000,
"required": false,
"title": "List of load balancer rules",
"type": "array"
},
"server_ssl_profile_binding": {
"$ref": "LBServerSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL client and establishing a connection to the backend server. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Pool side SSL binding setting"
},
"sorry_pool_path": {
"deprecated": true,
"description": "When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Sorry server pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of LBVirtualServer",
"type": "object"
}
LBVirtualServerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LBVirtualServerListResult",
"module_id": "PolicyLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LBVirtualServer
},
"required": true,
"title": "LBVirtualServer list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of LBVirtualServers",
"type": "object"
}
LBVirtualServerStatistics (type)
{
"extends": {
"$ref": "LBVirtualServerStatisticsPerEP
},
"id": "LBVirtualServerStatistics",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBVirtualServerStatistics"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated"
},
"resource_type": {
"required": true,
"type": "string"
},
"statistics": {
"$ref": "LBStatisticsCounter,
"description": "Virtual server statistics counter.",
"readonly": true,
"title": "Virtual server statistics counter"
},
"virtual_server_path": {
"description": "load balancer virtual server object path.",
"readonly": true,
"title": "load balancer virtual server object path",
"type": "string"
}
},
"type": "object"
}
LBVirtualServerStatisticsPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBVirtualServerStatisticsPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBVirtualServerStatistics on specific Enforcement Point",
"type": "object"
}
LBVirtualServerStatus (type)
{
"extends": {
"$ref": "LBVirtualServerStatusPerEP
},
"id": "LBVirtualServerStatus",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "LBVirtualServerStatus"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Timestamp when the data was last updated."
},
"resource_type": {
"required": true,
"type": "string"
},
"status": {
"description": "UP means that all primary members in default pool are in UP status. For L7 virtual server, if there is no default pool, the virtual server would be treated as UP. PARTIALLY_UP means that some(not all) primary members in default pool are in UP status. The size of these active primary members should be larger than or equal to the certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members in default pool are in UP status but backup members are in UP status, the connections would be dispatched to backup members. DOWN means that all primary and backup members are in DOWN status. DETACHED means that the virtual server is not bound to any service. DISABLED means that the admin state of the virtual server is disabled. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"PRIMARY_DOWN",
"DOWN",
"DETACHED",
"DISABLED",
"UNKNOWN"
],
"readonly": true,
"title": "Virtual server status",
"type": "string"
},
"virtual_server_path": {
"description": "load balancer virtual server object path.",
"readonly": true,
"title": "load balancer virtual server object path",
"type": "string"
}
},
"type": "object"
}
LBVirtualServerStatusPerEP (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "LBVirtualServerStatusPerEP",
"module_id": "PolicyLBStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
}
},
"title": "LBVirtualServerStatus on specific Enforcement Point",
"type": "object"
}
LBXForwardedForType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "X-forwarded-for type.",
"enum": [
"INSERT",
"REPLACE"
],
"id": "LBXForwardedForType",
"module_id": "PolicyLoadBalancer",
"title": "X-forwarded-for type",
"type": "string"
}
Label (type)
{
"additionalProperties": false,
"description": "Label that will be displayed for a UI element.",
"id": "Label",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the label will be applied. Examples of expression syntax are provided under example_request section of CreateWidgetConfiguration API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"hover": {
"default": false,
"description": "If true, displays the label only on hover",
"title": "Show label only on hover",
"type": "boolean"
},
"icons": {
"description": "Icons to be applied at dashboard for the label",
"items": {
"$ref": "Icon
},
"minItems": 0,
"title": "Icons",
"type": "array"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"text": {
"description": "Text to be displayed at the label.",
"maxLength": 255,
"required": true,
"title": "Label text",
"type": "string"
}
},
"title": "Label",
"type": "object"
}
LabelValueConfiguration (type)
{
"additionalProperties": false,
"description": "Represents a Label-Value widget configuration",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "LabelValueConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "LabelValueConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"layout": {
"$ref": "Layout,
"description": "Layout of properties can be vertical or grid. If layout is not specified a default vertical layout is applied.",
"title": "Layout of properties inside widget"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"properties": {
"description": "An array of label-value properties.",
"items": {
"$ref": "PropertyItem
},
"required": true,
"title": "Rows",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"sub_type": {
"description": "A sub-type of LabelValueConfiguration. If sub-type is not specified the parent type is rendered. For VERTICALLY_ALIGNED sub_type, the value is placed below the label. For HORIZONTALLY_ALIGNED sub_type, the value is placed right hand side of the label.",
"enum": [
"VERTICALLY_ALIGNED",
"HORIZONTALLY_ALIGNED"
],
"title": "Sub-type of the LabelValueConfiguration",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Label Value Dashboard Widget Configuration",
"type": "object"
}
LacpGroupConfigInfo (type)
{
"additionalProperties": false,
"id": "LacpGroupConfigInfo",
"module_id": "InventoryCmInvComm",
"properties": {
"key": {
"description": "The key represents the identifier for the group that is unique across VC.",
"readonly": false,
"required": false,
"title": "The generated key as the identifier for the group",
"type": "string"
},
"load_balance_algorithm": {
"description": "Load balance algorithm used in LACP group. The possible values are dictated by the values available in VC. Please refer VMwareDvsLacpLoadBalanceAlgorithm documentation for a full list of values. A few examples are srcDestIp where source and destination IP are considered, srcIp where only source IP is considered.",
"readonly": false,
"required": false,
"title": "Load balance policy",
"type": "string"
},
"mode": {
"description": "The mode of LACP can be ACTIVE or PASSIVE. If the mode is ACTIVE, LACP is enabled unconditionally. If the mode is PASSIVE, LACP is enabled only if LACP device is detected.",
"enum": [
"ACTIVE",
"PASSIVE"
],
"readonly": false,
"required": false,
"title": "The mode of Link Aggregation Control Protocol (LACP)",
"type": "string"
},
"name": {
"description": "The display name of the LACP group.",
"readonly": false,
"required": false,
"title": "The display name",
"type": "string"
},
"timeout_type": {
"default": "SLOW",
"description": "To set the lag mode as fast for LACP. By default, it will be slow.",
"enum": [
"FAST",
"SLOW"
],
"readonly": false,
"required": false,
"title": "LACP timeout mode",
"type": "string"
},
"uplink_names": {
"description": "Names for the uplink ports in the group.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Uplink names",
"type": "array"
},
"uplink_num": {
"readonly": false,
"required": false,
"title": "The number of uplink ports",
"type": "integer"
},
"uplink_port_keys": {
"description": "Keys for the uplink ports in the group. Each uplink port is assigned a key that is unique across VC.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Keys for the uplink ports",
"type": "array"
}
},
"type": "object"
}
Lag (type) (Deprecated)
{
"deprecated": true,
"id": "Lag",
"module_id": "UplinkHostSwitchProfile",
"properties": {
"id": {
"readonly": true,
"required": false,
"title": "unique id",
"type": "string"
},
"load_balance_algorithm": {
"enum": [
"SRCMAC",
"DESTMAC",
"SRCDESTMAC",
"SRCDESTIPVLAN",
"SRCDESTMACIPPORT"
],
"required": true,
"title": "LACP load balance Algorithm",
"type": "string"
},
"mode": {
"enum": [
"ACTIVE",
"PASSIVE"
],
"required": true,
"title": "LACP group mode",
"type": "string"
},
"name": {
"help_summary": "the max length of the name is 47-byte in UTF-8 encoding",
"required": true,
"title": "Lag name",
"type": "string"
},
"number_of_uplinks": {
"maximum": 32,
"minimum": 2,
"required": true,
"title": "number of uplinks",
"type": "int"
},
"timeout_type": {
"default": "SLOW",
"enum": [
"SLOW",
"FAST"
],
"required": false,
"title": "LACP timeout type",
"type": "string"
},
"uplinks": {
"items": {
"$ref": "Uplink
},
"maxItems": 32,
"readonly": true,
"required": false,
"title": "uplink names",
"type": "array"
}
},
"title": "LACP group",
"type": "object"
}
LatencyStatProfile (type)
{
"description": "Latency stat service profile",
"extends": {
"$ref": "ManagedResource
},
"id": "LatencyStatProfile",
"module_id": "Latency",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"pnic_latency_enabled": {
"default": false,
"description": "Enable or Disable pnic latency.",
"readonly": false,
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sampling_interval": {
"description": "Event nth milliseconds packet is sampled. When a value less than 1000 is given, the realized sampling interval will be 1000 milliseconds.",
"maximum": 1000000,
"minimum": 1,
"title": "Latency sampling interval",
"type": "integer"
},
"sampling_rate": {
"description": "Event nth packet is sampled.",
"maximum": 1000000,
"minimum": 100,
"title": "Latency sampling rate",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Latency Stat Profile",
"type": "object"
}
LatencyStatProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LatencyStatProfileListResult",
"module_id": "Latency",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Latency stat profile list.",
"items": {
"$ref": "LatencyStatProfile
},
"readonly": true,
"required": false,
"title": "Latency Stat Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of latency profile",
"type": "object"
}
Layout (type)
{
"additionalProperties": false,
"description": "Represents layout of a container or widget",
"id": "Layout",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"properties": {
"$ref": "LayoutProperties
},
"type": {
"default": "HORIZONTAL",
"description": "Describes layout of a container or widget. Layout describes how individual widgets are placed inside the container. For example, if HORIZONTAL is chosen widgets are placed side by side inside the container. If VERTICAL is chosen then widgets are placed one below the other. If GRID is chosen then the container or widget display area is divided into a grid of m rows and n columns, as specified in the properties, and the widgets are placed inside the grid. If AUTO is chosen then container or widgets display area will be automatically calculated depending upon the required width.",
"enum": [
"HORIZONTAL",
"VERTICAL",
"GRID",
"AUTO"
],
"title": "Type of layout of a container or widget",
"type": "string"
}
},
"title": "Layout of a container or widget",
"type": "object"
}
LayoutProperties (type)
{
"additionalProperties": false,
"description": "Properties of the layout of a container or widget",
"id": "LayoutProperties",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"num_columns": {
"description": "Describes the number of columns of grid layout of a container or widget. This property is applicable for grid layout only.",
"title": "Number of columns of grid",
"type": "int"
},
"num_rows": {
"description": "Describes the number of rows of grid layout of a container or widget. This property is applicable for grid layout only.",
"title": "Number of rows of grid",
"type": "int"
}
},
"title": "Layout properties of a container or widget",
"type": "object"
}
LbAccessListControl (type)
{
"additionalProperties": false,
"description": "LbAccessListControl is used to define how IP access list control can filter the connections from clients.",
"id": "LbAccessListControl",
"module_id": "LoadBalancer",
"properties": {
"action": {
"description": "ALLOW means connections matching grouping object IP list are allowed and requests not matching grouping object IP list are dropped. DROP means connections matching grouping object IP list are dropped and requests not matching grouping object IP list are allowed.",
"enum": [
"ALLOW",
"DROP"
],
"required": true,
"title": "IP access list control action",
"type": "string"
},
"enabled": {
"default": false,
"description": "The enabled flag indicates whether to enable access list control option. It is false by default.",
"required": false,
"title": "Whether to enable access list control option",
"type": "boolean"
},
"group_id": {
"description": "The identifier of grouping object which defines the IP addresses or ranges to match the client IP.",
"required": true,
"title": "Grouping object identifier",
"type": "string"
}
},
"title": "IP access list control to filter the connections from clients",
"type": "object"
}
LbActiveMonitor (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbMonitor
},
"id": "LbActiveMonitor",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbAppProfile (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LbAppProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "ApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LbAppProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LbAppProfileListRequestParameters",
"module_id": "LoadBalancer",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"$ref": "ApplicationProfileType,
"description": "Specify this type parameter to retrieve a list of load balancer application profiles of specified type.",
"required": false,
"title": "Load balancer application profile type"
}
},
"type": "object"
}
LbAppProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LbAppProfileListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbAppProfile
},
"required": true,
"title": "paginated list of load balancer application profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbClientCertificateIssuerDnCondition (type) (Deprecated)
{
"deprecated": true,
"id": "LbClientCertificateIssuerDnCondition",
"module_id": "LoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing issuer DN value.",
"required": false,
"title": "A case sensitive flag for issuer DN comparing",
"type": "boolean"
},
"issuer_dn": {
"description": "Value of issuer DN. The format should follow RFC 2253.",
"required": true,
"title": "Value of issuer DN",
"type": "string"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of issuer DN"
}
},
"title": "Match condition for client certificate issuer DN",
"type": "object"
}
LbClientCertificateSubjectDnCondition (type) (Deprecated)
{
"deprecated": true,
"id": "LbClientCertificateSubjectDnCondition",
"module_id": "LoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing subject DN value.",
"required": false,
"title": "A case sensitive flag for subject DN comparing",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of subject DN"
},
"subject_dn": {
"description": "Value of subject DN. The format should follow RFC 2253.",
"required": true,
"title": "Value of subject DN",
"type": "string"
}
},
"title": "Match condition for client certificate subject DN",
"type": "object"
}
LbClientSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LbSslProfile
},
"id": "LbClientSslProfile",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"prefer_server_ciphers": {
"default": true,
"description": "During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.",
"required": false,
"title": "prefer server ciphers flag",
"type": "boolean"
},
"protocols": {
"description": "Only TLS 1.2 is supported and enabled.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "supported SSL protocol list to client side",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "session cache enable/disable flag",
"type": "boolean"
},
"session_cache_timeout": {
"default": 300,
"description": "Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.",
"maximum": 86400,
"minimum": 1,
"required": false,
"title": "SSL session cache timeout value",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb client ssl profile (manager)"
],
"type": "object"
}
LbClientSslProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LbClientSslProfileListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbClientSslProfile
},
"required": true,
"title": "paginated list of load balancer client SSL profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbConnectionDropAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to drop the connections. There is no extra property in this action. If there is no match condition specified, the connection will be always dropped. This action can be specified at HTTP_ACCESS or HTTP_FORWARDING phase.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbConnectionDropAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbConnectionDropAction"
},
"properties": {
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to drop connections",
"type": "object"
}
LbCookiePersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LbPersistenceProfile
},
"id": "LbCookiePersistenceProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbCookiePersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cookie_domain": {
"description": "HTTP cookie domain could be configured, only available for insert mode.",
"required": false,
"title": "cookie domain",
"type": "string"
},
"cookie_fallback": {
"default": true,
"description": "If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server",
"required": false,
"title": "cookie persistence fallback",
"type": "boolean"
},
"cookie_garble": {
"default": true,
"description": "If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.",
"required": false,
"title": "cookie persistence garble",
"type": "boolean"
},
"cookie_httponly": {
"default": false,
"description": "If cookie httponly flag is true, it prevents a script running in the browser from accessing the cookie. Only available for insert mode.",
"required": false,
"title": "Cookie httponly flag",
"type": "boolean"
},
"cookie_mode": {
"$ref": "CookiePersistenceModeType,
"default": "INSERT",
"required": false,
"title": "cookie persistence mode"
},
"cookie_name": {
"required": true,
"title": "cookie name",
"type": "string"
},
"cookie_path": {
"description": "HTTP cookie path could be set, only available for insert mode.",
"required": false,
"title": "cookie path",
"type": "string"
},
"cookie_secure": {
"default": false,
"description": "If cookie secure flag is true, it prevents the browser from sending a cookie over http. The cookie is sent only over https. Only available for insert mode.",
"required": false,
"title": "Cookie secure flag",
"type": "boolean"
},
"cookie_time": {
"$ref": "LbCookieTime,
"description": "Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.",
"required": false,
"title": "cookie time setting"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.",
"required": false,
"title": "Persistence shared flag",
"type": "boolean"
},
"resource_type": {
"$ref": "PersistenceProfileType,
"description": "The resource_type property identifies persistence profile type.",
"required": true,
"title": "Persistence profile type"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb cookie persistence profile (manager)"
],
"type": "object"
}
LbCookieTime (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"id": "LbCookieTime",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "CookieTimeType,
"required": true
}
},
"type": "object"
}
LbEdgeNodeUsage (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The capacity contains basic information and load balancer entity usages and capacity for the given edge node.",
"extends": {
"$ref": "LbNodeUsage
},
"id": "LbEdgeNodeUsage",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbEdgeNodeUsage"
},
"properties": {
"current_credit_number": {
"description": "The current credit number reflects the current usage on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20.",
"readonly": true,
"title": "Current credit number",
"type": "integer"
},
"current_large_load_balancer_services": {
"description": "The number of large load balancer services configured on the node.",
"readonly": true,
"title": "The current number of large load balancer services",
"type": "integer"
},
"current_medium_load_balancer_services": {
"description": "The number of medium load balancer services configured on the node.",
"readonly": true,
"title": "The current number of medium load balancer services",
"type": "integer"
},
"current_pool_members": {
"description": "The number of pool members configured on the node.",
"readonly": true,
"title": "The current number of pool members",
"type": "integer"
},
"current_pools": {
"description": "The number of pools configured on the node.",
"readonly": true,
"title": "The current number of pools",
"type": "integer"
},
"current_small_load_balancer_services": {
"description": "The number of small load balancer services configured on the node.",
"readonly": true,
"title": "The current number of small load balancer services",
"type": "integer"
},
"current_virtual_servers": {
"description": "The number of virtual servers configured on the node.",
"readonly": true,
"title": "The current number of virtual servers",
"type": "integer"
},
"current_xlarge_load_balancer_services": {
"description": "The number of xlarge load balancer services configured on the node.",
"readonly": true,
"title": "The current number of xlarge load balancer services",
"type": "integer"
},
"edge_cluster_id": {
"description": "The ID of edge cluster which contains the edge node.",
"readonly": true,
"title": "The ID of edge cluster",
"type": "string"
},
"form_factor": {
"description": "The form factor of the given edge node.",
"enum": [
"SMALL_VIRTUAL_MACHINE",
"MEDIUM_VIRTUAL_MACHINE",
"LARGE_VIRTUAL_MACHINE",
"XLARGE_VIRTUAL_MACHINE",
"PHYSICAL_MACHINE"
],
"readonly": true,
"title": "The form factor of the given edge node",
"type": "string"
},
"node_id": {
"description": "The property identifies the node UUID for load balancer node usage.",
"required": true,
"title": "The UUID of the node for load balancer node usage",
"type": "string"
},
"remaining_credit_number": {
"description": "The remaining credit number is the remaining credits that can be used for load balancer service configuration. For example, an edge node with form factor LARGE_VIRTUAL_MACHINE has 40 credits, and a medium load balancer instance costs 10 credits. If there are currently 3 medium instances configured, the remaining credit number is 40 - (3 * 10) = 10.",
"readonly": true,
"title": "Remaining credit number",
"type": "integer"
},
"remaining_large_load_balancer_services": {
"description": "The remaining number of large load balancer services which could be configured on the given edge node.",
"readonly": true,
"title": "The remaining number of large load balancer services",
"type": "integer"
},
"remaining_medium_load_balancer_services": {
"description": "The remaining number of medium load balancer services which could be configured on the given edge node.",
"readonly": true,
"title": "The remaining number of medium load balancer services",
"type": "integer"
},
"remaining_pool_members": {
"description": "The remaining number of pool members which could be configured on the given edge node.",
"readonly": true,
"title": "The remaining number of pool members",
"type": "integer"
},
"remaining_small_load_balancer_services": {
"description": "The remaining number of small load balancer services which could be configured on the given edge node.",
"readonly": true,
"title": "The remaining number of small load balancer services",
"type": "integer"
},
"remaining_xlarge_load_balancer_services": {
"description": "The remaining number of xlarge load balancer services which could be configured on the given edge node.",
"readonly": true,
"title": "The remaining number of xlarge load balancer services",
"type": "integer"
},
"severity": {
"$ref": "LbUsageSeverity,
"description": "The severity calculation is based on current credit usage percentage of load balancer for one node.",
"readonly": true,
"title": "LB usage severity"
},
"type": {
"$ref": "LbNodeUsageType,
"description": "The property identifies the load balancer node usage type.",
"required": true,
"title": "Type of load balancer node usage"
},
"usage_percentage": {
"description": "The usage percentage of the edge node for load balancer. The value is the larger value between load balancer credit usage percentage and pool member usage percentage for the edge node.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
}
},
"title": "The load balancer usage for an edge node",
"type": "object"
}
LbFastTcpProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LbAppProfile
},
"id": "LbFastTcpProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbFastTcpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"close_timeout": {
"default": 8,
"description": "It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection.",
"maximum": 60,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 1800,
"description": "It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"resource_type": {
"$ref": "ApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb fast tcp profile (manager)"
],
"type": "object"
}
LbFastUdpProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LbAppProfile
},
"id": "LbFastUdpProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbFastUdpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "UDP idle timeout in seconds",
"type": "integer"
},
"resource_type": {
"$ref": "ApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb fast udp profile (manager)"
],
"type": "object"
}
LbGenericPersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The profile is used to define the persistence entry expiration time, mirroring enabled flag to synchronize persistence entries, persistence shared flag for the associated virtual servers. The profile cannot be attached to virtual server directly, it can be only consumed by LB rule action. In HTTP forwarding phase, LBVariablePersistenceOnAction can be used to consume LbGenericPersistenceProfile. In HTTP response rewriting phase, LBVariablePersistenceLearnAction is used instead. The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LbPersistenceProfile
},
"id": "LbGenericPersistenceProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbGenericPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"description": "The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.",
"required": false,
"title": "Mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.",
"required": false,
"title": "Persistence shared flag",
"type": "boolean"
},
"resource_type": {
"$ref": "PersistenceProfileType,
"description": "The resource_type property identifies persistence profile type.",
"required": true,
"title": "Persistence profile type"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Persistence entry expiration time in seconds",
"type": "integer"
}
},
"search_dsl_name": [
"lb generic persistence profile (manager)"
],
"title": "LB generic persistence profile",
"type": "object"
}
LbHttpMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbActiveMonitor
},
"id": "LbHttpMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"request_body": {
"required": false,
"title": "String to send as part of HTTP health check request body. Valid only\nfor certain HTTP methods like POST.\n",
"type": "string"
},
"request_headers": {
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"required": false,
"title": "the health check method for HTTP monitor type"
},
"request_url": {
"required": false,
"title": "URL used for HTTP monitor",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbHttpProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LbAppProfile
},
"id": "LbHttpProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"http_redirect_to": {
"description": "If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL",
"required": false,
"title": "http redirect static URL",
"type": "string"
},
"http_redirect_to_https": {
"default": false,
"description": "Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.",
"required": false,
"title": "flag to indicate whether enable HTTP-HTTPS redirect",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 15,
"description": "It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.",
"maximum": 5400,
"minimum": 1,
"required": false,
"title": "HTTP application idle timeout in seconds",
"type": "integer"
},
"ntlm": {
"deprecated": true,
"description": "NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology. This property is deprecated. Please use the property server_keep_alive in order to keep the backend server connection alive for the client connection. When create a new profile, if both ntlm and server_keep_alive are set as different values, ERROR will be reported. When update an existing profile, if either ntlm or server_keep_alive value is changed, both of them are updated with the changed value.",
"required": false,
"title": "NTLM support flag",
"type": "boolean"
},
"request_body_size": {
"description": "If it is not specified, it means that request body size is unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request body",
"type": "integer"
},
"request_header_size": {
"default": 1024,
"description": "A request with header equal to or below this size is guaranteed to be processed. A request with header larger than request_header_size will be processed up to 32K bytes on best effort basis.",
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request headers",
"type": "integer"
},
"resource_type": {
"$ref": "ApplicationProfileType,
"required": true
},
"response_buffering": {
"default": false,
"description": "When buffering is disabled, the response is passed to a client synchronously, immediately as it is received. When buffering is enabled, LB receives a response from the backend server as soon as possible, saving it into the buffers.",
"required": false,
"title": "Enable or disable buffering of responses",
"type": "boolean"
},
"response_header_size": {
"default": 4096,
"description": "A response with header larger than response_header_size will be dropped.",
"maximum": 65536,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP response headers",
"type": "integer"
},
"response_timeout": {
"default": 60,
"description": "If server doesn't send any packet within this time, the connection is closed.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum server idle time in seconds",
"type": "integer"
},
"server_keep_alive": {
"description": "If server_keep_alive is true, it means the backend connection will keep alive for the client connection. Every client connection is tied 1:1 with the corresponding server-side connection. If server_keep_alive is false, it means the backend connection won't keep alive for the client connection. The default value is false. If server_keep_alive is not specified for API input, its value in API output will be the same with the property ntlm.",
"required": false,
"title": "Server keep-alive flag",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"x_forwarded_for": {
"$ref": "XForwardedForType,
"description": "When X-Forwareded-For is configured, X-Forwarded-Proto and X-Forwarded-Port information is added automatically. The two additional header information can be also modified or deleted in load balancer rules.",
"required": false,
"title": "insert or replace x_forwarded_for"
}
},
"search_dsl_name": [
"lb http profile (manager)"
],
"type": "object"
}
LbHttpRedirectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LbRule without any conditions, add an LbHttpRedirectAction to the rule. Set the redirect_url field of the LbHttpRedirectAction to: https://$_host$_request_uri And set redirect_status to \"302\", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpRedirectAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRedirectAction"
},
"properties": {
"redirect_status": {
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"redirect_url": {
"required": true,
"title": "The URL that the HTTP request is redirected to",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to redirect HTTP request messages",
"type": "object"
}
LbHttpRejectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LbHttpRejectAction does not support variables.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpRejectAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRejectAction"
},
"properties": {
"reply_message": {
"required": false,
"title": "Response message",
"type": "string"
},
"reply_status": {
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to reject HTTP request messages",
"type": "object"
}
LbHttpRequestBodyCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestBodyCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestBodyCondition"
},
"properties": {
"body_value": {
"required": true,
"title": "HTTP request body",
"type": "string"
},
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP body value.",
"required": false,
"title": "A case sensitive flag for HTTP body comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP body"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match content of HTTP request message body",
"type": "object"
}
LbHttpRequestCookieCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestCookieCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestCookieCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing cookie value.",
"required": false,
"title": "A case sensitive flag for cookie value comparing",
"type": "boolean"
},
"cookie_name": {
"required": true,
"title": "Name of cookie",
"type": "string"
},
"cookie_value": {
"required": true,
"title": "Value of cookie",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of cookie value"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request cookie",
"type": "object"
}
LbHttpRequestHeader (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LbHttpRequestHeader",
"module_id": "LoadBalancer",
"properties": {
"header_name": {
"required": true,
"title": "Name of HTTP request header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP request header",
"type": "string"
}
},
"type": "object"
}
LbHttpRequestHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestHeaderCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"required": true,
"title": "Name of HTTP header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request header",
"type": "object"
}
LbHttpRequestHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpRequestHeaderDeleteAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestHeaderDeleteAction"
},
"properties": {
"header_name": {
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP request header fields",
"type": "object"
}
LbHttpRequestHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpRequestHeaderRewriteAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestHeaderRewriteAction"
},
"properties": {
"header_name": {
"required": true,
"title": "Name of HTTP request header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP request header",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite header fields of HTTP request messages.",
"type": "object"
}
LbHttpRequestMethodCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestMethodCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestMethodCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"method": {
"$ref": "HttpRequestMethodType,
"required": true,
"title": "Type of HTTP request method"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match method of HTTP request messages",
"type": "object"
}
LbHttpRequestUriArgumentsCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the \"foo=1&bar=2\" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark (\"?\") character and terminated by a number sign (\"#\") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, \"foo=(?<x>\\d+)\". It matches HTTP requests whose URI arguments containing \"foo\", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LbRuleAction fields which support variables.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestUriArgumentsCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestUriArgumentsCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI arguments.",
"required": false,
"title": "A case sensitive flag for URI arguments comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI arguments"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri_arguments": {
"description": "URI arguments, aka query string of URI.",
"required": true,
"title": "URI arguments",
"type": "string"
}
},
"title": "Condition to match URI arguments of HTTP requests",
"type": "object"
}
LbHttpRequestUriCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LbRuleAction. For example, specify uri field as: \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\" If the URI path is /articles/news/2017/06/xyz.html, then substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can then be used in an LbRuleAction field which supports variables, such as uri field of LbHttpRequestUriRewriteAction. For example, set the uri field of LbHttpRequestUriRewriteAction as: \"/articles/news/$year-$month-$article\" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: \"/articles/news/2017-06-xyz.html\"",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestUriCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestUriCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI.",
"required": false,
"title": "A case sensitive flag for URI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri": {
"required": true,
"title": "A string used to identify resource",
"type": "string"
}
},
"title": "Condition to match URIs of HTTP request messages",
"type": "object"
}
LbHttpRequestUriRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LbRuleAction to see how to use variables in this action.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpRequestUriRewriteAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestUriRewriteAction"
},
"properties": {
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"uri": {
"required": true,
"title": "URI of HTTP request",
"type": "string"
},
"uri_arguments": {
"description": "Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2",
"required": false,
"title": "URI arguments",
"type": "string"
}
},
"title": "Action to rewrite HTTP request URIs.",
"type": "object"
}
LbHttpRequestVersionCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the HTTP protocol version of the HTTP request messages.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpRequestVersionCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpRequestVersionCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"version": {
"$ref": "HttpRequestVersionType,
"required": true,
"title": "HTTP version"
}
},
"title": "Condition to match HTTP protocol version of HTTP requests",
"type": "object"
}
LbHttpResponseHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpResponseHeaderCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpResponseHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"required": true,
"title": "Name of HTTP header field",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header field",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match a header field of HTTP response",
"type": "object"
}
LbHttpResponseHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpResponseHeaderDeleteAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpResponseHeaderDeleteAction"
},
"properties": {
"header_name": {
"required": true,
"title": "Name of a header field of HTTP response message",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP response header fields",
"type": "object"
}
LbHttpResponseHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbHttpResponseHeaderRewriteAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpResponseHeaderRewriteAction"
},
"properties": {
"header_name": {
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of header field",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite HTTP response header fields",
"type": "object"
}
LbHttpSslCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbHttpSslCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpSslCondition"
},
"properties": {
"client_certificate_issuer_dn": {
"$ref": "LbClientCertificateIssuerDnCondition,
"description": "The issuer DN match condition of the client certificate for an established SSL connection",
"required": false,
"title": "The issuer DN match condition of the client certificate"
},
"client_certificate_subject_dn": {
"$ref": "LbClientCertificateSubjectDnCondition,
"description": "The subject DN match condition of the client certificate for an established SSL connection",
"required": false,
"title": "The subject DN match condition of the client certificate"
},
"client_supported_ssl_ciphers": {
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Cipher list which supported by client",
"type": "array"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"session_reused": {
"$ref": "LbSslSessionReusedType,
"default": "IGNORE",
"required": false,
"title": "The type of SSL session reused"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"used_protocol": {
"$ref": "SslProtocol,
"required": false,
"title": "Protocol of an established SSL connection"
},
"used_ssl_cipher": {
"$ref": "SslCipher,
"required": false,
"title": "Cipher used for an established SSL connection"
}
},
"title": "Condition to match SSL handshake and SSL connection",
"type": "object"
}
LbHttpsMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbActiveMonitor
},
"id": "LbHttpsMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbHttpsMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_chain_depth": {
"default": 3,
"description": "authentication depth is used to set the verification depth in the server certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the maximum traversal depth of server certificate chain",
"type": "integer"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "supported SSL cipher list to servers",
"type": "array"
},
"client_certificate_id": {
"description": "client certificate can be specified to support client authentication.",
"required": false,
"title": "client certificate identifier",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure monitor flag",
"type": "boolean"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"protocols": {
"description": "SSL version TLS1.2 is supported and enabled.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "supported SSL protocol list to servers",
"type": "array"
},
"request_body": {
"required": false,
"title": "String to send as part of HTTP health check request body. Valid only\nfor certain HTTP methods like POST.\n",
"type": "string"
},
"request_headers": {
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"required": false,
"title": "the health check method for HTTP monitor type"
},
"request_url": {
"required": false,
"title": "URL used for HTTP monitor",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"server_auth": {
"$ref": "ServerAuthType,
"default": "IGNORE",
"title": "server authentication mode"
},
"server_auth_ca_ids": {
"description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA identifier list to verify server certificate",
"type": "array"
},
"server_auth_crl_ids": {
"description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL identifier list to verify server certificate",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbIcmpMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbActiveMonitor
},
"id": "LbIcmpMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbIcmpMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"data_length": {
"default": 56,
"maximum": 65507,
"minimum": 0,
"required": false,
"title": "The data size(in byte) of the ICMP healthcheck packet",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbIpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match IP header fields of HTTP messages. Either source_address or group_id should be specified.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbIpHeaderCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbIpHeaderCondition"
},
"properties": {
"group_id": {
"description": "Source IP address of HTTP message should match IP addresses which are configured in Group in order to perform actions.",
"required": false,
"title": "Grouping object identifier",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_address": {
"$ref": "IPElement,
"description": "Source IP address of HTTP message. IP Address can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.",
"required": false,
"title": "Source IP address of HTTP message"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LbJwtAuthAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to control access to backend server resources using JSON Web Token(JWT) authentication. The JWT authentication is done before any HTTP manipulation if the HTTP request matches the given condition in LbRule. Any verification failed, the HTTP process will be terminated, and HTTP response with 401 status code and WWW-Authentication header will be returned to client.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbJwtAuthAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbJwtAuthAction"
},
"properties": {
"key": {
"$ref": "LbJwtKey,
"description": "Keys are used for verifying the signature of JWT token. In current version, only symmetric (HMAC SHA256) key and asymmetric (RS256) key are supported. It is optional, in case no key specified, the jwt signature won't be verified.",
"required": false,
"title": "LbJwtKey used for verifying the signature of JWT token"
},
"pass_jwt_to_pool": {
"default": false,
"description": "Specify whether to pass the JWT to backend server or remove it. By default, it is false which means will not pass the JWT to backend servers.",
"required": false,
"title": "Whether to pass the JWT to backend server or remove it",
"type": "boolean"
},
"realm": {
"description": "A description of the protected area. If no realm is specified, clients often display a formatted hostname instead. The configured realm is returned when client request is rejected with 401 http status. In the response, it will be \"WWW-Authentication: Bearer realm=<realm>\".",
"required": false,
"title": "JWT realm",
"type": "string"
},
"tokens": {
"description": "JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Load balancer will search for every specified tokens one by one for the jwt message until found. This parameter is optional. In case not found or this field is not configured, load balancer searches the Bearer header by default in the http request \"Authorization: Bearer <token>\".",
"items": {
"type": "string"
},
"required": false,
"title": "JWT tokens",
"type": "array"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to control access using JWT authentication",
"type": "object"
}
LbJwtCertificateKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify certificate which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LbJwtKey
},
"id": "LbJwtCertificateKey",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbJwtCertificateKey"
},
"properties": {
"certificate_id": {
"required": true,
"title": "Certificate identifier",
"type": "string"
},
"type": {
"$ref": "LbJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies certificate used to verify the signature of JWT tokens",
"type": "object"
}
LbJwtKey (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "LbJwtKey specifies the symmetric key or asymmetric public key used to decrypt the data in JWT.",
"id": "LbJwtKey",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LbJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Load balancer JWT key",
"type": "object"
}
LbJwtKeyType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "It is used to identify JWT key type.",
"enum": [
"LbJwtCertificateKey",
"LbJwtSymmetricKey",
"LbJwtPublicKey"
],
"id": "LbJwtKeyType",
"module_id": "LoadBalancer",
"title": "Type of load balancer JWT key",
"type": "string"
}
LbJwtPublicKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the public key content which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LbJwtKey
},
"id": "LbJwtPublicKey",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbJwtPublicKey"
},
"properties": {
"public_key_content": {
"required": true,
"title": "Content of public key",
"type": "string"
},
"type": {
"$ref": "LbJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies public key content used to verify the signature of JWT tokens",
"type": "object"
}
LbJwtSymmetricKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the symmetric key which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LbJwtKey
},
"id": "LbJwtSymmetricKey",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbJwtSymmetricKey"
},
"properties": {
"type": {
"$ref": "LbJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies the symmetric key used to verify the signature of JWT tokens",
"type": "object"
}
LbLogLevel (type)
{
"additionalProperties": false,
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"CRITICAL",
"ALERT",
"EMERGENCY"
],
"id": "LbLogLevel",
"module_id": "LoadBalancer",
"title": "the log level of load balancer service",
"type": "string"
}
LbMonitor (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "ManagedResource
},
"id": "LbMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LbMonitorListRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LbMonitorListRequestParameters",
"module_id": "LoadBalancer",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"$ref": "MonitorQueryType,
"description": "Specify this type parameter to retrieve a list of load balancer monitors of specified type.",
"required": false,
"title": "Load balancer monitor type"
}
},
"type": "object"
}
LbMonitorListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LbMonitorListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbMonitor
},
"required": true,
"title": "paginated list of load balancer monitors",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbNodeCountPerSeverity (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The node count for specific load balancer usage severity.",
"id": "LbNodeCountPerSeverity",
"module_id": "LoadBalancer",
"properties": {
"node_count": {
"description": "Node count for specific severity.",
"readonly": true,
"title": "Node count for specific severity",
"type": "integer"
},
"severity": {
"$ref": "LbUsageSeverity,
"description": "The severity calculation is based on credit usage percentage of load balancer for one node.",
"readonly": true,
"title": "LB usage severity"
}
},
"title": "The node count for specific severity",
"type": "object"
}
LbNodeUsage (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Node usage for load balancer contains basic information and LB entity usages and capacity for the given node.",
"id": "LbNodeUsage",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"node_id": {
"description": "The property identifies the node UUID for load balancer node usage.",
"required": true,
"title": "The UUID of the node for load balancer node usage",
"type": "string"
},
"type": {
"$ref": "LbNodeUsageType,
"description": "The property identifies the load balancer node usage type.",
"required": true,
"title": "Type of load balancer node usage"
}
},
"title": "Node usage for load balancer",
"type": "object"
}
LbNodeUsageSummary (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The load balancer node usage summary for all nodes. Only EdgeNode is supported. The summary calculation is based on all edge nodes configured in edge clusters.",
"id": "LbNodeUsageSummary",
"module_id": "LoadBalancer",
"properties": {
"current_credit_number": {
"description": "The current credit number reflects the overall credit usage for all nodes.",
"readonly": true,
"title": "Current credit number",
"type": "integer"
},
"current_pool_members": {
"description": "The overall number of pool members configured on all nodes.",
"readonly": true,
"title": "The current number of pool members",
"type": "integer"
},
"node_counts": {
"description": "The property identifies array of node count for each severity (RED, ORANGE and GREEN).",
"items": {
"$ref": "LbNodeCountPerSeverity
},
"readonly": true,
"title": "Array of node count for each severity",
"type": "array"
},
"node_usages": {
"description": "The property contains lb node usages for each node.",
"items": {
"$ref": "LbNodeUsage
},
"readonly": true,
"title": "Array of lb node usages",
"type": "array"
},
"remaining_credit_number": {
"description": "The remaining credit number is the overall remaining credits that can be used for load balancer service configuration for all nodes.",
"readonly": true,
"title": "Remaining credit number",
"type": "integer"
},
"remaining_pool_members": {
"description": "The overall remaining number of pool members which could be configured on all nodes.",
"readonly": true,
"title": "The remaining number of pool members",
"type": "integer"
},
"severity": {
"$ref": "LbUsageSeverity,
"description": "The severity calculation is based on current credit usage percentage of load balancer for all nodes.",
"readonly": true,
"title": "LB usage severity"
},
"usage_percentage": {
"description": "The overall usage percentage of all nodes for load balancer. The value is the larger value between overall pool member usage percentage and overall load balancer credit usage percentage.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
}
},
"title": "Lb node usage summary for all nodes",
"type": "object"
}
LbNodeUsageSummaryRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer node usage summary request parameters.",
"id": "LbNodeUsageSummaryRequestParameters",
"module_id": "LoadBalancer",
"properties": {
"include_usages": {
"description": "Specify whether to include node usages in response. By default, it is false which means node usages are not included in LbNodeUsageSummary response.",
"required": false,
"title": "Whether to include node usages",
"type": "boolean"
}
},
"title": "Load balancer node usage summary request parameters",
"type": "object"
}
LbNodeUsageType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The node type for load balancer node usage.",
"enum": [
"LbEdgeNodeUsage"
],
"id": "LbNodeUsageType",
"module_id": "LoadBalancer",
"title": "Node type for load balancer node usage",
"type": "string"
}
LbPassiveMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbMonitor
},
"id": "LbPassiveMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbPassiveMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"max_fails": {
"default": 5,
"description": "When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "number of consecutive connection failures",
"type": "integer"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "After this timeout period, the member is tried again for a new connection to see if it is available.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "timeout in seconds before it is selected again for a new connection",
"type": "integer"
}
},
"type": "object"
}
LbPersistenceCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbCookieTime
},
"id": "LbPersistenceCookieTime",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbPersistenceCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "HTTP cookie max-age to expire cookie, only available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": true,
"title": "persistence cookie max idle time in seconds",
"type": "integer"
},
"type": {
"$ref": "CookieTimeType,
"required": true
}
},
"type": "object"
}
LbPersistenceProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "LB persistence profile contains the information related to load balancer persistence options. Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence can be enabled on a LbVirtualServer by binding a persistence profile to it. LbGenericPersistenceProfile cannot be attached to virtual server directly, it can be only consumed by LB rule action. If a user attaches a generic persistence profile directly to a virtual server, the operation is rejected.",
"extends": {
"$ref": "ManagedResource
},
"id": "LbPersistenceProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.",
"required": false,
"title": "Persistence shared flag",
"type": "boolean"
},
"resource_type": {
"$ref": "PersistenceProfileType,
"description": "The resource_type property identifies persistence profile type.",
"required": true,
"title": "Persistence profile type"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "LB persistence profile",
"type": "object"
}
LbPersistenceProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LbPersistenceProfileListRequestParameters",
"module_id": "LoadBalancer",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"$ref": "PersistenceProfileType,
"description": "Specify this type parameter to retrieve a list of load balancer persistence profiles of specified type.",
"required": false,
"title": "Load balancer persistence profile type"
}
},
"type": "object"
}
LbPersistenceProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LbPersistenceProfileListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbPersistenceProfile
},
"required": true,
"title": "paginated list of load balancer persistence profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbPool (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LbPool",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_monitor_ids": {
"deprecated": true,
"description": "In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the pool. If multiple active monitors are configured, the pool member status is UP only when the health check status for all the monitors are UP. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"type": "string"
},
"required": false,
"title": "active monitor identifier list",
"type": "array"
},
"algorithm": {
"$ref": "PoolAlgorithm,
"default": "ROUND_ROBIN",
"description": "Load balancing algorithm, configurable per pool controls how the incoming connections are distributed among the members.",
"required": false,
"title": "pool balancing algorithm for backend pool members"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_group": {
"$ref": "PoolMemberGroup,
"description": "Load balancer pool support grouping object as dynamic pool members. When member group is defined, members setting should not be specified.",
"required": false,
"title": "Load balancer member setting with grouping object"
},
"members": {
"description": "Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port.",
"items": {
"$ref": "PoolMember
},
"required": false,
"title": "load balancer pool members",
"type": "array"
},
"min_active_members": {
"default": 1,
"description": "A pool is considered active if there are at least certain minimum number of members.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "minimum number of active pool members to consider pool as active",
"type": "integer"
},
"passive_monitor_id": {
"deprecated": true,
"description": "Passive healthchecks are disabled by default and can be enabled by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "passive monitor identifier",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snat_translation": {
"$ref": "LbSnatTranslation,
"deprecated": true,
"description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "snat translation configuration"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_multiplexing_enabled": {
"default": false,
"deprecated": true,
"description": "TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "TCP multiplexing enable flag",
"type": "boolean"
},
"tcp_multiplexing_number": {
"default": 6,
"deprecated": true,
"description": "The maximum number of TCP connections per pool that are idly kept alive for sending future client requests. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "maximum number of TCP connections for multiplexing",
"type": "integer"
}
},
"search_dsl_name": [
"lb pool (manager)"
],
"type": "object"
}
LbPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LbPoolListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbPool
},
"required": true,
"title": "paginated list of pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbPoolMemberStatistics (type)
{
"id": "LbPoolMemberStatistics",
"module_id": "AggSvcLb",
"properties": {
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "Pool member IP address"
},
"port": {
"$ref": "PortElement,
"description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.",
"title": "Pool member port"
},
"statistics": {
"$ref": "LbStatisticsCounter,
"required": true,
"title": "Pool member statistics counter"
}
},
"type": "object"
}
LbPoolMemberStatus (type)
{
"id": "LbPoolMemberStatus",
"module_id": "AggSvcLb",
"properties": {
"failure_cause": {
"description": "If multiple active monitors are configured, the failure_cause contains failure cause for each monitors. Like \"Monitor_1:failure_cause_1. Monitor_2:failure_cause_2.\"",
"title": "The healthcheck failure cause when status is DOWN",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "Pool member IP address"
},
"last_check_time": {
"$ref": "EpochMsTimestamp,
"description": "If multiple active monitors are configured, the property value is the latest last_check_time among all the monitors.",
"titile": "Timestamp when the monitor status was last checked"
},
"last_state_change_time": {
"$ref": "EpochMsTimestamp,
"description": "If multiple active monitors are configured, the property value is the latest last_state_change_time among all the monitors.",
"titile": "Timestamp when the monitor status was last changed"
},
"port": {
"$ref": "PortElement,
"description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.",
"title": "Pool member port"
},
"status": {
"description": "UP means that pool member is enabled and monitors have marked the pool member as UP. If the pool member has no monitor configured, it would be treated as UP. DOWN means that pool member is enabled and monitors have marked the pool member as DOWN. DISABLED means that admin state of pool member is set to DISABLED. GRACEFUL_DISABLED means that admin state of pool member is set to GRACEFUL_DISABLED. UNUSED means that the pool member is not used when the IP list size of member group exceeds the maximum setting. The remaining IP addresses would not be used as available backend servers, hence mark the status as UNUSED. UNKNOWN means that the related pool is not associated to any enabled virtual servers, or no status reported from transport-nodes, the associated load balancer service may be working(or not working).",
"enum": [
"UP",
"DOWN",
"DISABLED",
"GRACEFUL_DISABLED",
"UNUSED",
"UNKNOWN"
],
"required": true,
"title": "Pool member status",
"type": "string"
}
},
"type": "object"
}
LbPoolStatistics (type)
{
"id": "LbPoolStatistics",
"module_id": "AggSvcLb",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated"
},
"members": {
"items": {
"$ref": "LbPoolMemberStatistics
},
"title": "Statistics of load balancer pool members",
"type": "array"
},
"pool_id": {
"required": true,
"title": "Load balancer pool identifier",
"type": "string"
},
"statistics": {
"$ref": "LbStatisticsCounter,
"required": true,
"title": "Virtual server statistics counter"
}
},
"type": "object"
}
LbPoolStatisticsListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LbPoolStatisticsListResult",
"module_id": "AggSvcLb",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbPoolStatistics
},
"required": true,
"title": "paginated statistics list of pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbPoolStatus (type)
{
"id": "LbPoolStatus",
"module_id": "AggSvcLb",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated"
},
"members": {
"items": {
"$ref": "LbPoolMemberStatus
},
"title": "Status of load balancer pool members",
"type": "array"
},
"pool_id": {
"required": true,
"title": "Load balancer pool identifier",
"type": "string"
},
"status": {
"description": "UP means that all primary members are in UP status. PARTIALLY_UP means that some(not all) primary members are in UP status, the number of these active members is larger or equal to certain number(min_active_members) which is defined in LbPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members are in UP status but backup members are in UP status, connections to this pool would be dispatched to backup members. DOWN means that all primary and backup members are DOWN. DETACHED means that the pool is not bound to any virtual server. UNKNOWN means that the pool is not associated to any enabled virtual servers, or no status reported from transport-nodes, the associated load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"PRIMARY_DOWN",
"DOWN",
"DETACHED",
"UNKNOWN"
],
"title": "Virtual server status",
"type": "string"
}
},
"type": "object"
}
LbPoolStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LbPoolStatusListResult",
"module_id": "AggSvcLb",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbPoolStatus
},
"required": true,
"title": "paginated status list of pools",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbRule (type) (Deprecated)
{
"deprecated": true,
"description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with application profile LbHttpProfile. Each application rule consists of one or more match conditions and one or more actions. Load balancer rules could be used by different load balancer services.",
"extends": {
"$ref": "ManagedResource
},
"id": "LbRule",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.",
"items": {
"$ref": "LbRuleAction
},
"maxItems": 60,
"required": true,
"title": "Actions to be executed",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"match_conditions": {
"description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.",
"items": {
"$ref": "LbRuleCondition
},
"maxItems": 60,
"required": false,
"title": "Conditions to match application traffic",
"type": "array"
},
"match_strategy": {
"description": "Strategy to define how load balancer rule is considered a match when multiple match conditions are specified in one rule. If match_stragety is set to ALL, then load balancer rule is considered a match only if all the conditions match. If match_strategy is set to ANY, then load balancer rule is considered a match if any one of the conditions match.",
"enum": [
"ALL",
"ANY"
],
"required": true,
"title": "Strategy to match multiple conditions",
"type": "string"
},
"phase": {
"description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool.",
"enum": [
"HTTP_REQUEST_REWRITE",
"HTTP_FORWARDING",
"HTTP_RESPONSE_REWRITE",
"HTTP_ACCESS",
"TRANSPORT"
],
"required": true,
"title": "Load balancer processing phase",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Load balancer rules",
"type": "object"
}
LbRuleAction (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUEST_REWRITE phase are: LbHttpRequestUriRewriteAction LbHttpRequestHeaderRewriteAction LbHttpRequestHeaderDeleteAction LbVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are: LbHttpRejectAction LbHttpRedirectAction LbSelectPoolAction LbVariablePersistenceOnAction LbConnectionDropAction Supported action in HTTP_RESPONSE_REWRITE phase is: LbHttpResponseHeaderRewriteAction LbHttpResponseHeaderDeleteAction LbVariablePersistenceLearnAction Supported action in HTTP_ACCESS phase is: LbJwtAuthAction LbConnectionDropAction LbVariableAssignmentAction Supported action in TRANSPORT phase is: LbSslModeSelectionAction LbSelectPoolAction If the match type of an LbRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LbRuleAction fields. For example, define a rule with LbHttpRequestUriCondition as match condition and LbHttpRequestUriRewriteAction as action. Set match_type field of LbHttpRequestUriCondition to REGEX, and set uri field to \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\". Set uri field of LbHttpRequestUriRewriteAction to: \"/news/$year-$month/$article\" In uri field of LbHttpRequestUriCondition, the (?<year>\\d+), (?<month>\\d+) and (?<article>.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LbHttpRequestUriRewriteAction. For a matched HTTP request with URI \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable $year, \"06\" is captured in variable $month, and \"xyz.html\" is captured in variable $article. The LbHttpRequestUriRewriteAction will rewrite the URI to: \"/news/2017-06/xyz.html\" A set of built-in variables can be used in LbRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables: $_scheme: Reference the scheme part of matched HTTP messages, could be \"http\" or \"https\". $_host: Host of matched HTTP messages, for example \"www.example.com\". $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https. $_uri: The URI path, for example \"/products/sample.html\". $_request_uri: Full original request URI with arguments, for example, \"/products/sample.html?a=b&c=d\". $_args: URI arguments, for instance \"a=b&c=d\" $_is_args: \"?\" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"id": "LbRuleAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Load balancer rule action",
"type": "object"
}
LbRuleActionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "LbRuleActionType is used to identify the action types used in load balancer rules.",
"enum": [
"LbHttpRequestUriRewriteAction",
"LbHttpRequestHeaderRewriteAction",
"LbHttpRejectAction",
"LbHttpRedirectAction",
"LbSelectPoolAction",
"LbSelectServerAction",
"LbHttpResponseHeaderRewriteAction",
"LbHttpRequestHeaderDeleteAction",
"LbHttpResponseHeaderDeleteAction",
"LbVariableAssignmentAction",
"LbVariablePersistenceOnAction",
"LbVariablePersistenceLearnAction",
"LbJwtAuthAction",
"LbSslModeSelectionAction",
"LbConnectionDropAction"
],
"id": "LbRuleActionType",
"module_id": "LoadBalancer",
"title": "Types of load balancer rule actions",
"type": "string"
}
LbRuleCondition (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbHttpRequestBodyCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbHttpRequestBodyCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition LbSslSniCondition Supported match condition in HTTP_RESPONSE_REWRITE phase is: LbHttpResponseHeaderCondition LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition Supported match condition in HTTP_ACCESS phase is: LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbHttpRequestBodyCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition Supported match condition in TRANSPORT phase is: LbSslSniCondition",
"id": "LbRuleCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Match condition of load balancer rule",
"type": "object"
}
LbRuleConditionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"LbHttpRequestMethodCondition",
"LbHttpRequestUriCondition",
"LbHttpRequestUriArgumentsCondition",
"LbHttpRequestVersionCondition",
"LbHttpRequestHeaderCondition",
"LbHttpRequestCookieCondition",
"LbHttpRequestBodyCondition",
"LbHttpResponseHeaderCondition",
"LbTcpHeaderCondition",
"LbIpHeaderCondition",
"LbVariableCondition",
"LbHttpSslCondition",
"LbSslSniCondition"
],
"id": "LbRuleConditionType",
"module_id": "LoadBalancer",
"title": "Type of load balancer rule match condition",
"type": "string"
}
LbRuleListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LbRuleListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbRule
},
"required": true,
"title": "paginated list of LB rules",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbRuleMatchType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "LbRuleMatchType is used to determine how a specified string value is used to match a specified LbRuleCondition field. STARTS_WITH: If the LbRuleCondition field starts with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. ENDS_WITH: If the LbRuleCondition field ends with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. EQUALS: If the LbRuleCondition field is same as the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. CONTAINS: If the LbRuleCondition field contains the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. REGEX: If the LbRuleCondition field matches specified regular expression, the condition matches. The regular expressions in load balancer rules use the features common to both Java regular expressions and Perl Compatible Regular Expressions (PCREs) with some restrictions. Reference http://www.pcre.org for PCRE and the NSX-T Administrator's Guide for the restrictions. If named capturing groups are used in the regular expression, when a match succeeds, the substrings of the subject string that match named capturing groups are stored (captured) in variables with specific names which can be used in the fields of LbRuleAction which support variables. Named capturing group are defined in the format (?<name>subpattern), such as (?<year>\\d{4}). For example, in the regular expression: \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\", for subject string \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can be used in LbRuleAction fields which support variables in form of $name, such as $year, $month, $article. Please note, when regular expressions are used in JSON(JavaScript Object Notation) string, every backslash character (\\) needs to be escaped by one additional backslash character.",
"enum": [
"STARTS_WITH",
"ENDS_WITH",
"EQUALS",
"CONTAINS",
"REGEX"
],
"id": "LbRuleMatchType",
"module_id": "LoadBalancer",
"title": "Match type for LbRule conditions",
"type": "string"
}
LbSelectPoolAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select a pool for matched HTTP request messages. The pool is specified by UUID. The matched HTTP request messages are forwarded to the specified pool.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbSelectPoolAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSelectPoolAction"
},
"properties": {
"pool_id": {
"required": true,
"title": "UUID of load balancer pool",
"type": "string"
},
"pool_name": {
"readonly": true,
"title": "Display name of load balancer pool",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select a pool for HTTP request messages",
"type": "object"
}
LbServerSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LbSslProfile
},
"id": "LbServerSslProfile",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"protocols": {
"description": "TLS1.2 is supported and enabled.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "supported SSL protocol list to client side",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "session cache enable/disable falg",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb server ssl profile (manager)"
],
"type": "object"
}
LbServerSslProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LbServerSslProfileListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbServerSslProfile
},
"required": true,
"title": "paginated list of load balancer server SSL profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbService (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LbService",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_log_enabled": {
"deprecated": true,
"details": "This is a deprecated property, please use 'access_log_enabled' in\nLbVirtualServer. If both virtual server and load balancer service have\nthe setting, the setting in virtual server layer would override it and\ntake effect.\nIf access log is enabled, all HTTP requests sent to a L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n",
"required": false,
"title": "Whether access log is enabled",
"type": "boolean"
},
"attachment": {
"$ref": "ResourceReference,
"description": "LBS could be instantiated (or created) on the Logical router, etc. Typically, it could be applied to Tier1 LogicalRouter. It can be attached to Tier0 LogicalRouter either in non-multi-tenant environments or to provide load balancing for infrastructure services offered by the provider. If size is set to DLB for distribution, the attachment is optional. The supported attachment is NSGroup consisting of VIFs of that load balancer's clients. If the attachment is not specified and size is DLB, the associated load balancer settings are applied to all supported transport nodes.",
"required": false,
"title": "The target which is used to instantiate Lb service."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"required": false,
"title": "Whether the load balancer service is enabled",
"type": "boolean"
},
"error_log_level": {
"$ref": "LbLogLevel,
"default": "INFO",
"description": "Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log.",
"required": false,
"title": "Error log level of load balancer service"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"relax_scale_validation": {
"default": false,
"deprecated": true,
"description": "If relax_scale_validation is true, the scale validations for virtual servers/pools/pool members/rules are relaxed for load balancer service. When load balancer service is deployed on edge nodes, the scale of virtual servers/pools/pool members for the load balancer service should not exceed the scale number of the largest load balancer size which could be configured on a certain edge form factor. For example, the largest load balancer size supported on a MEDIUM edge node is MEDIUM. So one SMALL load balancer deployed on MEDIUM edge nodes can support the scale number of MEDIUM load balancer. It is not recommended to enable active monitors if relax_scale_validation is true due to performance consideration. If relax_scale_validation is false, scale numbers should be validated for load balancer service. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Whether scale validation is relaxed",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"size": {
"$ref": "LbServiceSize,
"default": "SMALL",
"required": false,
"title": "The size of load balancer service"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"virtual_server_ids": {
"description": "virtual servers can be associated to LbService(which is similar to physical/virtual load balancer), Lb virtual servers, pools and other entities could be defined independently, the virtual server identifier list here would be used to maintain the relationship of LbService and other Lb entities.",
"items": {
"type": "string"
},
"required": false,
"title": "Virtual server identifier list",
"type": "array"
}
},
"search_dsl_name": [
"lb service (manager)"
],
"type": "object"
}
LbServiceDebugInfo (type)
{
"additionalProperties": false,
"description": "The information for a given load balancer service could be used for debugging and troubleshooting. It includes load balancer service, associated virtual servers, associated pools, associated profiles such as persistence, SSL, application, associated monitors and associated rules.",
"id": "LbServiceDebugInfo",
"module_id": "LoadBalancer",
"properties": {
"application_profiles": {
"description": "The application profiles are associated to virtual servers",
"items": {
"$ref": "LbAppProfile
},
"readonly": true,
"title": "Associated load balancer application profile settings",
"type": "array"
},
"client_ssl_profiles": {
"deprecated": true,
"description": "The client SSL profiles are associated to virtual servers. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LbClientSslProfile
},
"readonly": true,
"title": "Associated load balancer client SSL profile settings",
"type": "array"
},
"monitors": {
"deprecated": true,
"description": "The load balancer monitors are associated to pools. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LbMonitor
},
"readonly": true,
"title": "Associated load balancer monitor configurations",
"type": "array"
},
"persistence_profiles": {
"description": "The persistence profiles are associated to virtual servers",
"items": {
"$ref": "LbPersistenceProfile
},
"readonly": true,
"title": "Associated load balancer persistence profile settings",
"type": "array"
},
"pools": {
"description": "The pools which are associated to the given load balancer service would be included. The pools could be defined in virtual server default pool, sorry pool or load balancer rule action.",
"items": {
"$ref": "LbPool
},
"readonly": true,
"title": "Associated load balancer pool settings",
"type": "array"
},
"rules": {
"deprecated": true,
"description": "The load balancer rules are associated to virtual servers. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LbRule
},
"readonly": true,
"title": "Associated load balancer rule settings",
"type": "array"
},
"server_ssl_profiles": {
"deprecated": true,
"description": "The server SSL profiles are associated to virtual servers. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LbServerSslProfile
},
"readonly": true,
"title": "Associated load balancer server SSL profile settings",
"type": "array"
},
"service": {
"$ref": "LbService,
"description": "Load balancer service setting for a given load balancer service identifier.",
"readonly": true,
"title": "Load balancer service setting"
},
"virtual_servers": {
"description": "The virtual servers which are associated to the given load balancer service would be included.",
"items": {
"$ref": "LbVirtualServer
},
"readonly": true,
"title": "Associated virtual server settings",
"type": "array"
}
},
"title": "The debug information of the load balancer service",
"type": "object"
}
LbServiceInstanceDetail (type)
{
"id": "LbServiceInstanceDetail",
"module_id": "AggSvcLb",
"properties": {
"attachment": {
"$ref": "ResourceReference,
"description": "The resource reference which the load balancer instance deploys on.",
"title": "The load balancer instance attachment"
},
"error_message": {
"description": "The error message for the load balancer instance. If the instance status is NOT_READY, error message will be attached.",
"title": "The error message for this instance",
"type": "string"
}
},
"type": "object"
}
LbServiceInstanceDetailPerStatus (type)
{
"id": "LbServiceInstanceDetailPerStatus",
"module_id": "AggSvcLb",
"properties": {
"instance_details": {
"description": "The detailed information of the load balancer instance. This field will be only returned on realtime status API.",
"items": {
"$ref": "LbServiceInstanceDetail
},
"title": "The detail information of load balancer instance",
"type": "array"
},
"instance_number": {
"description": "It means the total number of instances in this status type for the given transport node.",
"title": "The number of instances in this status type",
"type": "integer"
},
"status": {
"$ref": "LbServiceInstanceStatusEnum,
"description": "The type of load balancer instance status.",
"title": "Load balancer instance status type"
}
},
"type": "object"
}
LbServiceInstanceDetailPerTransportNode (type)
{
"id": "LbServiceInstanceDetailPerTransportNode",
"module_id": "AggSvcLb",
"properties": {
"instance_detail_per_status": {
"description": "Load balancer instances details for each load balancer instance status type from the given transport node.",
"items": {
"$ref": "LbServiceInstanceDetailPerStatus
},
"title": "Load balancer instances details for each status",
"type": "array"
},
"transport_node_id": {
"description": "The UUID of the transport node.",
"title": "The UUID of the transport node",
"type": "string"
}
},
"type": "object"
}
LbServiceInstanceStatusEnum (type)
{
"additionalProperties": false,
"description": "READY means that the LBS instance is the oldest and applied. Sometimes, the oldest LBS might not be applied successfully, the next oldest one could be applied. CONFLICT means that the LBS instance is not the oldest and not applied. NOT_READY means that the LBS instance is the oldest, should be applied, but not applied.",
"enum": [
"READY",
"CONFLICT",
"NOT_READY"
],
"id": "LbServiceInstanceStatusEnum",
"module_id": "AggSvcLb",
"title": "Distributed load balancer service instance status",
"type": "string"
}
LbServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LbServiceListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbService
},
"required": true,
"title": "paginated list of load balancer services",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbServiceQueryRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LbServiceQueryRequestParameters",
"module_id": "LoadBalancer",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_router_id": {
"description": "When logical_router_id is specified, the list load balancer API will return the load balancer services which are related to the given logical router.",
"title": "Logical router identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Load balancer service list request parameters",
"type": "object"
}
LbServiceSize (type)
{
"additionalProperties": false,
"description": "The size of load balancer service can be, SMALL, MEDIUM, LARGE, XLARGE, or DLB. The first four sizes are realized on Edge node as a centralized load balancer. DLB is realized on each ESXi hypervisor as a distributed load balancer. DLB is supported for k8s cluster IPs managed by vSphere with Kubernetes. DLB is NOT supported for any other workload types. The load balancer service sizes, SMALL, MEDIUM, LARGE and XLARGE are all deprecated. Customers who are using this set of features are advised to migrate to NSX Advanced Load Balancer (Avi) which provides a superset of the NSX-T load balancing functionality.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE",
"DLB"
],
"id": "LbServiceSize",
"module_id": "LoadBalancer",
"title": "the size of load balancer service",
"type": "string"
}
LbServiceStatistics (type)
{
"id": "LbServiceStatistics",
"module_id": "AggSvcLb",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated"
},
"pools": {
"items": {
"$ref": "LbPoolStatistics
},
"title": "Statistics of load balancer pools",
"type": "array"
},
"service_id": {
"required": true,
"title": "load balancer service identifier",
"type": "string"
},
"statistics": {
"$ref": "LbServiceStatisticsCounter,
"title": "Load balancer service statistics counter"
},
"virtual_servers": {
"items": {
"$ref": "LbVirtualServerStatistics
},
"title": "Statistics of load balancer virtual servers",
"type": "array"
}
},
"type": "object"
}
LbServiceStatisticsCounter (type)
{
"id": "LbServiceStatisticsCounter",
"module_id": "AggSvcLb",
"properties": {
"l4_current_session_rate": {
"title": "The average number of l4 current sessions per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"l4_current_sessions": {
"title": "Number of l4 current sessions",
"type": "integer"
},
"l4_max_sessions": {
"description": "L4 max sessions is used to show the peak L4 max session data since load balancer starts to provide service.",
"title": "Number of l4 maximum sessions",
"type": "integer"
},
"l4_total_sessions": {
"title": "Number of l4 total sessions",
"type": "integer"
},
"l7_current_session_rate": {
"title": "The average number of l7 current requests per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"l7_current_sessions": {
"title": "Number of l7 current sessions",
"type": "integer"
},
"l7_max_sessions": {
"description": "L7 max sessions is used to show the peak L7 max session data since load balancer starts to provide service.",
"title": "Number of l7 maximum sessions",
"type": "integer"
},
"l7_total_sessions": {
"title": "Number of l7 total sessions",
"type": "integer"
}
},
"type": "object"
}
LbServiceStatus (type)
{
"id": "LbServiceStatus",
"module_id": "AggSvcLb",
"properties": {
"active_transport_nodes": {
"items": {
"type": "string"
},
"title": "Ids of load balancer service related active transport nodes",
"type": "array"
},
"cpu_usage": {
"title": "Cpu usage in percentage",
"type": "integer"
},
"error_message": {
"title": "Error message, if available",
"type": "string"
},
"instance_detail_per_tn": {
"description": "Details of load balancer service instance per transport node.",
"items": {
"$ref": "LbServiceInstanceDetailPerTransportNode
},
"title": "Details of load balancer service instance per transport node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated"
},
"memory_usage": {
"title": "Memory usage in percentage",
"type": "integer"
},
"pools": {
"items": {
"$ref": "LbPoolStatus
},
"title": "status of load balancer pools",
"type": "array"
},
"service_id": {
"required": true,
"title": "Load balancer service identifier",
"type": "string"
},
"service_status": {
"description": "UP means the load balancer service is working fine on both transport-nodes(if have); PARTIALLY_UP means that some DLB instances on transport node are working successfully and some instances are not working successfully; DOWN means the load balancer service is down on both transport-nodes (if have), hence the load balancer will not respond to any requests; ERROR means error happens on transport-node(s) or no status is reported from transport-node(s). The load balancer service may be working (or not working); NO_STANDBY means load balancer service is working in one of the transport node while not in the other transport-node (if have). Hence if the load balancer service in the working transport-node goes down, the load balancer service will go down; DETACHED means that the load balancer service has no attachment setting and is not instantiated in any transport nodes; DISABLED means that admin state of load balancer service is DISABLED; UNKNOWN means that no status reported from transport-nodes.The load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"DOWN",
"ERROR",
"NO_STANDBY",
"DETACHED",
"DISABLED",
"UNKNOWN"
],
"title": "Status of load balancer service",
"type": "string"
},
"standby_transport_nodes": {
"items": {
"type": "string"
},
"title": "Ids of load balancer service related standby transport nodes",
"type": "array"
},
"virtual_servers": {
"items": {
"$ref": "LbVirtualServerStatus
},
"title": "status of load balancer virtual servers",
"type": "array"
}
},
"type": "object"
}
LbServiceStatusQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DataSourceParameters
},
"id": "LbServiceStatusQueryParameters",
"module_id": "AggSvcLb",
"properties": {
"include_instance_details": {
"default": false,
"description": "The flag to indicate whether include detail information. Load balancer instance detail information will be returned if this field is set to true. It's only valid in realtime status query.",
"required": false,
"title": "Flag to indicate whether include detail information",
"type": "boolean"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_ids": {
"description": "The UUIDs of transport nodes. Multiple UUIDs should be separated by commas. If this field is specified, only the status from the given transport nodes will be returned. It's only valid in realtime status query.",
"required": false,
"title": "The UUIDs of transport nodes",
"type": "string"
}
},
"type": "object"
}
LbServiceUsage (type)
{
"additionalProperties": false,
"description": "Describes the capacity and current usage of virtual servers, pools, pool members for the given load balancer service.",
"id": "LbServiceUsage",
"module_id": "LoadBalancer",
"properties": {
"current_pool_count": {
"description": "The current number of pools which have been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of pools",
"type": "integer"
},
"current_pool_member_count": {
"description": "The current number of pool members which have been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of pool members",
"type": "integer"
},
"current_virtual_server_count": {
"description": "The current number of virtual servers which have been configured in the given load balancer service.",
"readonly": true,
"title": "The current number of virtual servers",
"type": "integer"
},
"pool_capacity": {
"description": "Pool capacity means maximum number of pools which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of pools",
"type": "integer"
},
"pool_member_capacity": {
"description": "Pool member capacity means maximum number of pool members which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of pool members",
"type": "integer"
},
"service_id": {
"readonly": true,
"title": "UUID of load balancer service",
"type": "string"
},
"service_size": {
"$ref": "LbServiceSize,
"readonly": true,
"title": "The size of load balancer service"
},
"severity": {
"$ref": "LbUsageSeverity,
"description": "The severity calculation is based on the largest usage percentage from virtual servers, pools, pool members and rules for one load balancer service.",
"readonly": true,
"title": "LB usage severity"
},
"usage_percentage": {
"description": "The usage percentage is the largest usage percentage from virtual servers, pools and pool members for the load balancer service. If the property relax_scale_validation is set as true for LbService, it is possible that the value is larger than 100.0. For example, if SMALL LBS is deployed on MEDIUM edge node and configured with MEDIUM LBS virtual server scale number, LBS usage percentage is shown larger than 100.0.",
"readonly": true,
"title": "Usage percentage",
"type": "number"
},
"virtual_server_capacity": {
"description": "Virtual server capacity means maximum number of virtual servers which could be configured in the given load balancer service.",
"readonly": true,
"title": "The capacity of virtual servers",
"type": "integer"
}
},
"title": "The usage information of the load balancer service",
"type": "object"
}
LbSessionCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbCookieTime
},
"id": "LbSessionCookieTime",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSessionCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "session cookie max idle time in seconds",
"type": "integer"
},
"cookie_max_life": {
"description": "Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "session cookie max lifetime in seconds",
"type": "integer"
},
"type": {
"$ref": "CookieTimeType,
"required": true
}
},
"type": "object"
}
LbSnatAutoMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbSnatTranslation
},
"id": "LbSnatAutoMap",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSnatAutoMap"
},
"properties": {
"port_overload": {
"default": 32,
"deprecated": true,
"description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "port overloading with same SNAT IP and port",
"type": "integer"
},
"type": {
"$ref": "SnatTranslationType,
"required": true
}
},
"type": "object"
}
LbSnatIpElement (type) (Deprecated)
{
"deprecated": true,
"id": "LbSnatIpElement",
"module_id": "LoadBalancer",
"properties": {
"ip_address": {
"$ref": "IPElement,
"required": true,
"title": "Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160"
},
"prefix_length": {
"description": "Subnet prefix length should be not specified if there is only one single IP address or IP range.",
"required": false,
"title": "subnet prefix length",
"type": "integer"
}
},
"type": "object"
}
LbSnatIpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbSnatTranslation
},
"id": "LbSnatIpPool",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSnatIpPool"
},
"properties": {
"ip_addresses": {
"description": "If an IP range is specified, the range may contain no more than 64 IP addresses.",
"items": {
"$ref": "LbSnatIpElement
},
"maxItems": 64,
"required": true,
"title": "List of Ip address or ip range",
"type": "array"
},
"port_overload": {
"default": 32,
"deprecated": true,
"description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "port overloading with same SNAT IP and port",
"type": "integer"
},
"type": {
"$ref": "SnatTranslationType,
"required": true
}
},
"type": "object"
}
LbSnatTranslation (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"id": "LbSnatTranslation",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"port_overload": {
"default": 32,
"deprecated": true,
"description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "port overloading with same SNAT IP and port",
"type": "integer"
},
"type": {
"$ref": "SnatTranslationType,
"required": true
}
},
"type": "object"
}
LbSourceIpPersistenceProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LbPersistenceProfile
},
"id": "LbSourceIpPersistenceProfile",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSourceIpPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"deprecated": true,
"description": "Persistence entries are not synchronized to the HA peer by default. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "mirroring enabled flag to synchronize persistence entries",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format <name>.<virtual_server_id>.<pool_id>. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to <name>.<profile-id>.<pool-id>. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.",
"required": false,
"title": "Persistence shared flag",
"type": "boolean"
},
"purge": {
"$ref": "SourceIpPersistencePurge,
"default": "FULL",
"required": false,
"title": "persistence purge setting"
},
"resource_type": {
"$ref": "PersistenceProfileType,
"description": "The resource_type property identifies persistence profile type.",
"required": true,
"title": "Persistence profile type"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "persistence entry expiration time in seconds",
"type": "integer"
}
},
"search_dsl_name": [
"lb source ip persistence profile (manager)"
],
"type": "object"
}
LbSslCipherAndProtocolListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LbSslCipherAndProtocolListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"ciphers": {
"items": {
"$ref": "LbSslCipherInfo
},
"required": true,
"title": "List of SSL ciphers",
"type": "array"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"protocols": {
"items": {
"$ref": "LbSslProtocolInfo
},
"required": true,
"title": "List of SSL protocols",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbSslCipherInfo (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LbSslCipherInfo",
"module_id": "LoadBalancer",
"properties": {
"cipher": {
"$ref": "SslCipher,
"required": true,
"title": "SSL cipher"
},
"cipher_group_labels": {
"description": "Several cipher groups might contain the same cipher suite, each cipher suite could have multiple cipher group labels.",
"items": {
"$ref": "SslCipherGroup
},
"title": "Cipher group label list",
"type": "array"
},
"is_default": {
"required": true,
"title": "Default SSL cipher flag",
"type": "boolean"
},
"is_secure": {
"required": true,
"title": "Secure/insecure SSL cipher flag",
"type": "boolean"
}
},
"title": "SSL cipher",
"type": "object"
}
LbSslModeSelectionAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select SSL mode. Three types of SSL mode actions can be specified in Transport phase, ssl passthrough, ssl offloading and ssl end-to-end.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbSslModeSelectionAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSslModeSelectionAction"
},
"properties": {
"ssl_mode": {
"description": "SSL Passthrough: LB establishes a TCP connection with client and another connection with selected backend server. LB won't inspect the stream data between client and backend server, but just pass it through. Backend server exchanges SSL connection with client. SSL Offloading: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTP without SSL. LB estalishes new connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. SSL End-to-End: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTPS. LB estalishes new SSL connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured.",
"enum": [
"SSL_PASSTHROUGH",
"SSL_END_TO_END",
"SSL_OFFLOAD"
],
"required": true,
"title": "Type of SSL mode",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select SSL mode",
"type": "object"
}
LbSslProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "LbSslProfile",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Load balancer abstract SSL profile",
"type": "object"
}
LbSslProtocolInfo (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LbSslProtocolInfo",
"module_id": "LoadBalancer",
"properties": {
"is_default": {
"required": true,
"title": "Default SSL protocol flag",
"type": "boolean"
},
"is_secure": {
"required": true,
"title": "Secure/insecure SSL protocol flag",
"type": "boolean"
},
"protocol": {
"$ref": "SslProtocol,
"required": true,
"title": "SSL protocol"
}
},
"title": "SSL protocol",
"type": "object"
}
LbSslSessionReusedType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"IGNORE",
"REUSED",
"NEW"
],
"id": "LbSslSessionReusedType",
"module_id": "LoadBalancer",
"title": "Type of SSL session reused",
"type": "string"
}
LbSslSniCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL SNI in client hello. This condition is only supported in TRANSPORT phase and HTTP_FORWARDING phase.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbSslSniCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbSslSniCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing SNI value.",
"required": false,
"title": "A case sensitive flag for SNI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Determine how a specified string value is used to match SNI.",
"required": false,
"title": "Match type of SNI"
},
"sni": {
"description": "The SNI(Server Name indication) in client hello message.",
"required": true,
"title": "The server name indication",
"type": "string"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match SSL SNI in client hello",
"type": "object"
}
LbStatisticsCounter (type)
{
"id": "LbStatisticsCounter",
"module_id": "AggSvcLb",
"properties": {
"bytes_in": {
"required": true,
"title": "Number of bytes in",
"type": "integer"
},
"bytes_in_rate": {
"title": "The average number of inbound bytes per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"bytes_out": {
"required": true,
"title": "Number of bytes out",
"type": "integer"
},
"bytes_out_rate": {
"title": "The average number of outbound bytes per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"current_session_rate": {
"title": "The average number of current sessions per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"current_sessions": {
"required": true,
"title": "Number of current sessions",
"type": "integer"
},
"dropped_packets_by_access_list": {
"description": "The total number of dropped TCP SYN or UDP packets by access list control.",
"title": "The total number of dropped packets by access list control",
"type": "integer"
},
"dropped_sessions_by_lbrule_action": {
"description": "The total number of dropped sessions by LB rule action.",
"title": "The total number of dropped sessions by LB rule action",
"type": "integer"
},
"http_request_rate": {
"title": "The average number of http requests per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"http_requests": {
"title": "The total number of http requests.",
"type": "integer"
},
"max_sessions": {
"required": true,
"title": "Number of maximum sessions",
"type": "integer"
},
"packets_in": {
"title": "Number of packets in",
"type": "integer"
},
"packets_in_rate": {
"title": "The average number of inbound packets per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"packets_out": {
"title": "Number of packets out",
"type": "integer"
},
"packets_out_rate": {
"title": "The average number of outbound packets per second, the number is\naveraged over the last 5 one-second intervals.\n",
"type": "number"
},
"source_ip_persistence_entry_size": {
"title": "Number of source IP persistence entries",
"type": "integer"
},
"total_sessions": {
"required": true,
"title": "Number of total sessions",
"type": "integer"
}
},
"type": "object"
}
LbTcpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbTcpHeaderCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbTcpHeaderCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_port": {
"$ref": "PortElement,
"required": true,
"title": "TCP source port of HTTP message"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match TCP header fields",
"type": "object"
}
LbTcpMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbActiveMonitor
},
"id": "LbTcpMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbTcpMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"receive": {
"description": "Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.",
"required": false,
"title": "expected data received from server",
"type": "string"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"send": {
"description": "If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.",
"required": false,
"title": "data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbUdpMonitor (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "LbActiveMonitor
},
"id": "LbUdpMonitor",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbUdpMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must fail before marking it down",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the frequency at which the system issues the monitor check (in second)",
"type": "integer"
},
"monitor_port": {
"$ref": "PortElement,
"description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.",
"required": false,
"title": "port which is used for healthcheck"
},
"receive": {
"description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.",
"required": true,
"title": "expected data received from server",
"type": "string"
},
"resource_type": {
"$ref": "MonitorType,
"required": true
},
"rise_count": {
"default": 3,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "num of consecutive checks must pass before marking it up",
"type": "integer"
},
"send": {
"description": "The data to be sent to the monitored server.",
"required": true,
"title": "data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 15,
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the number of seconds the target has in which to respond to the monitor\nrequest\n",
"type": "integer"
}
},
"type": "object"
}
LbUsageSeverity (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Severity is calculated from usage percentage: GREEN means the current usage percentage is less than 60%. ORANGE means the current usage percentage is less than 80% and larger than or equal to 60%. RED means the current usage percentage is larger than or equal to 80%.",
"enum": [
"GREEN",
"ORANGE",
"RED"
],
"id": "LbUsageSeverity",
"module_id": "LoadBalancer",
"title": "Load balancer usage severity",
"type": "string"
}
LbVariableAssignmentAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LbVariableCondition, etc.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbVariableAssignmentAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbVariableAssignmentAction"
},
"properties": {
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_name": {
"required": true,
"title": "Name of the variable to be assigned",
"type": "string"
},
"variable_value": {
"required": true,
"title": "Value of variable",
"type": "string"
}
},
"title": "Action to create variable and assign value to it.",
"type": "object"
}
LbVariableCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LbVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time.",
"extends": {
"$ref": "LbRuleCondition
},
"id": "LbVariableCondition",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbVariableCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing variable value.",
"required": false,
"title": "A case sensitive flag for variable value comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of variable value"
},
"type": {
"$ref": "LbRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"variable_name": {
"required": true,
"title": "Name of the variable to be matched",
"type": "string"
},
"variable_value": {
"required": true,
"title": "Value of variable to be matched",
"type": "string"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LbVariablePersistenceLearnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbVariablePersistenceLearnAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbVariablePersistenceLearnAction"
},
"properties": {
"persistence_profile_id": {
"description": "If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.",
"required": false,
"title": "UUID of LbPersistenceProfile",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a system embedded variable such as \"_cookie_JSESSIONID\", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as \"article\".",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to learn the variable value",
"type": "object"
}
LbVariablePersistenceOnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected.",
"extends": {
"$ref": "LbRuleAction
},
"id": "LbVariablePersistenceOnAction",
"module_id": "LoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LbVariablePersistenceOnAction"
},
"properties": {
"persistence_profile_id": {
"description": "If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.",
"required": false,
"title": "UUID of LbPersistenceProfile",
"type": "string"
},
"type": {
"$ref": "LbRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a system embedded variable such as \"_cookie_JSESSIONID\", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as \"article\".",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to persist the variable value",
"type": "object"
}
LbVirtualServer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LbVirtualServer",
"module_id": "LoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_list_control": {
"$ref": "LbAccessListControl,
"description": "Specifies the access list control to define how to filter the connections from clients.",
"required": false,
"title": "IP access list control to filter the connections"
},
"access_log_enabled": {
"default": false,
"details": "If access log is enabled, all HTTP requests sent to L7 virtual server\nare logged to the access log file. Both successful returns information\nresponses(1xx), successful responses(2xx), redirection messages(3xx) and\nunsuccessful requests, backend server returns 4xx or 5xx, are logged to\naccess log, if enabled. All L4 virtual server connections are also\nlogged to the access log if enabled. The non-significant events such as\nsuccessful requests are not logged if log_significant_event_only is set\nto true.\n",
"required": false,
"title": "Whether access log is enabled",
"type": "boolean"
},
"application_profile_id": {
"description": "The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile, etc are supported.",
"required": true,
"title": "application profile identifier",
"type": "string"
},
"client_ssl_profile_binding": {
"$ref": "ClientSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Virtual server side SSL binding setting"
},
"default_pool_member_port": {
"$ref": "PortElement,
"deprecated": true,
"description": "This is a deprecated property, please use 'default_pool_member_ports' instead. If default_pool_member_port is configured and default_pool_member_ports are not specified, both default_pool_member_port and default_pool_member_ports in response payload would return the same port value. If both are specified, default_pool_member_ports setting would take effect with higher priority.",
"required": false,
"title": "Default pool member port when member port is not defined."
},
"default_pool_member_ports": {
"description": "If default_pool_member_ports are configured, both default_pool_member_port and default_pool_member_ports in the response payload would include port settings, notice that the value of default_pool_member_port is the first element of default_pool_member_ports.",
"items": {
"$ref": "PortElement
},
"maxItems": 14,
"required": false,
"title": "Default pool member ports when member port is not defined.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"required": false,
"title": "whether the virtual server is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "virtual server IP address"
},
"ip_protocol": {
"$ref": "VirtualServerIpProtocol,
"default": "TCP",
"description": "Assigned Internet Protocol in IP header, TCP, UDP are supported.",
"required": false,
"title": "virtual server IP protocol"
},
"log_significant_event_only": {
"default": false,
"description": "The property log_significant_event_only can take effect only when access_log_enabled is true. If log_significant_event_only is true, significant events are logged in access log. For L4 virtual server, significant event means unsuccessful(error or dropped) TCP/UDP connections. For L7 virtual server, significant event means unsuccessful connections or HTTP/HTTPS requests which have error response code(e.g. 4xx, 5xx).",
"required": false,
"title": "Log only significant event in access log",
"type": "boolean"
},
"max_concurrent_connections": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "maximum concurrent connection number",
"type": "integer"
},
"max_new_connection_rate": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "maximum new connection rate in second",
"type": "integer"
},
"persistence_profile_id": {
"description": "Persistence profile is used to allow related client connections to be sent to the same backend server.",
"required": false,
"title": "persistence profile identifier",
"type": "string"
},
"pool_id": {
"description": "The server pool(LbPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application.",
"required": false,
"title": "default server pool identifier",
"type": "string"
},
"port": {
"$ref": "PortElement,
"deprecated": true,
"description": "This is a deprecated property, please use 'ports' instead. Port setting could be single port for both L7 mode and L4 mode. For L4 mode, a single port range is also supported. The port setting could be a single port or port range such as \"80\", \"1234-1236\". If port is configured and ports are not specified, both port and ports in response payload would return the same port value. If both port and ports are configured, ports setting would take effect with higher priority.",
"required": false,
"title": "Virtual server port number or port range"
},
"ports": {
"description": "Port setting could be a single port for both L7 mode and L4 mode. For L4 mode, multiple ports or port ranges are also supported such as \"80\", \"443\", \"1234-1236\". If ports is configured, both port and ports in the response payload would include port settings, notice that the port field value is the first element of ports.",
"items": {
"$ref": "PortElement
},
"maxItems": 14,
"required": false,
"title": "Virtual server ports or port ranges",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_ids": {
"deprecated": true,
"description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LbHttpProfile. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"type": "string"
},
"maxItems": 4000,
"required": false,
"title": "List of load balancer rule identifiers",
"type": "array"
},
"server_ssl_profile_binding": {
"$ref": "ServerSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL client and establishing a connection to the backend server. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Pool side SSL binding setting"
},
"sorry_pool_id": {
"deprecated": true,
"description": "When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Identifier of sorry server pool",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"search_dsl_name": [
"lb virtual server (manager)"
],
"type": "object"
}
LbVirtualServerDeleteParameters (type)
{
"additionalProperties": false,
"id": "LbVirtualServerDeleteParameters",
"module_id": "LoadBalancer",
"properties": {
"delete_associated_rules": {
"default": false,
"description": "If this is set to true, the associated rules are also deleted when virtual server is deleted if the rules are not used by other virtual servers.",
"required": false,
"title": "Delete associated rules",
"type": "boolean"
}
},
"type": "object"
}
LbVirtualServerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LbVirtualServerListResult",
"module_id": "LoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbVirtualServer
},
"required": true,
"title": "paginated list of virtual servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbVirtualServerStatistics (type)
{
"id": "LbVirtualServerStatistics",
"module_id": "AggSvcLb",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated"
},
"statistics": {
"$ref": "LbStatisticsCounter,
"required": true,
"title": "Virtual server statistics counter"
},
"virtual_server_id": {
"required": true,
"title": "load balancer virtual server identifier",
"type": "string"
}
},
"type": "object"
}
LbVirtualServerStatisticsListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LbVirtualServerStatisticsListResult",
"module_id": "AggSvcLb",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbVirtualServerStatistics
},
"required": true,
"title": "paginated statistics list of virtual servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbVirtualServerStatus (type)
{
"id": "LbVirtualServerStatus",
"module_id": "AggSvcLb",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp when the data was last updated."
},
"status": {
"description": "UP means that all primary members in default pool are in UP status. For L7 virtual server, if there is no default pool, the virtual server would be treated as UP. PARTIALLY_UP means that some(not all) primary members in default pool are in UP status. The size of these active primary members should be larger than or equal to the certain number(min_active_members) which is defined in LbPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members in default pool are in UP status but backup members are in UP status, the connections would be dispatched to backup members. DOWN means that all primary and backup members are in DOWN status. DETACHED means that the virtual server is not bound to any service. DISABLED means that the admin state of the virtual server is disabled. UNKNOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).",
"enum": [
"UP",
"PARTIALLY_UP",
"PRIMARY_DOWN",
"DOWN",
"DETACHED",
"DISABLED",
"UNKNOWN"
],
"title": "Virtual server status",
"type": "string"
},
"virtual_server_id": {
"required": true,
"title": "load balancer virtual server identifier",
"type": "string"
}
},
"type": "object"
}
LbVirtualServerStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LbVirtualServerStatusListResult",
"module_id": "AggSvcLb",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LbVirtualServerStatus
},
"required": true,
"title": "paginated status list of virtual servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LbVirtualServerWithRule (type)
{
"additionalProperties": false,
"id": "LbVirtualServerWithRule",
"module_id": "LoadBalancer",
"properties": {
"rules": {
"deprecated": true,
"description": "It is used to add rules, update rules and bind rules to the virtual server. To add new rules, make sure that the rules have no identifier specified, the new rules are automatically generated and associated to the virtual server. If the virtual server need to consume some existed rules without change, those rules should not be specified in the list, otherwise, the rules are updated. For update_with_rules action, it supports rules delete and update. To delete old rules, the rules should not be configured in new action, the UUID of deleted rules should be removed from rule_ids. To update rules, the rules should be specified with new change and configured with identifier. If there are some rules which are not modified, those rule should not be specified in the rules list, the UUID list of rules should be specified in rule_ids of LbVirtualServer. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LbRule
},
"title": "Associated load balancer rules",
"type": "array"
},
"virtual_server": {
"$ref": "LbVirtualServer,
"description": "If rules need to be associated to the virtual server, please set rules properties of LbVirtualServerWithRule with rule list configuration. For the rules which are not modified but associated to the virtual server, the rule UUID list should be specified in rule_ids property of LbVirtualServer and the associated rules should not be specified in rules of LbVirtualServerWithRule.",
"required": true,
"title": "Virtual server configuration"
}
},
"type": "object"
}
LdapIdentitySource (type)
{
"abstract": true,
"description": "This is the base type for all identity sources that use LDAP for authentication and group membership.",
"extends": {
"$ref": "ManagedResource
},
"id": "LdapIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An LDAP identity source",
"type": "object"
}
LdapIdentitySourceListResult (type)
{
"description": "The results of listing LDAP identity sources.",
"extends": {
"$ref": "ListResult
},
"id": "LdapIdentitySourceListResult",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LdapIdentitySource
},
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List results containing LDAP identity sources",
"type": "object"
}
LdapIdentitySourceProbeResults (type)
{
"description": "Results from probing all LDAP servers in an LDAP identity source configuration.",
"extends": {
"$ref": "Resource
},
"id": "LdapIdentitySourceProbeResults",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"results": {
"description": "Probe results for all probed LDAP servers.",
"items": {
"$ref": "IdentitySourceLdapServerProbeResult
},
"title": "Probe results",
"type": "array"
}
},
"title": "Results from probing all LDAP servers",
"type": "object"
}
LdapIdentitySourceSearchRequestParameters (type)
{
"additionalProperties": false,
"description": "To search for a user or group in an LDAP identity source, provide a filter_value. The directory will be searched for users and groups that match the search string. User searches: For Active Directory sources, the directory will be searched for users whose commonName (CN) property contains the given string and for users whose samAccountName property contains the given string. For OpenLDAP sources, the directory will be searched for users whose commonName (CN) property contains the given string and for users whose uid property contains the given string. Group searches: For both Active Directory and OpenLDAP sources, the directory will be searched for groups whose commonName (CN) property contains the the given string. The LDAP server may impose a limit on the number of returned entries.",
"id": "LdapIdentitySourceSearchRequestParameters",
"module_id": "LdapIdentitySources",
"properties": {
"filter_value": {
"description": "A string to use when searching for users and groups in the LDAP identity source.",
"required": true,
"title": "Search filter value",
"type": "string"
}
},
"title": "Arguments for searching users and groups",
"type": "object"
}
LdapIdentitySourceSearchResultItem (type)
{
"id": "LdapIdentitySourceSearchResultItem",
"module_id": "LdapIdentitySources",
"properties": {
"common_name": {
"description": "The Common Name (CN) of the entry, if available.",
"title": "Common Name (CN) of entry",
"type": "string"
},
"dn": {
"description": "Distinguished name (DN) of the entry.",
"title": "DN of the entry",
"type": "string"
},
"principal_name": {
"description": "For Active Directory (AD) users, this will be the user principal name (UPN), in the format user@domain. For non-AD users, this will be the user's uid property, followed by \"@\" and the domain of the directory. For groups, this will be the group's common name, followed by \"@\" and the domain of the directory.",
"title": "The principal name of the user or group, if available",
"type": "string"
},
"type": {
"description": "Describes the type of the entry",
"enum": [
"USER",
"GROUP"
],
"title": "Type of the entry",
"type": "string"
}
},
"type": "object"
}
LdapIdentitySourceSearchResultList (type)
{
"description": "A list of LDAP entries returned from a search of an LDAP identity source.",
"extends": {
"$ref": "Resource
},
"id": "LdapIdentitySourceSearchResultList",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"results": {
"items": {
"$ref": "LdapIdentitySourceSearchResultItem
},
"type": "array"
}
},
"title": "A list of LDAP search results",
"type": "object"
}
LdapProbeError (type)
{
"description": "Detail about one error encountered during a probe.",
"id": "LdapProbeError",
"module_id": "LdapIdentitySources",
"properties": {
"error_type": {
"description": "The cause of the error. BASE_DN_NOT_FOUND: The configured base DN does not exist on the LDAP server or is not readable. BIND_DN_AND_PASSWORD_REQUIRED: This server is configured to require a bind DN and password. Please add these to your LDAP server configuration. BIND_DN_INVALID: The bind DN or username provided is not valid on the LDAP server. Check that the bind DN is correct. This error may also indicate that the base DN in your configuration is incorrect. CERTIFICATE_HOSTNAME_MISMATCH_ERROR: The hostname configured for the LDAP server does not match the hostname in the server's certificate subject or alternative subject names. Be sure that the hostname you configure in NSX Manager matches one of those names. CERTIFICATE_MISMATCH_ERROR: The certificate presented by the LDAP server did not match the certificate in the configuration on the NSX Manager. CONNECTION_REFUSED: The connection was refused when contacting the LDAP server. Ensure that the LDAP server is running and that you are using the correct ip/hostname. CONNECTION_TIMEOUT: The connection timed out when contacting the LDAP server. Check the hostname/ip and any firewalls between the NSX Manager and the LDAP server. GENERAL_ERROR: An undetermined error occurred. INVALID_CONFIGURED_CERTIFICATE: The certificate configured for this LDAP server is invalid and could not be decoded. Check that the PEM-formatted certificate you provided is correct. INVALID_CREDENTIALS: The username and/or password are incorrect. SSL_HANDSHAKE_ERROR: An error occurred while establishing a secure connection with the LDAP server. Check that the LDAP server's certificate is correct, and that it is using an SSL/TLS cipher suite that is compatible with the NSX Manager. This error can also occur if the hostname you have configured for the LDAP server does not match any of the hostnames in the Subject Alternative Name records in the server certificate. STARTTLS_FAILED: Unable to use StartTLS to upgrade the connection to use TLS. Ensure that the LDAP server supports TLS and if not, use LDAP or LDAPS as the protocol. UNKNOWN_HOST: The hostname of the LDAP server could not be resolved. NO_ROUTE_TO_HOST: There is no network route to the host. BIND_EXCEPTION: A socket to the remote host could not be opened. PORT_UNREACHABLE: The LDAP port is not open on the remote host. BASE_DN_NOT_WITHIN_DOMAIN: For Active Directory, the base DN is not a subtree of the Domain Component tree corresponding to the LDAP domain. For example, if the domain is \"example.com\", the baseDN should be \"dc=example, dc=com\" or a subtree like \"ou=Users,dc=example,dc=com\". LDAP_SERVER_DISABLED: The LDAP server is marked as disabled in the NSX configuration and will not be used.",
"enum": [
"BASE_DN_NOT_FOUND",
"BIND_DN_AND_PASSWORD_REQUIRED",
"BIND_DN_INVALID",
"CERTIFICATE_HOSTNAME_MISMATCH_ERROR",
"CERTIFICATE_MISMATCH_ERROR",
"CONNECTION_REFUSED",
"CONNECTION_TIMEOUT",
"GENERAL_ERROR",
"INVALID_CONFIGURED_CERTIFICATE",
"INVALID_CREDENTIALS",
"SSL_HANDSHAKE_ERROR",
"STARTTLS_FAILED",
"UNKNOWN_HOST",
"NO_ROUTE_TO_HOST",
"BIND_EXCEPTION",
"PORT_UNREACHABLE",
"BASE_DN_NOT_WITHIN_DOMAIN",
"LDAP_SERVER_DISABLED"
],
"title": "Error type",
"type": "string"
}
},
"title": "Error detail from probe",
"type": "object"
}
Legend (type)
{
"additionalProperties": false,
"description": "Represents legend that describes the entities of the widget.",
"id": "Legend",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alignment": {
"default": "VERTICAL",
"description": "Describes the alignment of legend. Alignment of a legend denotes how individual items of the legend are aligned in a container. For example, if VERTICAL is chosen then the items of the legend will appear one below the other and if HORIZONTAL is chosen then the items will appear side by side.",
"enum": [
"HORIZONTAL",
"VERTICAL"
],
"title": "Alignment of the legend",
"type": "string"
},
"display_count": {
"default": true,
"description": "If set to true, it will display the counts in legend. If set to false, counts of entities are not displayed in the legend.",
"title": "Show count of entities in the legend",
"type": "boolean"
},
"display_mode": {
"default": "SHOW_ALL_LEGENDS",
"description": "Display mode for legends.",
"enum": [
"SHOW_ALL_LEGENDS",
"SHOW_MIN_NO_OF_LEGENDS",
"SHOW_OTHER_GROUP_WITH_LEGENDS"
],
"title": "Display mode for legends.",
"type": "string"
},
"filterable": {
"default": false,
"description": "Show checkbox along with legends if value is set to true. Widget filtering capability can be enable based on legend checkbox selection. for 'display_mode' SHOW_OTHER_GROUP_WITH_LEGENDS filterable property is not supported.",
"title": "Show checkbox along with legends if value is set to true",
"type": "boolean"
},
"min_legends_display_count": {
"default": 3,
"description": "A minimum number of legends to be displayed upfront. if 'display_mode' is set to SHOW_MIN_NO_OF_LEGENDS then this property value will be used to display number of legends upfront in the UI.",
"maximum": 12,
"minimum": 1,
"title": "A minimum number of legends to be displayed.",
"type": "int"
},
"other_group_legend_label": {
"default": "WIDGET_LABEL_OTHER_LEGEND_LABEL",
"description": "A translated label for showing other category label in legends.",
"title": "A label for showing other category in legends.",
"type": "string"
},
"position": {
"default": "RIGHT",
"description": "Describes the relative placement of legend. The legend of a widget can be placed either to the TOP or BOTTOM or LEFT or RIGHT relative to the widget. For example, if RIGHT is chosen then legend is placed to the right of the widget.",
"enum": [
"TOP",
"BOTTOM",
"LEFT",
"RIGHT",
"TOP_RIGHT"
],
"title": "Placement of legend",
"type": "string"
},
"type": {
"default": "CIRCLE",
"description": "Describes the render type for the legend. The legend for an entity describes the entity in the widget. The supported legend type is a circle against which the entity's details such as display_name are shown. The color of the circle denotes the color of the entity shown inside the widget.",
"enum": [
"CIRCLE"
],
"title": "Type of the legend",
"type": "string"
},
"unit": {
"description": "Show unit of entities in the legend.",
"title": "Show unit of entities in the legend",
"type": "string"
}
},
"title": "Legend for the widget",
"type": "object"
}
LegendWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for Legend widget. For this widget the data source is not applicable. This widget can be use to add the Legend inside the dashboard container.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "LegendWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "LegendWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"layout": {
"$ref": "Legend,
"description": "Defines the layout for the legend widget",
"required": true,
"title": "A layout for legend widget."
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"source_widget_id": {
"description": "Id of source widget, if any. Id should be a valid id of an existing widget. This property can be used to identify the source of the data for this legend widget.",
"maxLength": 255,
"required": true,
"title": "Id of source widget for this legend widget",
"type": "string"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Legend widget Configuration",
"type": "object"
}
License (type)
{
"additionalProperties": false,
"description": "license properties",
"extends": {
"$ref": "Resource
},
"id": "License",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"capacity_type": {
"description": "License metrics specifying the capacity type of license key. Types are: - VM - CPU - USER(Concurrent User) - CORE - HOST",
"enum": [
"VM",
"CPU",
"USER",
"CORE",
"HOST"
],
"readonly": true,
"title": "license metric",
"type": "string"
},
"description": {
"readonly": true,
"title": "license edition",
"type": "string"
},
"expiry": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "date that license expires"
},
"features": {
"readonly": true,
"title": "semicolon delimited feature list",
"type": "string"
},
"is_editable": {
"readonly": true,
"title": "whether the license can be edit",
"type": "boolean"
},
"is_eval": {
"readonly": true,
"title": "true for evalution license",
"type": "boolean"
},
"is_expired": {
"readonly": true,
"title": "whether the license has expired",
"type": "boolean"
},
"is_mh": {
"readonly": true,
"title": "multi-hypervisor support",
"type": "boolean"
},
"license_key": {
"required": true,
"sensitive": true,
"title": "license key",
"type": "secure_string"
},
"product_name": {
"readonly": true,
"title": "product name",
"type": "string"
},
"product_version": {
"readonly": true,
"title": "product version",
"type": "string"
},
"quantity": {
"readonly": true,
"title": "license capacity; 0 for unlimited",
"type": "integer"
},
"vc_names": {
"description": "VCF licenses are from vCenters. This property is to record which vCenters this license comes from. If this license is NSX license and imported from NSX, this property is empty.",
"items": {
"type": "string"
},
"readonly": true,
"title": "vCenter names",
"type": "array"
}
},
"type": "object"
}
LicensesListResult (type)
{
"description": "Licenses queries result",
"extends": {
"$ref": "ListResult
},
"id": "LicensesListResult",
"module_id": "License",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "License
},
"readonly": true,
"required": true,
"title": "Licenses Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LineChartPlotConfiguration (type)
{
"additionalProperties": false,
"description": "A line chart plotting configuration.",
"extends": {
"$ref": "WidgetPlotConfiguration
},
"id": "LineChartPlotConfiguration",
"module_id": "NsxDashboard",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
},
"fill_gradient_area": {
"description": "Fill the line chart area with a gradient series color.",
"title": "Fill the line chart area with a gradient series color.",
"type": "boolean"
},
"num_of_series_to_display": {
"description": "Specifies the number of series to be displayed in a line chart. If no value is provided all the series will be displayed.",
"maximum": 16,
"minimum": 1,
"title": "A number of series to be displayed upfront.",
"type": "int"
},
"show_curved_lines": {
"default": true,
"description": "Used for displaying the curved lines for a series in a line chart. By default, straight line is used to for a series in a line chart.",
"title": "Show curved lines for series",
"type": "boolean"
},
"show_data_in_tooltip": {
"default": false,
"description": "Show the data in tooltip.",
"title": "Show data in tooltip.",
"type": "boolean"
},
"show_data_points": {
"default": true,
"description": "Controls the visiblity of the data points on the line chart. If value is set to false data points wont be high- lighted on the lines.",
"title": "Show the Data point highlighting in line chart",
"type": "boolean"
},
"show_grid_lines": {
"default": true,
"description": "Controls the visiblity of the grid lines in line chart.",
"title": "Show grid lines",
"type": "boolean"
},
"show_grouped_tooltip": {
"default": false,
"description": "Controls the visiblity of the grouped tooltip in a line chart across all series.",
"title": "Derives to show the grouped tooltip",
"type": "boolean"
},
"show_min_max_on_series": {
"default": false,
"description": "Controls the visiblity of the min and max value across line series in line chart.",
"title": "Show min and max value on line series",
"type": "boolean"
},
"show_unit_in_tooltip": {
"default": false,
"description": "Show the data unit in tooltip.",
"title": "Show data unit in tooltip.",
"type": "boolean"
},
"sort_data_in_grouped_tooltip": {
"default": false,
"description": "Sort the data in grouped tooltip.",
"title": "Sort the data in grouped tooltip",
"type": "boolean"
},
"sort_series": {
"default": false,
"description": "Specifies whether the series should be sorted by the latest data point.",
"title": "Perform sorting on series using the latest data point",
"type": "boolean"
}
},
"title": "A line chart plotting configuration",
"type": "object"
}
ListByNodeIdParameters (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "ListByNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
ListByOptionalNodeIdParameters (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "ListByOptionalNodeIdParameters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "Transport node id",
"type": "string"
},
"type": {
"description": "BGP neighbor type",
"enum": [
"INTER_SR",
"USER"
],
"readonly": true,
"title": "BGP neighbor type",
"type": "string"
}
},
"type": "object"
}
ListByOptionalTransportNodeParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListByOptionalTransportNodeParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"required": false,
"title": "Transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ListByRequiredNodeIdParameters (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "ListByRequiredNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
ListCertParameter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListCertParameter",
"module_id": "CertificateManager",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"details": {
"default": false,
"required": false,
"title": "whether to expand the pem data and show all its details",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_id": {
"description": "Provide this parameter to limit the list of returned certificates to those matching a particular node ID.",
"required": false,
"title": "Node ID of certificate to return",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Provide this parameter to limit the list of returned certificates to those matching a particular usage. Passing cluster_certificate will return the certificate used for the cluster wide API service.",
"enum": [
"cluster_api_certificate",
"api_certificate"
],
"required": false,
"title": "Type of certificate to return",
"type": "string"
}
},
"type": "object"
}
ListRequestParameters (type)
{
"additionalProperties": {},
"extends": {
"$ref": "IncludedFieldsParameters
},
"id": "ListRequestParameters",
"module_id": "Common",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ListResult (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ListResult",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Base class for list results from collections",
"type": "object"
}
ListResultQueryParameters (type)
{
"id": "ListResultQueryParameters",
"module_id": "Common",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
}
},
"title": "Parameters that affect how list results are processed",
"type": "object"
}
ListWithDataSourceParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListWithDataSourceParameters",
"module_id": "Types",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
LiveTraceActionConfig (type)
{
"id": "LiveTraceActionConfig",
"module_id": "LiveTrace",
"properties": {
"count_config": {
"$ref": "CountActionConfig,
"readonly": true,
"required": false,
"title": "The count action config"
},
"datapath_stats_config": {
"$ref": "DatapathStatsActionConfig,
"description": "The datapath statistics action is exclusive, which can be enabled only when other actions are disabled.",
"readonly": true,
"required": false,
"title": "The datapath statistics action config"
},
"pktcap_config": {
"$ref": "PktcapActionConfig,
"readonly": true,
"required": false,
"title": "The packet capture action config"
},
"trace_config": {
"$ref": "TraceActionConfig,
"readonly": true,
"required": false,
"title": "The trace action config"
}
},
"type": "object"
}
LiveTraceActionType (type)
{
"description": "TRACE - Tracing packet by reporting observations in datapath. PKTCAP - Dumping packet to PCAP file. COUNT - Counting packet on checkpoint. DATAPATH_STATS - Datapath statistics action.",
"enum": [
"TRACE",
"PKTCAP",
"COUNT",
"DATAPATH_STATS"
],
"id": "LiveTraceActionType",
"module_id": "LiveTrace",
"type": "string"
}
LiveTraceConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LiveTraceConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"$ref": "PolicyLiveTraceActionConfig,
"description": "Configuration of actions on the filtered packets.",
"required": true,
"title": "Livetrace actions"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"filter": {
"$ref": "LiveTraceFilterData,
"description": "Filter for flows of interest.",
"required": false,
"title": "Packet filter"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_config": {
"$ref": "PolicyLiveTraceIpsecVpnConfig,
"description": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface",
"required": false,
"title": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface"
},
"is_transient": {
"default": true,
"description": "This field indicates whether the intent is transient. If it is set to true, intent will be cleaned up after 1 hour of inactivity.",
"required": false,
"title": "Marker to indicate if the intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"src_port_path": {
"description": "Policy path of logical port to start a livetrace session.",
"required": false,
"title": "Policy path of logical port",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10,
"description": "The duration for observing live traffic on the specified source logical port.",
"maximum": 600,
"minimum": 5,
"required": false,
"title": "Timeout in seconds for livetrace session",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Livetrace configuration",
"type": "object"
}
LiveTraceConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LiveTraceConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LiveTraceConfig
},
"required": true,
"title": "LiveTraceConfig list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of LiveTraceConfig entities",
"type": "object"
}
LiveTraceDetailListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "LiveTraceDetailListParameters",
"module_id": "LiveTrace",
"properties": {
"action_type": {
"$ref": "LiveTraceActionType,
"required": false,
"title": "The type of observations that will be listed."
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Livetrace result list parameters",
"type": "object"
}
LiveTraceFilterData (type)
{
"abstract": true,
"id": "LiveTraceFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
}
},
"type": "object"
}
LiveTraceFilterInvalidInfo (type)
{
"id": "LiveTraceFilterInvalidInfo",
"module_id": "LiveTrace",
"properties": {
"filter": {
"$ref": "LiveTraceFilterData,
"description": "Invalid packet filter used in the Livetrace session.",
"readonly": true,
"required": false,
"title": "Invalid packet filter in use"
},
"reason": {
"description": "The description of why the filter is rejected by the transport node.",
"readonly": true,
"required": false,
"title": "Reason of invalid packet filter",
"type": "string"
}
},
"type": "object"
}
LiveTraceIpsecVpnConfig (type)
{
"additionalProperties": false,
"description": "Information for deriving virtual tunnel interface (VTI) of Route-based IPSec VPN session.",
"id": "LiveTraceIpsecVpnConfig",
"module_id": "LiveTrace",
"properties": {
"session_id": {
"description": "IPSec VPN session universally unique identifier",
"required": true,
"title": "VPN session UUID",
"type": "string"
}
},
"title": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface",
"type": "object"
}
LiveTraceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LiveTraceListResult",
"module_id": "LiveTrace",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LiveTraceStatus
},
"required": false,
"title": "Livetrace status list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LiveTracePacketGranularActionConfig (type)
{
"additionalProperties": false,
"id": "LiveTracePacketGranularActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"dest_ipsec_vpn_config": {
"$ref": "PolicyLiveTraceIpsecVpnConfig,
"description": "It is required only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same IPSec VPN config specified for the reverse direction.",
"required": false,
"title": "IPSec VPN configuration for the reverse direction of a livetrace session."
},
"dest_port_path": {
"description": "Policy path of logical port for the reverse direction of a livetrace session. It is required only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same port specified for the reverse direction.",
"required": false,
"title": "Policy path of logical port",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "Filter for flows of interest at the reverse direction. It takes effect only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same filter specified for the reverse direction.",
"required": false,
"title": "Packet filter"
},
"sampling": {
"$ref": "LiveTraceSamplingConfig,
"description": "Sampling parameter for the action. Trace action, packet capture action, and datapath statistics action only support first-N sampling. Count action will sample all packets that match the filter criteria, so there is no need to provide sampling for count action.",
"required": false,
"title": "Sampling parameter for the action"
},
"trace_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"required": true,
"title": "Type of trace",
"type": "string"
}
},
"title": "Configuration of livetrace packet granular action",
"type": "object"
}
LiveTraceRequest (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "LiveTraceRequest",
"module_id": "LiveTrace",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"$ref": "LiveTraceActionConfig,
"readonly": true,
"required": true,
"title": "Actions to the filtered packet"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"filter": {
"$ref": "LiveTraceFilterData,
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_config": {
"$ref": "LiveTraceIpsecVpnConfig,
"description": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface",
"required": false,
"title": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_lport": {
"readonly": true,
"required": true,
"title": "Source logical port",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10,
"maximum": 600,
"minimum": 5,
"required": false,
"title": "Timeout in seconds for livetrace session",
"type": "integer"
}
},
"type": "object"
}
LiveTraceResult (type)
{
"additionalProperties": false,
"id": "LiveTraceResult",
"module_id": "LiveTrace",
"properties": {
"counter_results": {
"$ref": "CounterResult,
"description": "The results of the count action.",
"required": false,
"title": "Count action results"
},
"datapath_stats_results": {
"description": "The results of the datapath statistics action.",
"items": {
"$ref": "DatapathStatsResult
},
"required": false,
"title": "Datapath statistics action results",
"type": "array"
},
"id": {
"description": "The id is assigned by Livetrace and cannot be specified by user.",
"readonly": true,
"required": true,
"title": "ID of a livetrace session",
"type": "string"
},
"pktcap_results": {
"items": {
"$ref": "PktCapResult
},
"required": false,
"title": "PktCap action results",
"type": "array"
},
"trace_results": {
"items": {
"$ref": "TraceResult
},
"required": false,
"title": "Trace action observation list results",
"type": "array"
}
},
"type": "object"
}
LiveTraceSamplingConfig (type)
{
"additionalProperties": false,
"id": "LiveTraceSamplingConfig",
"module_id": "PolicyConnectivity",
"properties": {
"match_number": {
"customValidation": {
"OPTION_1_TRACE": {
"code": 1,
"maximum": 50,
"minimum": 1,
"validator": "range"
},
"OPTION_2_PKT_CAP": {
"code": 2,
"maximum": 500,
"minimum": 1,
"validator": "range"
},
"key": "code",
"keyType": "int",
"namespace": "LiveTraceSamplingConfigMatchNumber"
},
"description": "First N packets are sampled. The upper limits of sampling number for livetrace actions are listed as below: - trace action: 50 - packet capture action: 500 - datapath statistics action: 65535",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Parameter for first-N sampling.",
"type": "integer"
},
"sampling_interval": {
"description": "A packet is sampled for every given time interval in ms.",
"maximum": 30000,
"minimum": 1,
"required": false,
"title": "Parameter for interval based sampling",
"type": "integer"
},
"sampling_rate": {
"description": "1 out of N packets is sampled on average.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Parameter for packet number based sampling",
"type": "integer"
}
},
"title": "Sampling parameter for a livetrace action",
"type": "object"
}
LiveTraceStatus (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "LiveTraceStatus",
"module_id": "LiveTrace",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"$ref": "LiveTraceActionConfig,
"readonly": true,
"required": true,
"title": "Action to the filtered packet"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"filter": {
"$ref": "LiveTraceFilterData,
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest"
},
"filter_invalid_info": {
"description": "The detail of invalid filter(s) in a Livetrace session. This field is only applicable for filters of PlainFilterData type.",
"items": {
"$ref": "LiveTraceFilterInvalidInfo
},
"readonly": true,
"required": false,
"title": "Detail on invalid filter(s) in a Livetrace session.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"invalidation_reason": {
"description": "The reason of invalidating a Livetrace session. PORT_DISCONNECT - Source or destination logical port of the session is disconnected or disabled. DP_DESTROY - Dataplane is destroyed. UNKNOWN - The invalidation reason cannot be determined. PCAP_IO_FAILURE - Exception occurred when writing captured packets to file. In general, this issue could be caused by insufficient disk partition space of /tmp on ESXi or Edge.",
"enum": [
"PORT_DISCONNECT",
"DP_DESTROY",
"UNKNOWN",
"PCAP_IO_FAILURE"
],
"readonly": true,
"required": false,
"title": "Livetrace invalidation reason",
"type": "string"
},
"ipsec_vpn_config": {
"$ref": "LiveTraceIpsecVpnConfig,
"description": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface",
"readonly": true,
"required": false,
"title": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface"
},
"operation_state": {
"description": "The operation state of Livetrace. IN_PROGRESS - collecting the session results. FINISHED - session results collection completes. PARTIAL_FINISHED - session results may be incomplete. CANCELED - session is cancelled by exception. INVALIDATED - session is invalidated by configuration changes such as VM migration. TIMEOUT - session is not completed on time.",
"enum": [
"IN_PROGRESS",
"FINISHED",
"PARTIAL_FINISHED",
"CANCELED",
"INVALIDATED",
"TIMEOUT"
],
"readonly": true,
"required": true,
"title": "Operation state",
"type": "string"
},
"request_status": {
"description": "The status of a Livetrace request. SUCCESS_DELIVERED - The request is delivered successfully. LCP_FAILURE - LCP agent fails to realize the request. INVALID_FILTER - Filter is invalid. DATAPATH_FAILURE - Dataplane fails to realize the request. TIMEOUT - The response to the request is not received within timeout. CONNECTION_ERROR - There is connection error between host components. UNKNOWN - The status of request cannot be determined.",
"enum": [
"SUCCESS_DELIVERED",
"LCP_FAILURE",
"INVALID_FILTER",
"DATAPATH_FAILURE",
"CONNECTION_ERROR",
"TIMEOUT",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Livetrace request status",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_lport": {
"readonly": true,
"required": true,
"title": "The source logical port",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"maximum": 600,
"minimum": 5,
"readonly": true,
"required": true,
"title": "Timeout in seconds for livetrace session",
"type": "integer"
}
},
"type": "object"
}
LiveTraceStatusRequest (type)
{
"additionalProperties": false,
"id": "LiveTraceStatusRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on which livetrace session was created.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Livetrace request status",
"type": "object"
}
LldpHostSwitchProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseHostSwitchProfile
},
"id": "LldpHostSwitchProfile",
"module_id": "LldpHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "LldpHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType,
"required": true
},
"send_enabled": {
"required": true,
"title": "Enabled or disabled sending LLDP packets",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Host Switch for LLDP",
"type": "object"
}
LoadBalancerAllocationPool (type)
{
"additionalProperties": false,
"extends": {
"$ref": "EdgeClusterMemberAllocationPool
},
"id": "LoadBalancerAllocationPool",
"module_id": "LogicalRouter",
"polymorphic-type-descriptor": {
"type-identifier": "LoadBalancerAllocationPool"
},
"properties": {
"allocation_pool_type": {
"$ref": "AllocationPoolType,
"required": true
},
"allocation_size": {
"default": "SMALL",
"description": "To address varied customer performance and scalability requirements, different sizes for load balancer service are supported: SMALL, MEDIUM, LARGE and XLARGE, each with its own set of resource and performance. Specify size of load balancer service which you will bind to TIER1 router.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE"
],
"required": true,
"title": "Size of load balancer service",
"type": "string"
}
},
"type": "object"
}
LoadBalancerVPCEndpoint (type)
{
"description": "Load Balancer for VPC",
"id": "LoadBalancerVPCEndpoint",
"module_id": "PolicyVpc",
"properties": {
"enabled": {
"default": false,
"description": "Flag to enable load balancer for VPC.",
"required": false,
"title": "Flag to indicate whether support for load balancing is needed. Setting this flag to true causes allocation of private IPs from the private block associated with this VPC tobe used by the load balancer.",
"type": "boolean"
}
},
"title": "Load Balancer configuration",
"type": "object"
}
LocalBundlePath (type)
{
"additionalProperties": false,
"description": "Path of a local bundle which needs to be uploaded.",
"extends": {
"$ref": "BundleUploadParameters
},
"id": "LocalBundlePath",
"module_id": "FileUploadFramework",
"properties": {
"file": {
"readonly": false,
"required": true,
"title": "Local bundle",
"type": "multipart_file"
},
"file_type": {
"description": "Type of file which will be uploaded.",
"enum": [
"OVA"
],
"required": true,
"title": "Type of file",
"type": "string"
},
"product": {
"description": "Name of the appliance for which upload is performed.",
"enum": [
"SAMPLE",
"ALB_CONTROLLER",
"INTELLIGENCE"
],
"required": true,
"title": "Name of the appliance",
"type": "string"
}
},
"title": "Path of a local bundle",
"type": "object"
}
LocalEgress (type)
{
"additionalProperties": false,
"description": "Local Egress is used on both server and client sites so that the gateway is used for N-S traffic and overhead on L2VPN tunnel is reduced.",
"id": "LocalEgress",
"module_id": "PolicyConnectivity",
"properties": {
"optimized_ips": {
"description": "Gateway IP for Local Egress. Local egress is enabled only when this list is not empty.",
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"title": "Gateway IP for Local Egress",
"type": "array"
}
},
"title": "Local Egress",
"type": "object"
}
LocalEgressRoutingEntry (type)
{
"additionalProperties": false,
"id": "LocalEgressRoutingEntry",
"module_id": "PolicyConnectivity",
"properties": {
"nexthop_address": {
"description": "Next hop address for proximity routing.",
"required": true,
"title": "Next hop address",
"type": "string"
},
"prefix_list_paths": {
"description": "The destination address of traffic matching a prefix-list is forwarded to the nexthop_address. Traffic matching a prefix list with Action DENY will be dropped. Individual prefix-lists specified could have different actions.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": true,
"title": "Policy path to prefix lists",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
}
},
"title": "Local egress routing policy",
"type": "object"
}
LocalSiteConfiguration (type)
{
"additionalProperties": false,
"description": "Local site with federation id and epoch.",
"id": "LocalSiteConfiguration",
"module_id": "SiteManagerModule",
"properties": {
"epoch": {
"required": true,
"title": "Epoch",
"type": "integer"
},
"id": {
"required": true,
"title": "Federation id",
"type": "string"
},
"site": {
"$ref": "FederationSite,
"required": true,
"title": "Site"
}
},
"title": "Local site information",
"type": "object"
}
LocalWorkloadsTransmittedReceivedBroadcastPackets (type)
{
"id": "LocalWorkloadsTransmittedReceivedBroadcastPackets",
"module_id": "ObservabilityCounters",
"properties": {
"broadcast_rxpps": {
"description": "Broadcast RX packet rate.",
"required": false,
"type": "number"
},
"broadcast_txpps": {
"description": "Broadcast TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
LocalWorkloadsTransmittedReceivedMulticastPackets (type)
{
"id": "LocalWorkloadsTransmittedReceivedMulticastPackets",
"module_id": "ObservabilityCounters",
"properties": {
"multicast_rxpps": {
"description": "Multicast RX packet rate.",
"required": false,
"type": "number"
},
"multicast_txpps": {
"description": "Multicast TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
LocalWorkloadsTransmittedReceivedPackets (type)
{
"id": "LocalWorkloadsTransmittedReceivedPackets",
"module_id": "ObservabilityCounters",
"properties": {
"vnic_rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"vnic_rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"vnic_rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"vnic_txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"vnic_txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"vnic_txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
LocaleServices (type)
{
"additionalProperties": false,
"description": "Site specific configuration of Tier0 in multi-site scenario",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LocaleServices",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildEvpnTunnelEndpointConfig",
"ChildPolicyMulticastConfig",
"ChildPolicyTier1MulticastConfig",
"ChildTier1Interface"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_profile_path": {
"description": "This profile is applied to all static route peers in this locale. BFD profile configured on static route peers takes precedence over global configuration. If this field is empty, a default profile is applied to all peers.",
"required": false,
"title": "Policy path of BFD profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LocaleServices"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "The reference to the edge cluster using the policy path of the edge cluster or label of type PolicyEdgeCluster. Auto assigned on Tier0 if the associated enforcement point has only one edge cluster. For Tier1 ACTIVE-ACTIVE, edge cluster can not be removed and Edge Cluster will be defaulted to edge cluster from connected Tier0.",
"required": false,
"title": "policy path of Edge cluster or label of type PolicyEdgeCluster.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LocaleServices"
],
"relationshipType": "_UNOPTIMIZED_RELATIONSHIP_",
"rightType": [
"PolicyEdgeCluster"
]
},
{
"leftType": [
"LocaleServices"
],
"relationshipType": "LOCALE_SERVICE_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"ha_vip_configs": {
"description": "This configuration can be defined only for Active-Standby Tier0 gateway to provide redundancy. For mulitple external interfaces, multiple HA VIP configs must be defined and each config will pair exactly two external interfaces. The VIP will move and will always be owned by the Active node. When this property is configured, configuration of dynamic-routing is not allowed.",
"items": {
"$ref": "Tier0HaVipConfig
},
"title": "Array of HA VIP Config.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Policy paths to edge nodes. For Tier1 gateway, the field is used to statically assign the ordered list of up to two edge nodes for stateful services. To enable auto allocation of nodes from the specified edge cluster the field must be left unset. The auto allocation of nodes is supported only for the Tier1 gateway. For Tier0 gateway specified edge is used as a preferred edge node when failover mode is set to PREEMPTIVE, not applicable otherwise.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "Edge node path",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_redistribution_config": {
"$ref": "Tier0RouteRedistributionConfig,
"description": "Configure all route redistribution properties like enable/disable redistributon, redistribution rule and so on.",
"required": false,
"title": "Route Redistribution configuration"
},
"route_redistribution_types": {
"deprecated": true,
"description": "Enable redistribution of different types of routes on Tier-0. This property is only valid for locale-service under Tier-0. This property is deprecated, please use \"route_redistribution_config\" property to configure redistribution rules.",
"items": {
"$ref": "Tier0RouteRedistributionTypes
},
"required": false,
"title": "Enable redistribution of different types of routes on Tier-0",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"gateway configuration"
],
"title": "Locale-services configuration",
"type": "object"
}
LocaleServicesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LocaleServicesListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LocaleServices
},
"required": true,
"title": "LocaleServices results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of LocaleServices",
"type": "object"
}
LoggingServiceProperties (type)
{
"additionalProperties": false,
"id": "LoggingServiceProperties",
"properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": true,
"title": "Service logging level",
"type": "string"
},
"modified_package_logging_levels": {
"required": false,
"title": "Modified package logging levels",
"type": "string"
},
"package_logging_level": {
"items": {
"$ref": "PackageLoggingLevels
},
"title": "Package logging levels",
"type": "array"
}
},
"title": "Service properties",
"type": "object"
}
LogicalConstructMigrationStats (type)
{
"description": "Contains migration related information about logical constructs",
"id": "LogicalConstructMigrationStats",
"module_id": "Migration",
"properties": {
"site_id": {
"description": "Federation site id.",
"readonly": true,
"required": false,
"title": "Federation site id",
"type": "string"
},
"source_count": {
"description": "Number of objects of source type.",
"readonly": true,
"required": false,
"title": "Number of objects of source type",
"type": "string"
},
"source_type": {
"description": "Type of the vSphere object (e.g. dvportgroup).",
"readonly": true,
"required": false,
"title": "Type of the vSphere object",
"type": "string"
},
"target_count": {
"description": "Number of objects of target type.",
"readonly": true,
"required": false,
"title": "Number of objects of target type",
"type": "string"
},
"target_type": {
"description": "Type of the Policy object corresponding to the source type (e.g. Segment).",
"readonly": true,
"required": false,
"title": "Type of the Policy object",
"type": "string"
},
"vertical": {
"description": "Functional area that this vSphere object falls into",
"readonly": true,
"required": false,
"title": "Functional area for the vSphere object",
"type": "string"
}
},
"title": "Migration Statistics for Logical Constructs",
"type": "object"
}
LogicalConstructMigrationStatsListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LogicalConstructMigrationStatsListRequestParameters",
"module_id": "Migration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_layer": {
"description": "Network layer for logical constructs phase. This field is mandatory in BYOT modes.",
"enum": [
"L2",
"L3_L7"
],
"readonly": false,
"required": false,
"title": "Network layer for logical constructs phase",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalConstructMigrationStatsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LogicalConstructMigrationStatsListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalConstructMigrationStats
},
"readonly": true,
"required": true,
"title": "Paged collection of migration stats for logical constructs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalDhcpServer (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Definition of a logical DHCP server which can be attached a logical switch via a logical port. Both ipv4_dhcp_server and ipv6_dhcp_server can be configured at the same time, or only configure either ipv4_dhcp_server or ipv6_dhcp_server.",
"extends": {
"$ref": "ManagedResource
},
"id": "LogicalDhcpServer",
"module_id": "Dhcp",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attached_logical_port_id": {
"description": "The uuid of the attached logical port. Read only.",
"readonly": true,
"required": false,
"title": "Id of attached logical port",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_profile_id": {
"description": "The DHCP profile uuid the logical DHCP server references.",
"required": true,
"title": "DHCP profile uuid",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipv4_dhcp_server": {
"$ref": "IPv4DhcpServer,
"description": "The DHCP server for ipv4 addresses allocation service.",
"required": false,
"title": "DHCP server for ipv4 addresses"
},
"ipv6_dhcp_server": {
"$ref": "IPv6DhcpServer,
"description": "The DHCP server for ipv6 addresses allocation service.",
"required": false,
"title": "DHCP server for ipv6 addresses"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Logical DHCP server",
"type": "object"
}
LogicalDhcpServerListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A paginated list of logical DHCP servers.",
"extends": {
"$ref": "ListResult
},
"id": "LogicalDhcpServerListResult",
"module_id": "Dhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of logical DHCP servers.",
"items": {
"$ref": "LogicalDhcpServer
},
"required": true,
"title": "Paginated list of DHCP servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "A list of logical DHCP servers",
"type": "object"
}
LogicalPort (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "LogicalPort",
"module_id": "LogicalPort",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"description": "Each address binding must contain both an IPElement and MAC address. VLAN ID is optional. This binding configuration can be used by features such as spoof-guard and overrides any discovered bindings. Any non unique entries are deduplicated to generate a unique set of address bindings and then stored. For IP addresses, a subnet address cannot have host bits set. A maximum of 128 unique address bindings is allowed per port.",
"items": {
"$ref": "PacketAddressClassifier
},
"maxItems": 512,
"minItems": 0,
"required": false,
"title": "Address bindings for logical port",
"type": "array"
},
"admin_state": {
"enum": [
"UP",
"DOWN"
],
"required": true,
"title": "Represents Desired state of the logical port",
"type": "string"
},
"attachment": {
"$ref": "LogicalPortAttachment,
"required": false,
"title": "Logical port attachment"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs. Logical port setting will override logical switch setting if the same key was set on both logical switch and logical port.",
"items": {
"$ref": "ExtraConfig
},
"required": false,
"title": "Extra configs on logical port",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_address_bindings": {
"description": "IP Discovery module uses various mechanisms to discover address bindings being used on each port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.",
"items": {
"$ref": "PacketAddressClassifier
},
"maxItems": 16,
"minItems": 0,
"required": false,
"title": "Address bindings to be ignored by IP Discovery module",
"type": "array"
},
"init_state": {
"$ref": "LogicalPortInitState,
"description": "Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation (POST), and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host.",
"required": false,
"title": "Initial state of this logical ports"
},
"internal_id": {
"description": "The internal_id of the logical port may or may not be identical to it's managed resource ID. If a VirtualMachine connected to logical port migrates from one site to another, then on the destination site, it will be connected to different logical port managed resource. However, the internal_id field will be persisted across vmotion.",
"required": false,
"title": "ID of the logical port in Global Manager",
"type": "string"
},
"logical_switch_id": {
"required": true,
"title": "Id of the Logical switch that this port belongs to.",
"type": "string"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source distributed virtual port and the corresponding distributed virtual switch. This ID is populated only for logical ports that belong to a logical switch of type DVPG.",
"readonly": true,
"required": false,
"title": "ID of the distributed virtual port and the distributed virtual switch in the source vCenter",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"switching_profile_ids": {
"items": {
"$ref": "SwitchingProfileTypeIdEntry
},
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LogicalPortAttachment (type) (Deprecated)
{
"deprecated": true,
"id": "LogicalPortAttachment",
"module_id": "LogicalPort",
"properties": {
"attachment_type": {
"$ref": "AttachmentType,
"default": "VIF",
"description": "Indicates the type of logical port attachment. By default it is Virtual Machine interface (VIF)",
"required": false,
"title": "Type of attachment for logical port"
},
"context": {
"$ref": "AttachmentContext,
"description": "Extra context data for the attachment",
"required": false,
"title": "Attachment context"
},
"id": {
"required": true,
"title": "Identifier of the interface attached to the logical port",
"type": "string"
}
},
"title": "Logical port attachment",
"type": "object"
}
LogicalPortAttachmentState (type) (Deprecated)
{
"deprecated": true,
"id": "LogicalPortAttachmentState",
"module_id": "LogicalPort",
"properties": {
"attachers": {
"items": {
"$ref": "PortAttacher
},
"readonly": true,
"required": false,
"title": "VM or vmknic entities that are attached to the LogicalPort",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "VIF ID",
"type": "string"
},
"state": {
"description": "A logicalPort must be in one of following state. FREE - If there are no active attachers. The LogicalPort may or may not have an attachment ID configured on it. This state is applicable only to LogialPort of static type. ATTACHED - LogicalPort has exactly one active attacher and no further configuration is pending. ATTACHED_PENDING_CONF - LogicalPort has exactly one attacher, however it may not have been configured completely. Additional configuration will be provided by other nsx components. ATTACHED_IN_MOTION - LogicalPort has multiple active attachers. This state represents a scenario where VM is moving from one location (host or storage) to another (e.g. vmotion, vSphere HA) DETACHED - A temporary state after all LogialPort attachers have been detached. This state is applicable only to LogicalPort of ephemeral type and the LogicalPort will soon be deleted.",
"enum": [
"FREE",
"ATTACHED",
"ATTACHED_PENDING_CONF",
"ATTACHED_IN_MOTION",
"DETACHED"
],
"readonly": true,
"required": true,
"title": "State of the VIF attached to LogicalPort",
"type": "string"
}
},
"title": "VIF attachment state of a logical port",
"type": "object"
}
LogicalPortDeleteParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LogicalPortDeleteParameters",
"module_id": "LogicalPort",
"properties": {
"detach": {
"default": false,
"description": "If this is set to true, then logical port is deleted regardless of whether it has attachments, or it is added to any NSGroup.",
"required": false,
"title": "force delete even if attached or referenced by a group",
"type": "boolean"
}
},
"type": "object"
}
LogicalPortInitState (type) (Deprecated)
{
"deprecated": true,
"enum": [
"UNBLOCKED_VLAN",
"RESTORE_VIF"
],
"id": "LogicalPortInitState",
"module_id": "LogicalPort",
"title": "Supported initial state of logical port",
"type": "string"
}
LogicalPortListParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LogicalPortListParameters",
"module_id": "LogicalPort",
"properties": {
"attachment_id": {
"required": false,
"title": "Logical Port attachment Id",
"type": "string"
},
"attachment_type": {
"$ref": "AttachmentTypeQueryString,
"required": false,
"title": "Type of attachment for logical port; NONE means no attachment."
},
"bridge_cluster_id": {
"required": false,
"title": "Bridge Cluster identifier",
"type": "string"
},
"container_ports_only": {
"default": false,
"required": false,
"title": "Only container VIF logical ports will be returned if true",
"type": "boolean"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"diagnostic": {
"default": false,
"required": false,
"title": "Flag to enable showing of transit logical port.",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_switch_id": {
"required": false,
"title": "Logical Switch identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"parent_vif_id": {
"description": "Get logical ports that have CHILD VIF attachment of given PARENT VIF.",
"required": false,
"title": "ID of the VIF of type PARENT",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"switching_profile_id": {
"required": false,
"title": "Network Profile identifier",
"type": "string"
},
"transport_node_id": {
"description": "Get logical ports on the transport node; it can not be given together with other parameters except container_ports_only and attachment_type VIF.",
"required": false,
"title": "Transport node identifier",
"type": "string"
},
"transport_zone_id": {
"required": false,
"title": "Transport zone identifier",
"type": "string"
}
},
"title": "Logical port list parameters",
"type": "object"
}
LogicalPortListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LogicalPortListResult",
"module_id": "LogicalPort",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalPort
},
"readonly": true,
"title": "LogicalPort Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Logical port queries result",
"type": "object"
}
LogicalPortListWithSourceParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LogicalPortListParameters
},
"id": "LogicalPortListWithSourceParameters",
"module_id": "AggSvcLogicalPort",
"properties": {
"attachment_id": {
"required": false,
"title": "Logical Port attachment Id",
"type": "string"
},
"attachment_type": {
"$ref": "AttachmentTypeQueryString,
"required": false,
"title": "Type of attachment for logical port; NONE means no attachment."
},
"bridge_cluster_id": {
"required": false,
"title": "Bridge Cluster identifier",
"type": "string"
},
"container_ports_only": {
"default": false,
"required": false,
"title": "Only container VIF logical ports will be returned if true",
"type": "boolean"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"diagnostic": {
"default": false,
"required": false,
"title": "Flag to enable showing of transit logical port.",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_switch_id": {
"required": false,
"title": "Logical Switch identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"parent_vif_id": {
"description": "Get logical ports that have CHILD VIF attachment of given PARENT VIF.",
"required": false,
"title": "ID of the VIF of type PARENT",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"switching_profile_id": {
"required": false,
"title": "Network Profile identifier",
"type": "string"
},
"transport_node_id": {
"description": "Get logical ports on the transport node; it can not be given together with other parameters except container_ports_only and attachment_type VIF.",
"required": false,
"title": "Transport node identifier",
"type": "string"
},
"transport_zone_id": {
"required": false,
"title": "Transport zone identifier",
"type": "string"
}
},
"title": "Logical Port list with data source parameters",
"type": "object"
}
LogicalPortMacAddressCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "LogicalPortMacAddressCsvListResult",
"module_id": "AggSvcLogicalPort",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "LogicalPortMacTableCsvEntry
},
"required": false,
"type": "array"
}
},
"type": "object"
}
LogicalPortMacAddressListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LogicalPortMacAddressListResult",
"module_id": "AggSvcLogicalPort",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalPortMacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
LogicalPortMacTableCsvEntry (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "LogicalPortMacTableCsvEntry",
"module_id": "AggSvcLogicalPort",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
LogicalPortMacTableEntry (type)
{
"id": "LogicalPortMacTableEntry",
"module_id": "AggSvcLogicalPort",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
LogicalPortMirrorDestination (type)
{
"extends": {
"$ref": "MirrorDestination
},
"id": "LogicalPortMirrorDestination",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalPortMirrorDestination"
},
"properties": {
"port_ids": {
"items": {
"type": "string"
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Destination logical port identifier list.",
"type": "array"
},
"resource_type": {
"$ref": "MirrorDestinationResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorDestination'",
"required": true
}
},
"type": "object"
}
LogicalPortMirrorSource (type)
{
"extends": {
"$ref": "MirrorSource
},
"id": "LogicalPortMirrorSource",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalPortMirrorSource"
},
"properties": {
"port_ids": {
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Source logical port identifier list",
"type": "array"
},
"resource_type": {
"$ref": "MirrorSourceResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'",
"required": true
}
},
"type": "object"
}
LogicalPortOperationalStatus (type)
{
"id": "LogicalPortOperationalStatus",
"module_id": "AggSvcLogicalPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"required": true,
"title": "The Operational status of the logical port",
"type": "string"
}
},
"type": "object"
}
LogicalPortState (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contians realized state of the logical port. For example, transport node on which the port is located, discovered and realized address bindings of the logical port.",
"id": "LogicalPortState",
"module_id": "LogicalPort",
"properties": {
"attachment": {
"$ref": "LogicalPortAttachmentState,
"readonly": true,
"required": false,
"title": "Logical port attachment state"
},
"discovered_bindings": {
"description": "Contains the list of address bindings for a logical port that were automatically dicovered using various snooping methods like ARP, DHCP etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Logical port bindings discovered automatically",
"type": "array"
},
"duplicate_bindings": {
"description": "If any address binding discovered on the port is also found on other port on the same logical switch, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts.",
"items": {
"$ref": "DuplicateAddressBindingEntry
},
"title": "Duplicate logical port address bindings",
"type": "array"
},
"id": {
"required": true,
"title": "Id of the logical port",
"type": "string"
},
"realized_bindings": {
"description": "List of logical port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Realized logical port bindings",
"type": "array"
},
"transport_node_ids": {
"items": {
"type": "string"
},
"required": false,
"title": "Identifiers of the transport node where the port is located",
"type": "array"
}
},
"title": "Realized state of the logical port.",
"type": "object"
}
LogicalPortStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounterEx
},
"id": "LogicalPortStatistics",
"module_id": "AggSvcLogicalPort",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalPortStatusSummary (type)
{
"id": "LogicalPortStatusSummary",
"module_id": "AggSvcLogicalPort",
"properties": {
"filters": {
"items": {
"$ref": "Filter
},
"required": false,
"title": "The filters used to find the logical ports- TransportZone id, LogicalSwitch id or LogicalSwitchProfile id",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"total_ports": {
"required": true,
"title": "The total number of logical ports.",
"type": "integer"
},
"up_ports": {
"required": true,
"title": "The number of logical ports whose Operational status is UP",
"type": "integer"
}
},
"type": "object"
}
LogicalRouter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LogicalRouter",
"module_id": "LogicalRouter",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "LogicalRouterConfig,
"description": "Contains config properties for tier0 routers",
"required": false,
"title": "Logical Router Configuration"
},
"allocation_profile": {
"$ref": "EdgeClusterMemberAllocationProfile,
"description": "Configurations options to auto allocate edge cluster members for logical router. Auto allocation is supported only for TIER1 and pick least utilized member post current assignment for next allocation.",
"required": false,
"title": "Edge Cluster Member Allocation Profile"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"description": "Used for tier0 routers",
"required": false,
"title": "Identifier of the edge cluster for this Logical Router",
"type": "string"
},
"edge_cluster_member_indices": {
"description": "For stateful services, the logical router should be associated with edge cluster. For TIER 1 logical router, for manual placement of service router within the cluster, edge cluster member indices needs to be provided else same will be auto-allocated. You can provide maximum two indices for HA ACTIVE_STANDBY. For TIER0 logical router this property is no use and placement is derived from logical router uplink or loopback port.",
"items": {
"type": "integer"
},
"required": false,
"title": "Member indices of the edge node on the cluster",
"type": "array"
},
"failover_mode": {
"description": "Determines the behavior when a logical router instance restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property must not be populated unless the high_availability_mode property is set to ACTIVE_STANDBY. If high_availability_mode property is set to ACTIVE_STANDBY and this property is not specified then default will be NON_PREEMPTIVE.",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode for active-standby logical router instances.",
"type": "string"
},
"firewall_sections": {
"description": "List of Firewall sections related to Logical Router.",
"items": {
"$ref": "ResourceReference
},
"readonly": true,
"required": false,
"title": "LR Firewall Section References",
"type": "array"
},
"high_availability_mode": {
"enum": [
"ACTIVE_ACTIVE",
"ACTIVE_STANDBY"
],
"required": false,
"title": "High availability mode",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipv6_profiles": {
"$ref": "IPv6Profiles,
"description": "IPv6Profiles captures IPv6 NDRA Profile and DAD Profile id associated with the logical router.",
"required": false,
"title": "IPv6 Profiles"
},
"preferred_edge_cluster_member_index": {
"description": "Preferred edge cluster member index which is required for PREEMPTIVE failover mode. Used for Tier0 routers only.",
"minimum": 0,
"required": false,
"title": "Preferred edge cluster member index",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"router_type": {
"description": "TIER0 for external connectivity. TIER1 for two tier topology with TIER0 on top. VRF for isolation of routing table on TIER0.",
"enum": [
"TIER0",
"TIER1",
"VRF"
],
"required": true,
"title": "Type of Logical Router",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LogicalRouterCentralizedServicePort (type)
{
"additionalProperties": false,
"description": "This port can be configured on both TIER0 and TIER1 logical router. Port can be connected to VLAN or overlay logical switch. Unlike downlink port it does not participate in distributed routing and hosted on all edge cluster members associated with logical router. Stateful services can be applied on this port.",
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterCentralizedServicePort",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterCentralizedServicePort"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_netx": {
"default": false,
"required": false,
"title": "Port is exclusively used for N-S service insertion",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"linked_logical_switch_port_id": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference to the logical switch port to connect to"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"mtu": {
"description": "Maximum transmission unit specifies the size of the largest packet that a network protocol can transmit. If not specified, the global logical MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be used.",
"minimum": 64,
"title": "Maximum transmission unit (MTU)",
"type": "integer"
},
"ndra_profile_id": {
"description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.",
"required": false,
"title": "Identifier for NDRA profile on the port",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"minItems": 1,
"required": false,
"title": "Logical router port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"urpf_mode": {
"$ref": "UrpfMode,
"default": "STRICT",
"required": false,
"title": "Unicast Reverse Path Forwarding mode"
}
},
"title": "Port to connect VLAN based network or overlay logical switch",
"type": "object"
}
LogicalRouterConfig (type)
{
"additionalProperties": false,
"description": "Logical router configuration parameters.",
"id": "LogicalRouterConfig",
"module_id": "LogicalRouter",
"properties": {
"external_transit_networks": {
"description": "CIDR block defining addresses for Tier0 to Tier1 links. If the value for this field is not provided, then it will be considered as default IPv4 CIDR \"100.64.0.0/16\"",
"items": {
"$ref": "IPCIDRBlock
},
"required": false,
"title": "CIDR block defining Tier0 to Tier1 links",
"type": "array"
},
"ha_vip_configs": {
"description": "This configuration can be defined only for Active-Standby LogicalRouter to provide | redundancy. For mulitple uplink ports, multiple HaVipConfigs must be defined | and each config will pair exactly two uplink ports. The VIP will move and will | always be owned by the Active node. Note - when HaVipConfig[s] are defined, | configuring dynamic-routing is disallowed.",
"items": {
"$ref": "HaVipConfig
},
"required": false,
"title": "Array of HA VIP Config.",
"type": "array"
},
"internal_transit_network": {
"$ref": "IPv4CIDRBlock,
"description": "CIDR block defining service router to distributed router links. If the value for this field is not provided, then it will be considered as default IPv4 CIDR- \"169.254.0.0/28\" for logical router with ACTIVE_STANDBY HA mode \"169.254.0.0/24\" for logical router with ACTIVE_ACTIVE HA mode",
"required": false,
"title": "CIDR block defining SR to DR links"
},
"transport_zone_id": {
"description": "Transport zone of the logical router. If specified then all downlink switches should belong to this transport zone and an error will be thrown if transport zone of the downlink switch doesn't match with this transport zone. All internal and external transit switches will be created in this transport zone.",
"required": false,
"title": "Transport Zone Identifier",
"type": "string"
}
},
"title": "Logical router config",
"type": "object"
}
LogicalRouterDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "LogicalRouterDeleteRequestParameters",
"module_id": "LogicalRouter",
"properties": {
"cascade_delete_linked_ports": {
"default": false,
"description": "When the flag is true, connected logical switch ports which are associated | with the logical router ports will be deleted. Additionally, for Tier1 LR, the associated | Tier 0 router link port will also be deleted. Note that this flag is active only when \"force\" | parameter is also set to true.",
"required": false,
"title": "Flag to specify whether to delete related logical switch ports",
"type": "boolean"
},
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "LogicalRouter delete request parameters",
"type": "object"
}
LogicalRouterDownLinkPort (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterDownLinkPort",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterDownLinkPort"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_multicast": {
"description": "If this flag is set to true - it will enable multicast on the downlink interface. If this flag is set to false - it will disable multicast on the downlink interface. This is supported only on Tier0 downlinks. Default value for Tier0 downlink will be true.",
"title": "Flag to enable/disable Multicast",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"linked_logical_switch_port_id": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference to the logical switch port to connect to"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"mac_address": {
"description": "MAC address",
"readonly": true,
"required": false,
"title": "MAC address",
"type": "string"
},
"ndra_prefix_config": {
"description": "Configuration to override the neighbor discovery router advertisement prefix time parameters at the subnet level. Note that users are allowed to override the prefix time only for IPv6 subnets which are configured on the port.",
"items": {
"$ref": "NDRAPrefixConfig
},
"required": false,
"type": "array"
},
"ndra_profile_id": {
"description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.",
"required": false,
"title": "Identifier for NDRA profile on the port",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"routing_policies": {
"description": "Routing policies used to specify how the traffic, which matches the policy routes, will be processed.",
"items": {
"$ref": "RoutingPolicy
},
"maxItems": 1,
"required": false,
"title": "Routing policies",
"type": "array"
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"minItems": 1,
"required": true,
"title": "Logical router port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"urpf_mode": {
"$ref": "UrpfMode,
"default": "STRICT",
"required": false,
"title": "Unicast Reverse Path Forwarding mode"
}
},
"type": "object"
}
LogicalRouterFIBListRequestParameters (type)
{
"additionalProperties": false,
"description": "Filter parameters for filtering routes from FIB depending on provided properties.",
"extends": {
"$ref": "ListByRequiredNodeIdParameters
},
"id": "LogicalRouterFIBListRequestParameters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"component_type": {
"description": "Component type define to take the route from CCP.",
"enum": [
"DR_ROUTES"
],
"title": "Define the DR routes",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_prefix": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address to filter the the FIB table.",
"required": false,
"title": "Network address filter parameter"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Logical Router FIB List Request Parameters\n",
"type": "object"
}
LogicalRouterFIBRequestParameters (type)
{
"additionalProperties": false,
"description": "Filter parameters for filtering routes from FIB depending on provided properties.",
"extends": {
"$ref": "RequiredTransportNodeIdParameters
},
"id": "LogicalRouterFIBRequestParameters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"component_type": {
"description": "Component type define to take the route from CCP.",
"enum": [
"DR_ROUTES"
],
"title": "Define the DR routes",
"type": "string"
},
"network_prefix": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address to filter the the FIB table.",
"required": false,
"title": "Network address filter parameter"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Logical Router FIB Request Parameters",
"type": "object"
}
LogicalRouterGreTunnelPort (type)
{
"additionalProperties": false,
"description": "Logical router GRE tunnel port.",
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterGreTunnelPort",
"module_id": "LogicalRouterPorts",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Logical router GRE tunnel port",
"type": "object"
}
LogicalRouterHaHistory (type)
{
"id": "LogicalRouterHaHistory",
"properties": {
"event": {
"description": "Logical router HA event that triggered state change",
"readonly": true,
"title": "Logical router HA event that triggered state change",
"type": "string"
},
"event_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Time in UTC when the last HA event occured",
"readonly": true,
"title": "Time in UTC when the last HA event occured"
},
"state": {
"description": "Logical router HA state DOWN - Logical router is not in good health SYNC - Logical router is synchronizing data from peer logical router STANDBY - Logical router is available to go Active ACTIVE - Logical router is forwarding traffic",
"enum": [
"DOWN",
"SYNC",
"STANDBY",
"ACTIVE"
],
"readonly": true,
"title": "Logical router HA state",
"type": "string"
}
},
"type": "object"
}
LogicalRouterIPTunnelPort (type)
{
"additionalProperties": false,
"description": "Logical router IP tunnel port.",
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterIPTunnelPort",
"module_id": "LogicalRouterPorts",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_state": {
"description": "Admin state of port.",
"enum": [
"UP",
"DOWN"
],
"readonly": true,
"title": "Admin state of port",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"description": "Tunnel port subnets.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 1,
"minItems": 1,
"readonly": true,
"required": true,
"title": "Tunnel port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vpn_session_id": {
"description": "Associated VPN session identifier.",
"readonly": true,
"title": "VPN session identifier",
"type": "string"
}
},
"title": "Logical router IP tunnel port",
"type": "object"
}
LogicalRouterLinkPortOnTIER0 (type)
{
"additionalProperties": false,
"description": "This port can be configured only on a TIER0 LogicalRouter. Create an empty port to generate an id. Use this id in the linked_logical_router_port_id on LogicalRouterLinkPortOnTIER1 on TIER1 logical router.",
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterLinkPortOnTIER0",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterLinkPortOnTIER0"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"linked_logical_router_port_id": {
"description": "Identifier of connected LogicalRouterLinkPortOnTIER1 of TIER1 logical router",
"readonly": true,
"required": false,
"title": "Identifier of connected LogicalRouterLinkPortOnTIER1",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"mac_address": {
"description": "MAC address",
"readonly": true,
"required": false,
"title": "MAC address",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"readonly": true,
"required": false,
"title": "Logical router port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Port to connect the LogicalRouterLinkPortOnTIER1 of TIER1 logical router to",
"type": "object"
}
LogicalRouterLinkPortOnTIER1 (type)
{
"additionalProperties": false,
"description": "This port can be configured only on a TIER1 LogicalRouter. Use the id of the LogicalRouterLinkPortOnTIER0 from TIER0 logical router to set the linked_logical_router_port_id on the port on TIER1 logical router.",
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterLinkPortOnTIER1",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterLinkPortOnTIER1"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_member_index": {
"deprecated": true,
"description": "Please use logical router API to pass edge cluster members indexes manually.",
"items": {
"type": "integer"
},
"required": false,
"title": "Member index of the edge node on the cluster",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"linked_logical_router_port_id": {
"$ref": "ResourceReference,
"description": "Reference of LogicalRouterLinkPortOnTIER0 of TIER0 logical router to connect this TIER1 logical router outwards.",
"required": false,
"title": "Reference of TIER0 port to connect the TIER1 to."
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"mac_address": {
"description": "MAC address",
"readonly": true,
"required": false,
"title": "MAC address",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"readonly": true,
"required": false,
"title": "Logical router port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Port to connect the TIER1 logical router to TIER0 logical router",
"type": "object"
}
LogicalRouterListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LogicalRouterListParameters",
"module_id": "LogicalRouter",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"router_type": {
"enum": [
"TIER0",
"TIER1",
"VRF"
],
"required": false,
"title": "Type of Logical Router",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vrfs_on_logical_router_id": {
"required": false,
"title": "List all VRFs on the specified logical router.",
"type": "string"
}
},
"title": "Logical Router list parameters",
"type": "object"
}
LogicalRouterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LogicalRouterListResult",
"module_id": "LogicalRouter",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalRouter
},
"required": true,
"title": "Logical router list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalRouterLoopbackPort (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterLoopbackPort",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterLoopbackPort"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_member_index": {
"items": {
"type": "integer"
},
"required": true,
"title": "Member index of the edge node on the cluster",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"minItems": 1,
"required": true,
"title": "Loopback port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LogicalRouterPort (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "LogicalRouterPort",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
LogicalRouterPortArpCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "LogicalRouterPortArpCsvRecord",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
LogicalRouterPortArpEntry (type)
{
"id": "LogicalRouterPortArpEntry",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
LogicalRouterPortArpTable (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LogicalRouterPortArpTable",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalRouterPortArpEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalRouterPortArpTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "LogicalRouterPortArpTableInCsvFormat",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"results": {
"items": {
"$ref": "LogicalRouterPortArpCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
LogicalRouterPortCounters (type)
{
"id": "LogicalRouterPortCounters",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"blocked_packets": {
"description": "The total number of packets blocked.",
"required": false,
"title": "The number of blocked packets",
"type": "integer"
},
"dad_dropped_packets": {
"description": "Number of duplicate address detected packets dropped.",
"required": false,
"title": "The number of duplicate address detected packets dropped",
"type": "integer"
},
"destination_unsupported_dropped_packets": {
"description": "Number of packtes dropped as destination is not supported.",
"required": false,
"title": "The number of destination unsupported packets dropped",
"type": "integer"
},
"dropped_packets": {
"description": "The total number of packets dropped.",
"required": false,
"title": "The number of dropped packets",
"type": "integer"
},
"firewall_dropped_packets": {
"description": "Number of firewall packets dropped.",
"required": false,
"title": "The number of firewall packets dropped",
"type": "integer"
},
"frag_needed_dropped_packets": {
"description": "Number of fragmentation needed packets dropped.",
"required": false,
"title": "The number of fragmentation needed packets dropped",
"type": "integer"
},
"ipsec_dropped_packets": {
"description": "Number of IPSec packets dropped",
"required": false,
"title": "The number of IPSec packets dropped",
"type": "integer"
},
"ipsec_no_sa_dropped_packets": {
"description": "Number of IPSec no security association packets dropped.",
"required": false,
"title": "The number of IPSec no security association packets dropped",
"type": "integer"
},
"ipsec_no_vti_dropped_packets": {
"description": "Number of IPSec packets dropped as no VTI is present.",
"required": false,
"title": "The number of IPSec no VTI packets dropped",
"type": "integer"
},
"ipsec_pol_block_dropped_packets": {
"description": "Number of IPSec policy block packets dropped.",
"required": false,
"title": "The number of IPSec policy block packets dropped",
"type": "integer"
},
"ipsec_pol_err_dropped_packets": {
"description": "Number of IPSec policy error packets dropped.",
"required": false,
"title": "The number of IPSec policy error packets dropped",
"type": "integer"
},
"ipv6_dropped_packets": {
"description": "Number of IPV6 packets dropped.",
"required": false,
"title": "The number of IPV6 packets dropped",
"type": "integer"
},
"kni_dropped_packets": {
"description": "Number of DPDK kernal NIC interface packets dropped.",
"required": false,
"title": "The number of kernal NIC interface packets dropped",
"type": "integer"
},
"l4port_unsupported_dropped_packets": {
"description": "Number of packets dropped due to unsupported L4 port.",
"required": false,
"title": "The number of L4 port unsupported packets dropped",
"type": "integer"
},
"malformed_dropped_packets": {
"description": "Number of packtes dropped as they are malformed.",
"required": false,
"title": "The number of malformed packets dropped",
"type": "integer"
},
"no_arp_dropped_packets": {
"description": "Number of no ARP packets dropped.",
"required": false,
"title": "The number of no ARP packets dropped",
"type": "integer"
},
"no_linked_dropped_packets": {
"description": "Number of packets dropped as no linked ports are present.",
"required": false,
"title": "The number of no linked packets dropped",
"type": "integer"
},
"no_mem_dropped_packets": {
"description": "Number of packets dropped due to insufficient memory.",
"required": false,
"title": "The number of no memory packets dropped",
"type": "integer"
},
"no_receiver_dropped_packets": {
"description": "Number of packets dropped due to absence of receiver.",
"required": false,
"title": "The number of no receiver packets dropped",
"type": "integer"
},
"no_route_dropped_packets": {
"desrciption": "Number of packets dropped due to absence of routes.",
"required": false,
"title": "The number of no route packets dropped",
"type": "integer"
},
"non_ip_dropped_packets": {
"description": "Number of non IP packets dropped.",
"required": false,
"title": "The number of non IP packets dropped",
"type": "integer"
},
"proto_unsupported_dropped_packets": {
"description": "Number of packets dropped as protocol is unsupported.",
"required": false,
"title": "The number of protocol unsupported packets dropped",
"type": "integer"
},
"redirect_dropped_packets": {
"description": "Number of redirect packets dropped.",
"required": false,
"title": "The number of redirect packets dropped",
"type": "integer"
},
"rpf_check_dropped_packets": {
"description": "Number of reverse-path forwarding check packets dropped.",
"required": false,
"title": "The number of reverse-path forwarding check packets dropped",
"type": "integer"
},
"service_insert_dropped_packets": {
"description": "Number of service insert packets dropped.",
"required": false,
"title": "The number of service insert packets dropped",
"type": "integer"
},
"total_bytes": {
"description": "The total number of bytes transferred.",
"required": false,
"title": "The total number of bytes",
"type": "integer"
},
"total_packets": {
"description": "The total number of packets transferred.",
"required": false,
"title": "The total number of packets",
"type": "integer"
},
"ttl_exceeded_dropped_packets": {
"description": "Number of time to live exceeded packets dropped.",
"required": false,
"title": "The number of time to live exceeded packets dropped",
"type": "integer"
}
},
"type": "object"
}
LogicalRouterPortDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "LogicalRouterPortDeleteRequestParameters",
"module_id": "LogicalRouterPorts",
"properties": {
"cascade_delete_linked_ports": {
"default": false,
"description": "When the flag is true, the logical switch port or T0 router link port | associated with this logical router port is also deleted. This flag works independent | of the \"force\" parameter sent in request.",
"required": false,
"title": "Flag to specify whether to delete related logical switch ports",
"type": "boolean"
},
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "LogicalRouterPort delete request parameters",
"type": "object"
}
LogicalRouterPortListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LogicalRouterPortListResult",
"module_id": "LogicalRouterPorts",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalRouterPort
},
"required": true,
"title": "Logical router port list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalRouterPortResourceType (type)
{
"additionalProperties": false,
"description": "LogicalRouterUpLinkPort is allowed only on TIER0 logical router. It is the north facing port of the logical router. LogicalRouterLinkPortOnTIER0 is allowed only on TIER0 logical router. This is the port where the LogicalRouterLinkPortOnTIER1 of TIER1 logical router connects to. LogicalRouterLinkPortOnTIER1 is allowed only on TIER1 logical router. This is the port using which the user connected to TIER1 logical router for upwards connectivity via TIER0 logical router. Connect this port to the LogicalRouterLinkPortOnTIER0 of the TIER0 logical router. LogicalRouterDownLinkPort is for the connected subnets on the logical router. LogicalRouterLoopbackPort is a loopback port for logical router component which is placed on chosen edge cluster member. LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on logical router when route based VPN session configured. LogicalRouterCentralizedServicePort is allowed only on Active/Standby TIER0 and TIER1 logical router. Port can be connected to VLAN or overlay logical switch. Unlike downlink port it does not participate in distributed routing and hosted on all edge cluster members associated with logical router. Stateful services can be applied on this port. LogicalRouterGreTunnelPort is a GRE Tunnel Port and is allowed only on Tier0 logical router and VRF.",
"enum": [
"LogicalRouterUpLinkPort",
"LogicalRouterDownLinkPort",
"LogicalRouterLinkPortOnTIER0",
"LogicalRouterLinkPortOnTIER1",
"LogicalRouterLoopbackPort",
"LogicalRouterIPTunnelPort",
"LogicalRouterCentralizedServicePort",
"LogicalRouterGreTunnelPort"
],
"id": "LogicalRouterPortResourceType",
"module_id": "LogicalRouterPorts",
"title": "Resource types of logical router port",
"type": "string"
}
LogicalRouterPortState (type)
{
"additionalProperties": false,
"description": "This holds the state of Logical Router Port. If there are errors in realizing LRP outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "LogicalRouterPortState",
"module_id": "LogicalRouterPorts",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"ipv6_dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the port.",
"items": {
"$ref": "IPv6DADStatus
},
"readonly": true,
"title": "DAD Status",
"type": "array"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Logical Router Port.",
"type": "object"
}
LogicalRouterPortStatistics (type)
{
"id": "LogicalRouterPortStatistics",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"per_node_statistics": {
"additionalProperties": false,
"items": {
"$ref": "LogicalRouterPortStatisticsPerNode
},
"readonly": true,
"required": false,
"title": "Per Node Statistics",
"type": "array"
}
},
"type": "object"
}
LogicalRouterPortStatisticsPerNode (type)
{
"extends": {
"$ref": "AggregatedLogicalRouterPortCounters
},
"id": "LogicalRouterPortStatisticsPerNode",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"sub_cluster_id": {
"description": "The subcluster ID of logical router port. Active-Active service router cluster forms pariwise sub cluster of nodes and syncs states among them.",
"readonly": true,
"required": false,
"title": "The ID of the Pairwise subcluster in Active-Active service router cluster",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "The ID of the TransportNode",
"type": "string"
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalRouterPortStatisticsSummary (type)
{
"extends": {
"$ref": "AggregatedLogicalRouterPortCounters
},
"id": "LogicalRouterPortStatisticsSummary",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalRouterPortsListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LogicalRouterPortsListParameters",
"module_id": "LogicalRouterPorts",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"logical_router_id": {
"required": false,
"title": "Logical Router identifier",
"type": "string"
},
"logical_switch_id": {
"required": false,
"title": "Logical Switch identifier",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": false,
"title": "Resource Type"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Logical Router Ports list parameters",
"type": "object"
}
LogicalRouterRIBListRequestParameters (type)
{
"additionalProperties": false,
"description": "Filter parameters for filtering routes from RIB depending on provided properties",
"extends": {
"$ref": "ListByRequiredNodeIdParameters
},
"id": "LogicalRouterRIBListRequestParameters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_prefix": {
"$ref": "IPAddressOrCIDRBlock,
"description": "IPaddress or CIDR network address to filter the RIB table.",
"required": false,
"title": "Network address filter parameter"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"route_source": {
"description": "To filter the RIB table based on the source from which route is learned.",
"enum": [
"BGP",
"STATIC",
"CONNECTED",
"OSPF"
],
"title": "Route source filter parameter",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
},
"vrf_table": {
"description": "To filter RIB table depending on the parameters specified (not specified - empty) - get all routes DEFAULT - get entries from default VRF INTER_SR - get entries from inter SR VRF",
"enum": [
"DEFAULT",
"INTER_SR"
],
"required": false,
"title": "VRF filter parameter",
"type": "string"
}
},
"title": "Logical Router RIB List Request Parameters\n",
"type": "object"
}
LogicalRouterRIBRequestParameters (type)
{
"additionalProperties": false,
"description": "Filter parameters for filtering routes from RIB depending on provided properties.",
"extends": {
"$ref": "RequiredTransportNodeIdParameters
},
"id": "LogicalRouterRIBRequestParameters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"network_prefix": {
"$ref": "IPAddressOrCIDRBlock,
"description": "IPAddress or CIDR network address to filter the the RIB table",
"required": false,
"title": "Network address filter parameter"
},
"route_source": {
"description": "To filter the RIB table based on the source from which route is learned.",
"enum": [
"BGP",
"STATIC",
"CONNECTED",
"OSPF"
],
"required": false,
"title": "Route source filter parameter",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
},
"vrf_table": {
"description": "To filter RIB table depending on the parameters specified (not specified - empty) - get all routes DEFAULT - get entries from default VRF INTER_SR - get entries from inter SR VRF",
"enum": [
"DEFAULT",
"INTER_SR"
],
"required": false,
"title": "VRF filter parameter",
"type": "string"
}
},
"title": "Logical Router RIB Request Parameters",
"type": "object"
}
LogicalRouterRouteCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "LogicalRouterRouteCsvRecord",
"module_id": "AggSvcLogicalRouter",
"properties": {
"admin_distance": {
"required": false,
"title": "The admin distance of the next hop",
"type": "integer"
},
"logical_router_port_id": {
"required": false,
"title": "The id of the logical router port which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"required": false,
"title": "The IP of the next hop"
},
"route_type": {
"required": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"type": "object"
}
LogicalRouterRouteEntry (type)
{
"id": "LogicalRouterRouteEntry",
"module_id": "AggSvcLogicalRouter",
"properties": {
"admin_distance": {
"required": false,
"title": "The admin distance of the next hop",
"type": "integer"
},
"black_hole": {
"readonly": true,
"required": false,
"title": "Value of this field will be true if given routes are null routes",
"type": "boolean"
},
"logical_router_port_id": {
"required": false,
"title": "The id of the logical router port which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"required": false,
"title": "The IP address of the next hop"
},
"next_hop_gateway": {
"required": false,
"title": "Next hop gateway path",
"type": "string"
},
"route_type": {
"required": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"type": "object"
}
LogicalRouterRouteTable (type)
{
"extends": {
"$ref": "ListResult
},
"id": "LogicalRouterRouteTable",
"module_id": "AggSvcLogicalRouter",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_router_id": {
"required": true,
"title": "The id of the logical router",
"type": "string"
},
"logical_router_name": {
"readonly": true,
"required": false,
"title": "Name of the logical router",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalRouterRouteEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
LogicalRouterRouteTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "LogicalRouterRouteTableInCsvFormat",
"module_id": "AggSvcLogicalRouter",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "LogicalRouterRouteCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
LogicalRouterState (type)
{
"description": "This holds the state of Logical Router. If there are errors in realizing LR outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "LogicalRouterState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Logical Router.",
"type": "object"
}
LogicalRouterStatus (type)
{
"additionalProperties": false,
"id": "LogicalRouterStatus",
"module_id": "AggSvcLogicalRouter",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"locale_operation_mode": {
"description": "Egress mode for the logical router at given mode",
"enum": [
"PRIMARY_LOCATION",
"SECONDARY_LOCATION"
],
"readonly": true,
"title": "Location mode for logical router",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "The id of the logical router",
"type": "string"
},
"per_node_status": {
"items": {
"$ref": "LogicalRouterStatusPerNode
},
"readonly": true,
"title": "Per Node Status",
"type": "array"
}
},
"type": "object"
}
LogicalRouterStatusPerNode (type)
{
"id": "LogicalRouterStatusPerNode",
"module_id": "AggSvcLogicalRouter",
"properties": {
"edge_path": {
"description": "Only populated by Policy APIs",
"required": false,
"title": "edge transport node path.",
"type": "string"
},
"high_availability_status": {
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN",
"ADMIN_DOWN"
],
"required": true,
"title": "A service router's HA status on an edge node",
"type": "string"
},
"is_default_sub_cluster": {
"default": false,
"description": "True if edge transport node is a member of default sub cluster",
"required": false,
"title": "Is edge transport node in default sub cluster.",
"type": "boolean"
},
"service_group_ha_status": {
"description": "Service High availability status of service group linked with sub cluster.",
"enum": [
"UNKNOWN",
"ACTIVE",
"STANDBY"
],
"required": false,
"title": "Service High Availability status",
"type": "string"
},
"service_router_id": {
"required": false,
"title": "id of the service router where the router status is retrieved.",
"type": "string"
},
"sub_cluster_id": {
"description": "This field is populated for sateful active-active mode. Runtime state is only synced among nodes in the same sub cluster.",
"required": false,
"title": "Sub cluster id for the node.",
"type": "string"
},
"traffic_group_id": {
"description": "This field is populated only for VMC on AWS. It is the ID of the traffic group associated with the edge node.",
"required": false,
"title": "Traffic Group ID of the edge node",
"type": "string"
},
"transport_node_id": {
"required": true,
"title": "id of the transport node where the router status is retrieved.",
"type": "string"
}
},
"type": "object"
}
LogicalRouterType (type)
{
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "LogicalRouterType",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"router_type": {
"description": "Logical router type",
"enum": [
"SERVICE_ROUTER_TIER0",
"VRF_SERVICE_ROUTER_TIER0",
"DISTRIBUTED_ROUTER_TIER0",
"VRF_DISTRIBUTED_ROUTER_TIER0",
"SERVICE_ROUTER_TIER1",
"VRF_SERVICE_ROUTER_TIER1",
"DISTRIBUTED_ROUTER_TIER1",
"VRF_DISTRIBUTED_ROUTER_TIER1",
"TUNNEL",
"RTEP_TUNNEL_VRF"
],
"title": "Logical router type",
"type": "string"
}
},
"type": "object"
}
LogicalRouterUpLinkPort (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LogicalRouterPort
},
"id": "LogicalRouterUpLinkPort",
"module_id": "LogicalRouterPorts",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalRouterUpLinkPort"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_member_index": {
"items": {
"type": "integer"
},
"required": true,
"title": "Member index of the edge node on the cluster",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"igmp_config": {
"$ref": "InterfaceIgmpLocalGroupConfig,
"description": "Interface IGMP[Internet Group Management Protocol] local group config parameters.",
"required": false,
"title": "IGMP local group configuration parameters"
},
"linked_logical_switch_port_id": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference to the logical switch port to connect to"
},
"logical_router_id": {
"required": true,
"title": "Identifier for logical router on which this port is created",
"type": "string"
},
"mac_address": {
"description": "MAC address",
"readonly": true,
"required": false,
"title": "MAC address",
"type": "string"
},
"mtu": {
"description": "Maximum transmission unit specifies the size of the largest packet that a network protocol can transmit. If not specified, the global logical MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be used.",
"minimum": 64,
"title": "Maximum transmission unit (MTU)",
"type": "integer"
},
"ndra_prefix_config": {
"description": "Configuration to override the neighbor discovery router advertisement prefix time parameters at the subnet level. Note that users are allowed to override the prefix time only for IPv6 subnets which are configured on the port.",
"items": {
"$ref": "NDRAPrefixConfig
},
"required": false,
"type": "array"
},
"ndra_profile_id": {
"description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.",
"required": false,
"title": "Identifier for NDRA profile on the port",
"type": "string"
},
"pim_config": {
"$ref": "InterfacePimConfig,
"description": "PIM[Protocol Independent Multicast] configuration parameters.",
"required": false,
"title": "PIM configuration parameters"
},
"resource_type": {
"$ref": "LogicalRouterPortResourceType,
"required": true
},
"service_bindings": {
"items": {
"$ref": "ServiceBinding
},
"required": false,
"title": "Service Bindings",
"type": "array"
},
"subnets": {
"items": {
"$ref": "IPSubnet
},
"minItems": 1,
"required": true,
"title": "Logical router port subnets",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"urpf_mode": {
"$ref": "UrpfMode,
"default": "STRICT",
"required": false,
"title": "Unicast Reverse Path Forwarding mode"
}
},
"type": "object"
}
LogicalRoutersInfo (type)
{
"id": "LogicalRoutersInfo",
"properties": {
"ha_info": {
"$ref": "HaInfo,
"description": "Logical router high-availability information",
"readonly": true,
"title": "Logical router high-availability information"
},
"logical_router_uuid": {
"description": "Logical router UUID",
"readonly": true,
"title": "Logical router UUID",
"type": "string"
},
"mp_router_uuid": {
"description": "MP logical router UUID",
"readonly": true,
"title": "MP logical router UUID",
"type": "string"
},
"name": {
"description": "Name of the logical router",
"readonly": true,
"title": "Name of the logical router",
"type": "string"
},
"router_type": {
"description": "Logical router type",
"enum": [
"SERVICE_ROUTER_TIER0",
"VRF_SERVICE_ROUTER_TIER0",
"DISTRIBUTED_ROUTER_TIER0",
"VRF_DISTRIBUTED_ROUTER_TIER0",
"SERVICE_ROUTER_TIER1",
"VRF_SERVICE_ROUTER_TIER1",
"DISTRIBUTED_ROUTER_TIER1",
"VRF_DISTRIBUTED_ROUTER_TIER1",
"TUNNEL",
"RTEP_TUNNEL_VRF"
],
"readonly": true,
"title": "Logical router type",
"type": "string"
}
},
"type": "object"
}
LogicalServiceRouterClusterState (type)
{
"description": "This holds the state of Service Router. If there are errors in realizing SR outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "LogicalServiceRouterClusterState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Service Router.",
"type": "object"
}
LogicalSwitch (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "LogicalSwitch",
"module_id": "LogicalSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_state": {
"enum": [
"UP",
"DOWN"
],
"required": true,
"title": "Represents Desired state of the Logical Switch",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by logical ports in the logical switch.",
"items": {
"$ref": "ExtraConfig
},
"required": false,
"title": "Extra configs on logical switch",
"type": "array"
},
"global_vni": {
"description": "The VNI is used for intersite traffic and the global logical switch ID. The global VNI pool is agnostic of the local VNI pool, and there is no need to have an exclusive VNI range. For example, VNI x can be the global VNI for logical switch B and the local VNI for logical switch A.",
"required": false,
"title": "VNI allocated by the global manager",
"type": "int"
},
"hybrid": {
"default": false,
"description": "If this flag is set to true, then all the logical switch ports attached to this logical switch will behave in a hybrid fashion. The hybrid logical switch port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This flag can be enabled only for the logical switches in the overlay type transport zone which has host switch mode as LEGACY and also has either CrossCloud or CloudScope tag scopes. Only the NSX public cloud gateway (PCG) uses this flag, other host agents like ESX, KVM and Edge will ignore it. This property cannot be modified once the logical switch is created.",
"required": false,
"title": "Flag to identify a hybrid logical switch",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_pool_id": {
"description": "IP pool id that associated with a LogicalSwitch.",
"required": false,
"title": "Allocation ip pool associated with the Logical switch",
"type": "string"
},
"mac_pool_id": {
"description": "Mac pool id that associated with a LogicalSwitch.",
"required": false,
"title": "Allocation mac pool associated with the Logical switch",
"type": "string"
},
"node_local_switch": {
"required": false,
"title": "A flag to prevent BUM (broadcast, unknown-unicast and multicast) traffic from reaching the other spanned edges.",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source DVPG.",
"readonly": true,
"required": false,
"title": "ID of the LS of type DVPG in the source vCenter",
"type": "string"
},
"origin_type": {
"enum": [
"VCENTER"
],
"readonly": true,
"required": false,
"title": "The type of source from which the DVPG is discovered",
"type": "string"
},
"replication_mode": {
"enum": [
"MTEP",
"SOURCE"
],
"required": false,
"title": "Replication mode of the Logical Switch",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"span": {
"description": "Each manager ID represents the NSX Local Manager the logical switch connects. This will be populated by the manager.",
"items": {
"type": "string"
},
"maxItems": 16,
"minItems": 0,
"required": false,
"title": "List of Local Manager IDs the logical switch extends",
"type": "array"
},
"switch_type": {
"description": "This field indicates purpose of a LogicalSwitch. It is set by manager internally or user can provide this field. If not set, DEFAULT type is assigned. NSX components can use this field to create LogicalSwitch that provides component specific functionality. DEFAULT type LogicalSwitches are created for basic L2 connectivity by API users. SERVICE_PLANE type LogicalSwitches are system created service plane LogicalSwitches for Service Insertion service. User can not create SERVICE_PLANE type of LogicalSwitch. DHCP_RELAY type LogicalSwitches are created by external user like Policy with special permissions or by system and will be treated as internal LogicalSwitches. Such LogicalSwitch will not be exposed to vSphere user. GLOBAL type LogicalSwitches are created to span multiple NSX domains to connect multiple remote sites. INTER_ROUTER type LogicalSwitches are policy-created LogicalSwitches which provide inter-router connectivity. DVPG type LogicalSwitches are NSX-created based on DVPGs found in VC which are used as shadow objects in NSX on DVPG.",
"enum": [
"DEFAULT",
"SERVICE_PLANE",
"DHCP_RELAY",
"GLOBAL",
"INTER_ROUTER",
"EVPN",
"DVPG"
],
"required": false,
"title": "Type of LogicalSwitch.",
"type": "string"
},
"switching_profile_ids": {
"items": {
"$ref": "SwitchingProfileTypeIdEntry
},
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_id": {
"required": true,
"title": "Id of the TransportZone to which this LogicalSwitch is associated",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "This name has to be one of the switching uplink teaming policy names listed inside the logical switch's TransportZone. If this field is not specified, the logical switch will not have a teaming policy associated with it and the host switch's default teaming policy will be used.",
"required": false,
"title": "The name of the switching uplink teaming policy for the logical switch",
"type": "string"
},
"vlan": {
"$ref": "VlanID,
"description": "This property is dedicated to VLAN based network, to set VLAN of logical network. It is mutually exclusive with 'vlan_trunk_spec'.",
"required": false,
"title": "VLAN Id of logical switch"
},
"vlan_trunk_spec": {
"$ref": "VlanTrunkSpec,
"description": "This property is used for VLAN trunk specification of logical switch. It's mutually exclusive with 'vlan'. Also it could be set to do guest VLAN tagging in overlay network.",
"required": false,
"title": "VLAN trunk spec of logical switch"
},
"vni": {
"description": "Only for OVERLAY network. A VNI will be auto-allocated from the default VNI pool if not given; otherwise the given VNI has to be inside the default pool and not used by any other LogicalSwitch.",
"required": false,
"title": "VNI for this LogicalSwitch.",
"type": "int"
}
},
"type": "object"
}
LogicalSwitchDeleteParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LogicalSwitchDeleteParameters",
"module_id": "LogicalSwitch",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Delete a Logical Switch and all the logical ports in it,\nif none of the logical ports have any attachment.\n",
"type": "boolean"
},
"detach": {
"default": false,
"description": "If this is set to true, then logical switch is deleted regardless of whether or not it is added to NSGroup. If cascade is set to true in the meantime, then logical switch and all logical ports are deleted regardless of whether any logical port in this switch has attachments.",
"required": false,
"title": "Force delete a logical switch",
"type": "boolean"
}
},
"type": "object"
}
LogicalSwitchListParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "LogicalSwitchListParameters",
"module_id": "LogicalSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"diagnostic": {
"default": false,
"required": false,
"title": "Flag to enable showing of transit logical switch.",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"switch_type": {
"enum": [
"DEFAULT",
"SERVICE_PLANE",
"DHCP_RELAY",
"GLOBAL",
"INTER_ROUTER",
"EVPN",
"DVPG"
],
"required": false,
"title": "Logical Switch type",
"type": "string"
},
"switching_profile_id": {
"required": false,
"title": "Switching Profile identifier",
"type": "string"
},
"transport_type": {
"$ref": "TransportType,
"required": false,
"title": "Mode of transport supported in the transport zone for this logical switch"
},
"transport_zone_id": {
"required": false,
"title": "Transport zone identifier",
"type": "string"
},
"uplink_teaming_policy_name": {
"required": false,
"title": "The logical switch's uplink teaming policy name",
"type": "string"
},
"vlan": {
"$ref": "VlanID,
"required": false,
"title": "Return VLAN logical switches whose \"vlan\" field matches this value"
},
"vni": {
"required": false,
"title": "VNI of the OVERLAY LogicalSwitch(es) to return.",
"type": "int"
}
},
"title": "Logical Switch list parameters",
"type": "object"
}
LogicalSwitchListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LogicalSwitchListResult",
"module_id": "LogicalSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalSwitch
},
"readonly": true,
"title": "Logical Switch Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Logical Switch queries result",
"type": "object"
}
LogicalSwitchListWithSourceParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LogicalSwitchListParameters
},
"id": "LogicalSwitchListWithSourceParameters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"diagnostic": {
"default": false,
"required": false,
"title": "Flag to enable showing of transit logical switch.",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"switch_type": {
"enum": [
"DEFAULT",
"SERVICE_PLANE",
"DHCP_RELAY",
"GLOBAL",
"INTER_ROUTER",
"EVPN",
"DVPG"
],
"required": false,
"title": "Logical Switch type",
"type": "string"
},
"switching_profile_id": {
"required": false,
"title": "Switching Profile identifier",
"type": "string"
},
"transport_type": {
"$ref": "TransportType,
"required": false,
"title": "Mode of transport supported in the transport zone for this logical switch"
},
"transport_zone_id": {
"required": false,
"title": "Transport zone identifier",
"type": "string"
},
"uplink_teaming_policy_name": {
"required": false,
"title": "The logical switch's uplink teaming policy name",
"type": "string"
},
"vlan": {
"$ref": "VlanID,
"required": false,
"title": "Return VLAN logical switches whose \"vlan\" field matches this value"
},
"vni": {
"required": false,
"title": "VNI of the OVERLAY LogicalSwitch(es) to return.",
"type": "int"
}
},
"title": "Logical Switch list with data source parameters",
"type": "object"
}
LogicalSwitchMirrorSource (type)
{
"extends": {
"$ref": "MirrorSource
},
"id": "LogicalSwitchMirrorSource",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "LogicalSwitchMirrorSource"
},
"properties": {
"resource_type": {
"$ref": "MirrorSourceResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'",
"required": true
},
"switch_id": {
"description": "Please note as logical port attached with vmk interface is unsupported as mirror source, traffic from those ports on source logical switch will not be mirrored.",
"required": true,
"title": "Source logical switch identifier",
"type": "string"
}
},
"type": "object"
}
LogicalSwitchParameters (type)
{
"additionalProperties": false,
"description": "Logical switch parameters.",
"id": "LogicalSwitchParameters",
"module_id": "L2VPNStatistics",
"properties": {
"logical_switch_id": {
"description": "logical switch identifier",
"title": "logical switch identifier",
"type": "string"
}
},
"title": "Logical switch parameters",
"type": "object"
}
LogicalSwitchState (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ConfigurationState
},
"id": "LogicalSwitchState",
"module_id": "LogicalSwitch",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"logical_switch_id": {
"readonly": true,
"required": false,
"title": "Id of the logical switch",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
LogicalSwitchStateListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "LogicalSwitchStateListResult",
"module_id": "LogicalSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LogicalSwitchState
},
"readonly": true,
"title": "Logical Switch State Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Logical Switch state queries result",
"type": "object"
}
LogicalSwitchStateParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LogicalSwitchStateParameters",
"module_id": "LogicalSwitch",
"properties": {
"status": {
"enum": [
"PENDING",
"IN_PROGRESS",
"PARTIAL_SUCCESS",
"SUCCESS"
],
"required": false,
"title": "Realized state of logical switches",
"type": "string"
}
},
"type": "object"
}
LogicalSwitchStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounterEx
},
"id": "LogicalSwitchStatistics",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"nsxt_fp": {
"$ref": "FpCounters,
"description": "ENS/FC module for DP packet processing",
"readonly": true,
"required": false
},
"nsxt_swsec": {
"$ref": "SwsecCounters,
"description": "Switch Security provides stateless L2 and L3 security by checking, traffic to the logical switch and dropping unauthorized packets sent, from VMs",
"readonly": true,
"required": false
},
"nsxt_vdl2": {
"$ref": "Vdl2Counters,
"description": "Overlay Layer-2 module responsible for workload connectivity",
"readonly": true,
"required": false
},
"nsxt_vdrb": {
"$ref": "VdrbCounters,
"description": "Virtual Distributed Routing (VDR) routes packets on every ESX",
"readonly": true,
"required": false
},
"nsxt_vsip": {
"$ref": "VsipCounters,
"description": "VSIP provides Distributed Firewall capability",
"readonly": true,
"required": false
},
"nsxt_vswitch": {
"$ref": "VswitchCounters,
"description": "Virtual Switch is responsible for providing switching functionality",
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalSwitchStatisticsParameters (type)
{
"experimental": true,
"extends": {
"$ref": "TransportNodeIdParameters
},
"id": "LogicalSwitchStatisticsParameters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"stats_type": {
"enum": [
"DATAPATH_STATS"
],
"required": false,
"title": "Logical switch statistics type.",
"type": "string"
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
LogicalSwitchStatus (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LogicalSwitchStatus",
"module_id": "LogicalSwitch",
"properties": {
"logical_switch_id": {
"readonly": true,
"required": false,
"title": "Unique ID identifying the the Logical Switch",
"type": "string"
},
"num_logical_ports": {
"readonly": true,
"required": false,
"title": "Count of Logical Ports belonging to this switch",
"type": "int"
}
},
"type": "object"
}
LogicalSwitchStatusSummary (type)
{
"id": "LogicalSwitchStatusSummary",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"filters": {
"items": {
"$ref": "Filter
},
"required": false,
"title": "The filters used to find the logical switches- TransportZone id, LogicalSwitchProfile id or TransportType",
"type": "array"
},
"fully_realized_switches": {
"required": true,
"title": "The number of logical switches that are realized in all transport nodes.",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"total_switches": {
"required": true,
"title": "The total number of logical switches.",
"type": "integer"
}
},
"type": "object"
}
LoginCredential (type)
{
"id": "LoginCredential",
"module_id": "Types",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "credential_type"
},
"properties": {
"credential_type": {
"description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential', 'SessionLoginCredential'.",
"required": true,
"title": "Login credential, for example username-password-thumbprint, certificate or session based, etc",
"type": "string"
}
},
"title": "Base type for various login credential types",
"type": "object"
}
LoginLogoutEventCollection (type)
{
"additionalProperties": false,
"description": "Collection of Login/Logout events reported to Policy",
"id": "LoginLogoutEventCollection",
"module_id": "PolicyIdfwLoginLogoutEvents",
"properties": {
"login_logout_events": {
"items": {
"$ref": "LoginLogoutEventMap
},
"required": true,
"title": "Set of user to IP address pair",
"type": "array"
}
},
"title": "Login/Logout event Collection",
"type": "object"
}
LoginLogoutEventMap (type)
{
"id": "LoginLogoutEventMap",
"module_id": "PolicyIdfwLoginLogoutEvents",
"properties": {
"domain_name": {
"required": true,
"title": "Domain name",
"type": "string"
},
"event_source": {
"enum": [
"LI"
],
"required": true,
"type": "string"
},
"event_time": {
"$ref": "EpochMsTimestamp,
"required": true
},
"event_type": {
"enum": [
"LOGIN",
"LOGOUT"
],
"required": true,
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "IP Address of user"
},
"user_name": {
"required": true,
"title": "User name",
"type": "string"
}
},
"title": "User Login/Logout event Map",
"type": "object"
}
LsIdToVmAndVnicsMapping (type)
{
"additionalProperties": false,
"id": "LsIdToVmAndVnicsMapping",
"module_id": "Migration",
"properties": {
"ls_id": {
"readonly": false,
"required": false,
"title": "Logical Switch ID",
"type": "string"
},
"vm_and_vnics_mapping": {
"items": {
"$ref": "VmToVnicsMapping
},
"readonly": false,
"required": false,
"title": "List of VmToVnicsMapping",
"type": "array"
}
},
"title": "Mapping between Logical Switch ID and VM & VNICs",
"type": "object"
}
MACAddress (type)
{
"description": "A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB.",
"format": "mac-address",
"id": "MACAddress",
"module_id": "Common",
"title": "MAC Address",
"type": "string"
}
MACAddressElement (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource
},
"id": "MACAddressElement",
"module_id": "MACSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"mac_address": {
"$ref": "MACAddress,
"required": true
}
},
"title": "MAC Address",
"type": "object"
}
MACAddressElementListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MACAddressElementListResult",
"module_id": "MACSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MACAddressElement
},
"required": true,
"title": "MAC address element list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of MAC address elements",
"type": "object"
}
MACAddressExpression (type)
{
"additionalProperties": false,
"description": "Represents MAC address expressions in the form of an array, to support addition of MAC addresses in a group. Avoid creating groups with multiple MACAddressExpression. In future releases, group will be restricted to contain a single MACAddressExpression. To group MAC addresses, use nested groups instead of multiple MACAddressExpression.",
"extends": {
"$ref": "Expression
},
"id": "MACAddressExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "MACAddressExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_addresses": {
"description": "This array can consist of one or more MAC addresses. Max limit of 4000 MAC addresses applies across all the expressions.",
"items": {
"$ref": "MACAddress
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of MAC addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "MAC address expression node",
"type": "object"
}
MACAddressList (type)
{
"additionalProperties": false,
"description": "List of MAC Addresses.",
"id": "MACAddressList",
"module_id": "Policy",
"properties": {
"mac_addresses": {
"description": "The array contains MAC addresses.",
"items": {
"$ref": "MACAddress
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of MAC addresses",
"type": "array"
}
},
"title": "MAC Address members.",
"type": "object"
}
MACSet (type)
{
"additionalProperties": false,
"description": "MACSet is used to group individual MAC addresses. MACSets can be used as sources and destinations in layer2 firewall rules. These can also be used as members of NSGroups.",
"extends": {
"$ref": "ManagedResource
},
"id": "MACSet",
"module_id": "MACSet",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_addresses": {
"items": {
"$ref": "MACAddress
},
"maxItems": 4000,
"required": false,
"title": "MAC addresses",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Set of one or more MAC addresses",
"type": "object"
}
MACSetDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "MACSetDeleteRequestParameters",
"module_id": "MACSet",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "MACSet delete request parameters",
"type": "object"
}
MACSetListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MACSetListRequestParameters",
"module_id": "MACSet",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "MACSet list request parameters",
"type": "object"
}
MACSetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MACSetListResult",
"module_id": "MACSet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MACSet
},
"required": true,
"title": "Paged collection of MACSets",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MPAConfigProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MPAConfigProperties",
"properties": {
"AccountName": {
"description": "The account name to use when authenticating to the management plane's message bus.",
"readonly": false,
"type": [
"string",
"null"
]
},
"RmqBrokerCluster": {
"description": "The list of messaging brokers this controller is configured with.",
"items": {
"$ref": "BrokerProperties
},
"type": "array"
},
"RmqClientType": {
"description": "The nodes client type.",
"type": [
"string",
"null"
]
},
"SharedSecret": {
"description": "The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses.",
"sensitive": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "Information about the management plane this node is communciating with",
"type": "object"
}
MPPolicyPromotionHistory (type)
{
"additionalProperties": false,
"id": "MPPolicyPromotionHistory",
"module_id": "PolicyMigration",
"properties": {
"date_time": {
"description": "Date and and time of the promotion operation. The date and time is stored in epoch time format.",
"readonly": true,
"required": true,
"title": "Date and and time of the promotion operation.",
"type": "string"
},
"status": {
"description": "Represents the type of operation in the mp to policy promotion life cycle. Can be INITIATED, CANCELLED, PARTIAL_SUCCESS or SUCCESS.",
"enum": [
"INITIATED",
"CANCELLED",
"SUCCESS",
"PARTIAL_SUCCESS"
],
"required": true,
"title": "Represents the type of operation in the mp to policy promotion life cycle.\n",
"type": "string"
}
},
"title": "Contain mp to policy promotion history.\n",
"type": "object"
}
MPPolicyPromotionHistoryList (type)
{
"additionalProperties": false,
"id": "MPPolicyPromotionHistoryList",
"module_id": "PolicyMigration",
"properties": {
"results": {
"description": "Array of MPPolicyPromotionHistory.",
"items": {
"$ref": "MPPolicyPromotionHistory
},
"required": false,
"title": "Array of MPPolicyPromotionHistory.",
"type": "array"
}
},
"title": "List of MPPolicyPromotionHistory.\n",
"type": "object"
}
MPPolicyPromotionState (type)
{
"additionalProperties": false,
"description": "Provides information if system is currently going under mp policy promotion.",
"id": "MPPolicyPromotionState",
"module_id": "PolicyMigration",
"properties": {
"mp_policy_promotion": {
"description": "Used to get the mp policy promotion state. If system is under mp to policy promotion, it will be PROMOTION_IN_PROGRESS else PROMOTION_NOT_IN_PROGRESS.State is CANCELLING_PROMOTION, if ongoing promotion is cancelled.",
"enum": [
"PROMOTION_IN_PROGRESS",
"CANCELLING_PROMOTION",
"PROMOTION_NOT_IN_PROGRESS",
"CANCEL_FAILED"
],
"required": true,
"title": "MP Policy promotion state value.",
"type": "string"
}
},
"title": "Fetches MP Policy promotion state.\n",
"type": "object"
}
MPResource (type)
{
"additionalProperties": false,
"description": "List of Manager Ids to migrate.",
"id": "MPResource",
"module_id": "MPPolicyMigration",
"properties": {
"resource_ids": {
"description": "Manager and policy resource id array.",
"items": {
"$ref": "MPResourceDetails
},
"required": true,
"type": "array"
},
"type": {
"description": "Manager resource type to migrate.",
"required": true,
"title": "Manager resource type to migrate.",
"type": "string"
}
},
"title": "Contains migration api request parameters\n",
"type": "object"
}
MPResourceDetails (type)
{
"additionalProperties": false,
"description": "Contains manager and policy resource id.",
"id": "MPResourceDetails",
"module_id": "MPPolicyMigration",
"properties": {
"linked_ids": {
"description": "Linked resources.",
"items": {
"$ref": "MPResourceLinkedDetails
},
"required": false,
"type": "array"
},
"manager_id": {
"required": true,
"title": "Manager resource id.",
"type": "string"
},
"metadata": {
"description": "Resource metadata.",
"items": {
"$ref": "MPResourceMetadata
},
"required": false,
"type": "array"
},
"override": {
"required": false,
"title": "Whether to skip/override the resource in case of multiple resource migration . By default. it will be skip.",
"type": "boolean"
},
"policy_id": {
"required": false,
"title": "Policy resource id.",
"type": "string"
},
"policy_path": {
"required": false,
"title": "Policy resource path.",
"type": "string"
},
"principle_identity": {
"description": "Principle Identity to be used for MP to Policy promotion in GENERIC workflow.This is internal only.",
"required": false,
"title": "Principle Identity to be used for MP to Policy promotion in GENERIC workflow.",
"type": "string"
}
},
"title": "Contains manager resource details and policy resource id.\n",
"type": "object"
}
MPResourceLinkedDetails (type)
{
"additionalProperties": false,
"description": "Information about linked resource.",
"id": "MPResourceLinkedDetails",
"module_id": "MPPolicyMigration",
"properties": {
"key": {
"required": true,
"title": "Associated resource type.",
"type": "string"
},
"value": {
"required": false,
"title": "Resource id of the assocationed resource.",
"type": "string"
}
},
"title": "Information about linked resource.\n",
"type": "object"
}
MPResourceMetadata (type)
{
"additionalProperties": false,
"description": "Resource metadata.",
"id": "MPResourceMetadata",
"module_id": "MPPolicyMigration",
"properties": {
"key": {
"description": "It has to be one of the attribute of targeted policy intent.",
"required": true,
"title": "Resource metadata key.",
"type": "string"
},
"value": {
"required": false,
"title": "Resource metadata value.",
"type": "string"
}
},
"title": "Resource metadata.\n",
"type": "object"
}
MacAddressCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "MacAddressCsvListResult",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "MacTableCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
MacAddressListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "MacAddressListResult",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
MacAddressType (type)
{
"enum": [
"STATIC",
"LEARNED"
],
"id": "MacAddressType",
"module_id": "AggSvcLogicalPort",
"title": "The type of the MAC address",
"type": "string"
}
MacDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Mac Discovery Profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MacDiscoveryProfile",
"module_id": "PolicyMacDiscovery",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_change_enabled": {
"default": false,
"description": "Allowing source MAC address change",
"required": false,
"title": "Is rule enabled or not",
"type": "boolean"
},
"mac_learning_aging_time": {
"default": 600,
"description": "Indicates how long learned MAC address remain.",
"readonly": true,
"required": false,
"title": "Aging time in seconds for learned MAC address",
"type": "int"
},
"mac_learning_enabled": {
"description": "Allowing source MAC address learning",
"required": true,
"title": "Is MAC learning enabled or not",
"type": "boolean"
},
"mac_limit": {
"default": 4096,
"description": "The maximum number of mac addresses that can be learnt on this port when mac learning is enabled.",
"maximum": 4096,
"minimum": 0,
"required": false,
"title": "Maximum number of MAC addresses learnt",
"type": "int"
},
"mac_limit_policy": {
"default": "ALLOW",
"description": "The policy after MAC Limit is exceeded",
"enum": [
"ALLOW",
"DROP"
],
"title": "Mac Limit Policy",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_overlay_mac_limit": {
"default": 2048,
"description": "The maximum number of mac addresses learnt on an overlay logical switch, irrespective of whether mac learning is enabled on the segment ports. When this limit is reached, traffic for mac addresses that are not learnt will be flooded.",
"maximum": 8192,
"minimum": 2048,
"title": "The maximum number of MAC addresses learned on an overlay Logical Switch",
"type": "int"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"unknown_unicast_flooding_enabled": {
"default": true,
"description": "Allowing flooding for unlearned MAC for ingress traffic",
"required": false,
"title": "Is unknown unicast flooding rule enabled or not",
"type": "boolean"
}
},
"search_dsl_name": [
"mac discovery segment profile"
],
"title": "Mac Discovery Profile",
"type": "object"
}
MacDiscoveryProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "MacDiscoveryProfileListRequestParameters",
"module_id": "PolicyMacDiscovery",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Mac Discovery Profile request parameters",
"type": "object"
}
MacDiscoveryProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MacDiscoveryProfileListResult",
"module_id": "PolicyMacDiscovery",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacDiscoveryProfile
},
"required": true,
"title": "Mac Discovery profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Mac Discovery Profiles",
"type": "object"
}
MacLearningCounters (type)
{
"id": "MacLearningCounters",
"module_id": "AggSvcL2Types",
"properties": {
"mac_not_learned_packets_allowed": {
"description": "The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.",
"required": false,
"title": "Number of dispatched packets with unknown source MAC address.",
"type": "integer"
},
"mac_not_learned_packets_dropped": {
"description": "The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.",
"required": false,
"title": "Number of dropped packets with unknown source MAC address.",
"type": "integer"
},
"macs_learned": {
"required": false,
"title": "Number of MACs learned",
"type": "integer"
}
},
"type": "object"
}
MacLearningSpec (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "MacLearningSpec",
"module_id": "MacManagementSwitchingProfile",
"properties": {
"aging_time": {
"default": 600,
"readonly": true,
"required": false,
"title": "Aging time in sec for learned MAC address",
"type": "int"
},
"enabled": {
"readonly": false,
"required": true,
"title": "Allowing source MAC address learning",
"type": "boolean"
},
"limit": {
"default": 4096,
"description": "This property specifies the limit on the maximum number of MAC addresses that can be learned on a port. It is consumed by vswitch kernel module on the hypervisor while learning MACs per port for VMs that are local to the host.",
"maximum": 4096,
"minimum": 0,
"readonly": false,
"required": false,
"title": "The maximum number of MAC addresses that can be learned on this port",
"type": "int"
},
"limit_policy": {
"default": "ALLOW",
"enum": [
"ALLOW",
"DROP"
],
"readonly": false,
"required": false,
"title": "The policy after MAC Limit is exceeded",
"type": "string"
},
"remote_overlay_mac_limit": {
"default": 2048,
"description": "This property specifies the limit on the maximum number of MACs learned for a remote Virtual Machine's MAC to vtep binding per overlay logical switch.",
"maximum": 8192,
"minimum": 2048,
"readonly": false,
"required": false,
"title": "The maximum number of MAC addresses learned on an overlay Logical Switch",
"type": "int"
},
"unicast_flooding_allowed": {
"default": true,
"readonly": false,
"required": false,
"title": "Allowing flooding for unlearned MAC for ingress traffic",
"type": "boolean"
}
},
"title": "MAC learning configuration",
"type": "object"
}
MacManagementSwitchingProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "BaseSwitchingProfile
},
"id": "MacManagementSwitchingProfile",
"module_id": "MacManagementSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "MacManagementSwitchingProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_change_allowed": {
"default": false,
"readonly": false,
"required": false,
"title": "Allowing source MAC address change",
"type": "boolean"
},
"mac_learning": {
"$ref": "MacLearningSpec,
"readonly": false,
"required": false,
"title": "MAC learning configuration"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
MacPool (type)
{
"additionalProperties": false,
"description": "A collection of ranges of MAC addresses",
"extends": {
"$ref": "ManagedResource
},
"id": "MacPool",
"module_id": "MACAM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ranges": {
"items": {
"$ref": "MacRange
},
"required": true,
"title": "Array of ranges for MAC addresses",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
MacPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MacPoolListResult",
"module_id": "MACAM",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacPool
},
"required": true,
"title": "MAC pool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MacRange (type)
{
"additionalProperties": false,
"description": "A range of MAC addresses with a start and end value",
"id": "MacRange",
"module_id": "MACAM",
"properties": {
"end": {
"$ref": "MACAddress,
"description": "End value for MAC address range",
"readonly": false,
"required": true,
"title": "End value of MAC range"
},
"start": {
"$ref": "MACAddress,
"description": "Start value for MAC address range",
"readonly": false,
"required": true,
"title": "Start value of MAC range"
}
},
"type": "object"
}
MacTableCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "MacTableCsvRecord",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"rtep_group_id": {
"description": "RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address.",
"title": "Remote tunnel endpoint(RTEP) group id",
"type": "integer"
},
"vtep_group_id": {
"description": "VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address.",
"title": "Virtual tunnel endpoint(VTEP) group id",
"type": "integer"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IPv4 address"
},
"vtep_ipv6": {
"$ref": "IPv6Address,
"required": false,
"title": "The virtual tunnel endpoint IPv6 address"
},
"vtep_mac_address": {
"required": false,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
MacTableEntry (type)
{
"id": "MacTableEntry",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"rtep_group_id": {
"description": "RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address.",
"title": "Remote tunnel endpoint(RTEP) group id",
"type": "integer"
},
"vtep_group_id": {
"description": "VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address.",
"title": "Virtual tunnel endpoint(VTEP) group id",
"type": "integer"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IPv4 address"
},
"vtep_ipv6": {
"$ref": "IPv6Address,
"required": false,
"title": "The virtual tunnel endpoint IPv6 address"
},
"vtep_mac_address": {
"required": false,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
MaintenanceModeParameters (type)
{
"id": "MaintenanceModeParameters",
"module_id": "TransportNode",
"properties": {
"action": {
"description": "User could use this parameter to put transport node into maintenance mode or exit from maintenance mode. 'enter_maintenance_mode' will put Transport Node into maintenance mode if there is no VIFs attached. 'forced_enter_maintenance_mode' will put transport node into maintenance mode forcibly regardless of whether or not VIF attached. 'exit_maintenance_mode' will exit from maintenance mode.",
"enum": [
"enter_maintenance_mode",
"forced_enter_maintenance_mode",
"exit_maintenance_mode"
],
"type": "string"
}
},
"title": "transport node maintenance mode setting parameters",
"type": "object"
}
MaintenanceModePropertiesReply (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MaintenanceModePropertiesReply",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"maintenance_mode": {
"default": "disabled",
"description": "current maintenance mode",
"enum": [
"enabled",
"disabled"
],
"readonly": true,
"type": "string"
}
},
"title": "Information about the Edge maintenance mode",
"type": "object"
}
MaintenanceModePropertiesRequest (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MaintenanceModePropertiesRequest",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"maintenance_mode": {
"description": "current maintenance mode",
"readonly": false,
"type": "boolean"
},
"notify_mpa": {
"default": true,
"description": "send notification to MPA",
"readonly": false,
"type": "boolean"
}
},
"title": "Information about the Edge maintenance mode",
"type": "object"
}
MaintenanceModeState (type)
{
"enum": [
"ENTERING",
"ENABLED",
"EXITING",
"DISABLED"
],
"id": "MaintenanceModeState",
"module_id": "TransportNode",
"readonly": true,
"title": "maintenance mode state",
"type": "string"
}
MalwarePreventionProfile (type)
{
"additionalProperties": false,
"description": "MalwarePrevention Profile which contains the criteria to include Malware Prevention signatures.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MalwarePreventionProfile",
"module_id": "PolicyAntiMalware",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"detection_type": {
"description": "Represents how the Malware Prevention detection works.",
"enum": [
"SIGNATURE_BASED",
"SIGNATURE_AND_SANDBOXING_BASED"
],
"required": true,
"title": "Detection Types",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file_type": {
"description": "Represents different type of files extensions supported in Malware Prevention.",
"items": {
"$ref": "FileType
},
"required": true,
"title": "File Type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Malware Prevention Profile",
"type": "object"
}
MalwarePreventionProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "MalwarePreventionProfileListRequestParameters",
"module_id": "PolicyAntiMalware",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Malware Prevention profile request parameters",
"type": "object"
}
MalwarePreventionProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MalwarePreventionProfileListResult",
"module_id": "PolicyAntiMalware",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MalwarePreventionProfile
},
"required": true,
"title": "Malware Prevention profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Malware Prevention profiles",
"type": "object"
}
MalwarePreventionSignature (type)
{
"additionalProperties": false,
"description": "Malware Prevention Signature .",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MalwarePreventionSignature",
"module_id": "PolicyAntiMalware",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file_type": {
"description": "File type of Signature.",
"required": false,
"title": "File Type",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Malware Prevention Signature",
"type": "object"
}
MalwarePreventionSignatureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "MalwarePreventionSignatureListRequestParameters",
"module_id": "PolicyAntiMalware",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "MalwarePrevention signature request parameters",
"type": "object"
}
MalwarePreventionSignatureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MalwarePreventionSignatureListResult",
"module_id": "PolicyAntiMalware",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MalwarePreventionSignature
},
"required": true,
"title": "MalwarePrevention signature list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of MalwarePrevention signatures",
"type": "object"
}
MalwarePreventionTeaserCloudRegions (type)
{
"additionalProperties": false,
"description": "This holds a region details.",
"id": "MalwarePreventionTeaserCloudRegions",
"module_id": "NsxMalwarePreventionTeaser",
"properties": {
"region": {
"description": "Available regions",
"title": "Region",
"type": "string"
},
"region_name": {
"description": "Name of given region.",
"title": "Region name",
"type": "string"
}
},
"title": "Paged collection of regions",
"type": "object"
}
MalwarePreventionTeaserRegionsListResult (type)
{
"additionalProperties": false,
"description": "This holds the list of regions.",
"extends": {
"$ref": "ListResult
},
"id": "MalwarePreventionTeaserRegionsListResult",
"module_id": "NsxMalwarePreventionTeaser",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"regions": {
"description": "Regions list of regions.",
"items": {
"$ref": "MalwarePreventionTeaserCloudRegions
},
"readonly": true,
"title": "Regions list results",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of regions",
"type": "object"
}
MalwarePreventionTeaserRegistrationStatus (type)
{
"additionalProperties": false,
"description": "This holds registration status for given region.",
"id": "MalwarePreventionTeaserRegistrationStatus",
"module_id": "NsxMalwarePreventionTeaser",
"properties": {
"registration_attempted": {
"description": "Registration attempted status.",
"readonly": true,
"title": "Registration attempted status",
"type": "boolean"
},
"registration_completed": {
"description": "Registration completed status.",
"readonly": true,
"title": "Registration completed status",
"type": "boolean"
},
"url": {
"description": "Registration/Teaser Url.",
"readonly": true,
"title": "Registration/Teaser Url",
"type": "string"
}
},
"title": "Registration status",
"type": "object"
}
MalwarePreventionTeaserRegistrationURL (type)
{
"additionalProperties": false,
"description": "This holds registration url for given region.",
"id": "MalwarePreventionTeaserRegistrationURL",
"module_id": "NsxMalwarePreventionTeaser",
"properties": {
"registration_url": {
"description": "Registration url.",
"readonly": true,
"title": "Registration url",
"type": "string"
}
},
"title": "Registration URL",
"type": "object"
}
MalwarePreventionTeaserRegistrationURLRequest (type)
{
"additionalProperties": false,
"description": "This holds region to get the registration url.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "MalwarePreventionTeaserRegistrationURLRequest",
"module_id": "NsxMalwarePreventionTeaser",
"properties": {
"region": {
"description": "Region.",
"required": true,
"title": "Region",
"type": "string"
}
},
"title": "Registration URL Request",
"type": "object"
}
ManagedObjectOwnershipRequestParameters (type)
{
"additionalProperties": {},
"id": "ManagedObjectOwnershipRequestParameters",
"module_id": "Common",
"properties": {
"override_nsx_ownership": {
"default": false,
"description": "Flag indicating whether the NSX ownership constraints (on Managed Objects like Host/Cluster/DVS) should be overridden/bypassed. Note: Overriding/bypassing NSX ownership constraints is not recommended at all. This indicates, you want to use/configure/own certain Managed Objects (like Cluster, Host or DVS) which seem to be already in use/configured/owned by some other NSX instance. This option should be used with caution. It should only be used to come out of situations where: a. The other NSX instance no longer intends to use the Managed Objects (and has already unconfigured NSX configurations) but the ownership still lies with it (incorrectly) and you want those Managed Objects to be used/configured/owned by this NSX instance. b. The other NSX instance has crashed or decommisioned but the ownership still lies with it and you want those Managed Objects to be used/configured/owned by this NSX instance. Enabling this option, while the Managed Objects affected by this operation are actively used by other NSX, can lead to problematic states on both the NSX instances. For example, if a TN is forcefully reconfigured by this NSX instance (using override_nsx_ownership=true), while it was already configured and in use by the other NSX instance, it could corrupt the HostSwitch configurations pushed down by the other NSX instance.",
"required": false,
"title": "Override NSX Ownership",
"type": "boolean"
}
},
"title": "Request parameters for ManagedObjects NSX Ownership",
"type": "object"
}
ManagedResource (type)
{
"abstract": true,
"extends": {
"$ref": "RevisionedResource
},
"id": "ManagedResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"mode": "force",
"property-name": "resource_type"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base type for resources that are managed by API clients",
"type": "object"
}
ManagementClusterNodeStatus (type)
{
"additionalProperties": false,
"id": "ManagementClusterNodeStatus",
"module_id": "ClusterManagement",
"properties": {
"mgmt_cluster_status": {
"$ref": "ClusteringStatus,
"readonly": true,
"title": "Status of this node's connection to the management cluster"
}
},
"type": "object"
}
ManagementClusterRoleConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ClusterRoleConfig
},
"id": "ManagementClusterRoleConfig",
"module_id": "ClusterManagement",
"properties": {
"api_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the public API service on this node"
},
"appliance_connection_info": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP, port and certificate for connecting to appliance."
},
"mgmt_cluster_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the management cluster service on this node"
},
"mgmt_plane_listen_addr": {
"$ref": "ServiceEndpoint,
"readonly": true,
"title": "The IP and port for the management plane service on this node"
},
"mpa_msg_client_info": {
"$ref": "MsgClientInfo
},
"type": {
"enum": [
"ManagementClusterRoleConfig",
"ControllerClusterRoleConfig"
],
"readonly": true,
"required": true,
"title": "Type of this role configuration",
"type": "string"
}
},
"type": "object"
}
ManagementClusterStatus (type)
{
"additionalProperties": false,
"id": "ManagementClusterStatus",
"module_id": "ClusterManagement",
"properties": {
"offline_nodes": {
"description": "Current missing management plane nodes",
"items": {
"$ref": "ManagementPlaneBaseNodeInfo
},
"readonly": true,
"type": "array"
},
"online_nodes": {
"description": "Current alive management plane nodes",
"items": {
"$ref": "ManagementPlaneBaseNodeInfo
},
"readonly": true,
"type": "array"
},
"required_members_for_initialization": {
"description": "The details of the cluster nodes required for cluster initialization",
"items": {
"$ref": "ClusterInitializationNodeInfo
},
"readonly": true,
"type": "array"
},
"status": {
"enum": [
"INITIALIZING",
"UNSTABLE",
"DEGRADED",
"STABLE",
"UNKNOWN"
],
"readonly": true,
"title": "The current status of the management cluster",
"type": "string"
}
},
"type": "object"
}
ManagementConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource
},
"id": "ManagementConfig",
"module_id": "ConfigManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"publish_fqdns": {
"required": true,
"title": "True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability.",
"type": "boolean"
}
},
"type": "object"
}
ManagementNodeAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseNodeAggregateInfo
},
"id": "ManagementNodeAggregateInfo",
"module_id": "ClusterManagement",
"properties": {
"display_name": {
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_interface_properties": {
"items": {
"$ref": "NodeInterfaceProperties
},
"readonly": true,
"title": "Array of Node interface statistic properties",
"type": "array"
},
"node_interface_statistics": {
"items": {
"$ref": "NodeInterfaceStatisticsProperties
},
"readonly": true,
"title": "Array of Node network interface statistic properties",
"type": "array"
},
"node_status": {
"$ref": "ClusterNodeStatus,
"readonly": true
},
"node_status_properties": {
"items": {
"$ref": "NodeStatusProperties
},
"title": "Time series of the node's system properties",
"type": "array"
},
"role_config": {
"$ref": "ManagementClusterRoleConfig,
"readonly": true
},
"transport_nodes_connected": {
"minimum": 0,
"readonly": true,
"type": "integer"
}
},
"type": "object"
}
ManagementPlaneBaseNodeInfo (type)
{
"description": "The basic node info of management plane node",
"id": "ManagementPlaneBaseNodeInfo",
"module_id": "ClusterManagement",
"properties": {
"mgmt_cluster_listen_ip_address": {
"readonly": true,
"title": "The IP address of MP node",
"type": "string"
},
"mgmt_cluster_listen_ipv6_address": {
"readonly": true,
"title": "The IPv6 address of MP node",
"type": "string"
},
"uuid": {
"readonly": true,
"title": "Management plane node UUID",
"type": "string"
}
},
"type": "object"
}
ManagementPlaneBrokerProperties (type)
{
"additionalProperties": false,
"id": "ManagementPlaneBrokerProperties",
"properties": {
"host": {
"$ref": "HostnameOrIPv46Address,
"description": "IP address or hostname of the message bus broker on the management plane node.",
"readonly": false,
"required": true
},
"port": {
"default": 5671,
"description": "Port number of the message bus broker on the management plane node.",
"maximum": 65535,
"minimum": 0,
"type": "integer"
},
"thumbprint": {
"description": "Certificate thumbprint of the message bus broker on the management plane node.",
"required": true,
"type": "string"
}
},
"title": "Information about a management plane node this controller is configured to communicate with",
"type": "object"
}
ManagementPlaneProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ManagementPlaneProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"account": {
"description": "The account name to use when authenticating to the management plane's message bus.",
"readonly": false,
"type": [
"string",
"null"
]
},
"brokers": {
"description": "The list of messaging brokers this controller is configured with.",
"items": {
"$ref": "ManagementPlaneBrokerProperties
},
"type": "array"
},
"secret": {
"description": "The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses.",
"sensitive": true,
"type": "string"
}
},
"title": "Information about the management plane this controller is communciating with",
"type": "object"
}
MandatoryAccessControlProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MandatoryAccessControlProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"enabled": {
"description": "Enabled can be True/False",
"type": "boolean"
},
"status": {
"description": "current status of Mandatory Access Control",
"enum": [
"ENABLED",
"DISABLED",
"ENABLED_PENDING_REBOOT"
],
"readonly": true,
"type": "string"
}
},
"title": "Information about mandatory access control",
"type": "object"
}
ManualHealthCheck (type)
{
"description": "Describes a manual check to evaluate the status of a transport zone.",
"extends": {
"$ref": "ManagedResource
},
"id": "ManualHealthCheck",
"module_id": "HealthCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operation_status": {
"description": "The operation status for health check",
"enum": [
"IN_PROGRESS",
"FINISHED"
],
"readonly": true,
"title": "Operation Status",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"result": {
"$ref": "HealthCheckResult,
"readonly": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_id": {
"description": "The entity ID works as a filter param. Entity ID and entity type should be both provided or not at a query.",
"required": true,
"title": "Transport Zone ID",
"type": "string"
},
"vlans": {
"$ref": "HealthCheckSpecVlans,
"description": "VLANs specificied for manual health check",
"required": true,
"title": "Specificied VLANs"
}
},
"title": "Manual Health Check",
"type": "object"
}
ManualHealthCheckListResult (type)
{
"description": "Manual health check list result for query with list parameters.",
"extends": {
"$ref": "ListResult
},
"id": "ManualHealthCheckListResult",
"module_id": "HealthCheck",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ManualHealthCheck
},
"readonly": true,
"title": "Manual Health Check List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Manual Health Checks",
"type": "object"
}
MemberAction (type)
{
"additionalProperties": false,
"id": "MemberAction",
"module_id": "NSGroup",
"properties": {
"action": {
"enum": [
"ADD_MEMBERS",
"REMOVE_MEMBERS"
],
"readonly": false,
"required": true,
"title": "Specifies addition or removal action",
"type": "string"
}
},
"type": "object"
}
MemoryReservation (type)
{
"description": "Relative to the form factor pre-defined reservation value. To reduce reservation of a VM to 50 percent, a user may specify 50 instead of the absolute number relevant for the edge form factor.",
"id": "MemoryReservation",
"module_id": "FabricNode",
"properties": {
"reservation_percentage": {
"default": 100,
"description": "Memory reserved relative to the default reservation of 100 percent. For example, take an edge virtual machine of medium form factor. By default, an edge of medium form factor is configured with 8 GB of memory and with reservation of 100 percent. So, 8 GB of memory is reserved. If you specify reservation_percentage value as 50 percent, then 4 GB of memory will be reserved.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Memory reservation percentage.",
"type": "int"
}
},
"type": "object"
}
MessagingClientInfo (type)
{
"id": "MessagingClientInfo",
"module_id": "ClusterManagement",
"properties": {
"account_name": {
"title": "Account name in messaging client",
"type": "string"
},
"client_type": {
"enum": [
"MPA",
"HOST"
],
"title": "Type of messaging client",
"type": "string"
}
},
"type": "object"
}
MetadataProxy (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "MetadataProxy",
"module_id": "MetadataProxy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attached_logical_port_id": {
"readonly": true,
"required": false,
"title": "id of attached logical port",
"type": "string"
},
"crypto_protocols": {
"description": "The cryptographic protocols listed here are supported by the metadata proxy. The TLSv1.1 and TLSv1.2 are supported by default.",
"items": {
"$ref": "MetadataProxyCryptoProtocol
},
"readonly": false,
"required": false,
"title": "metadata proxy supported cryptographic protocols.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_id": {
"required": true,
"title": "edge cluster uuid",
"type": "string"
},
"edge_cluster_member_indexes": {
"description": "If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If user provides only one edge node, there will be no HA support.",
"items": {
"type": "integer"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "edge cluster member indexes",
"type": "array",
"uniqueItems": true
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable the auto-relocation of standby Metadata Proxy in case of edge node failure. Only tier 1 and auto placed Metadata Proxy are considered for the relocation.",
"required": false,
"title": "Flag to enable standby Metadata proxy server relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"metadata_server_ca_ids": {
"description": "The CAs referenced here must be uploaded to the truststore using the API POST /api/v1/trust-management/certificates?action=import. User needs to ensure a correct CA for this metedata server is used. The REST API can not detect a wrong CA which was used to verify a different server. If the Metadata Proxy reports an ERROR or NO_BACKUP status, user can check the metadata proxy log at transport node for a possible CA issue.",
"items": {
"type": "string"
},
"required": false,
"title": "uuids of CAs to verify metadata server certificate",
"type": "array"
},
"metadata_server_url": {
"description": "The URL in format scheme://host:port/path. Please note, the scheme supports only http and https as of now, port supports range 3000 - 9000, inclusive.",
"required": true,
"title": "metadata server url",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"secret": {
"required": false,
"sensitive": true,
"title": "secret to access metadata server",
"type": "secure_string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
MetadataProxyConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MetadataProxyConfig",
"module_id": "PolicyMetadataProxy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"crypto_protocols": {
"description": "The cryptographic protocols listed here are supported by the metadata proxy. TLSv1.1 and TLSv1.2 are supported by default",
"items": {
"$ref": "MetadataProxyCryptoProtocols
},
"title": "Metadata proxy supported cryptographic protocols",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "Edge clusters configured on MP are auto-discovered by Policy and create corresponding read-only intent objects.",
"required": true,
"title": "Poilcy path to Edge Cluster",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Only auto-placed metadata proxies are considered for relocation. Must be FALSE, when the preferred_edge_paths property is configured.",
"title": "Flag to enable standby relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Edge nodes should be members of edge cluster configured in edge_cluster_path.",
"items": {
"type": "string"
},
"maxItems": 2,
"title": "Preferred Edge Paths",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"secret": {
"description": "Secret word or phrase to access metadata server.",
"required": false,
"sensitive": true,
"title": "Secret",
"type": "secure_string"
},
"server_address": {
"description": "This field is a URL. Example formats - http://1.2.3.4:3888/path, http://text-md-proxy:5001/. Port number should be between 3000-9000.",
"required": true,
"title": "Server Address",
"type": "string"
},
"server_certificates": {
"description": "Valid certificates should be configured. The validity of certificates is not checked. Certificates are managed through /infra/certificates API on Policy.",
"items": {
"type": "string"
},
"title": "Policy paths to Certificate Authority (CA) certificates",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"MetadataProxyConfig"
],
"relationshipType": "METADATA_PROXY_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Metadata Proxy Configuration",
"type": "object"
}
MetadataProxyConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MetadataProxyConfigListResult",
"module_id": "PolicyMetadataProxy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MetadataProxyConfig
},
"required": true,
"title": "Paginated list of metadata proxy configurations",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MetadataProxyCryptoProtocol (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"TLS_V1",
"TLS_V1_1",
"TLS_V1_2"
],
"id": "MetadataProxyCryptoProtocol",
"module_id": "MetadataProxy",
"title": "Metadata proxy supported cryptographic protocol",
"type": "string"
}
MetadataProxyCryptoProtocols (type)
{
"additionalProperties": false,
"default": "TLS_V1_2",
"enum": [
"TLS_V1",
"TLS_V1_1",
"TLS_V1_2"
],
"id": "MetadataProxyCryptoProtocols",
"module_id": "PolicyMetadataProxy",
"title": "Metadata proxy supported cryptographic protocol",
"type": "string"
}
MetadataProxyListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "MetadataProxyListResult",
"module_id": "MetadataProxy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MetadataProxy
},
"required": true,
"title": "paginated list of metadata proxies",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MetadataProxyRuntimeRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a segment path and enforcement_point_path.",
"extends": {
"$ref": "PolicyRuntimeRequestParameters
},
"id": "MetadataProxyRuntimeRequestParameters",
"module_id": "PolicyMetadataProxy",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"segment_path": {
"required": false,
"title": "String Path of the segment which is associated with this metadata proxy",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Metadata Proxy Runtime Information",
"type": "object"
}
MetadataProxyStatistics (type) (Deprecated)
{
"deprecated": true,
"id": "MetadataProxyStatistics",
"module_id": "AggSvcMetadataProxy",
"properties": {
"metadata_proxy_id": {
"required": true,
"title": "metadata proxy uuid",
"type": "string"
},
"statistics": {
"items": {
"$ref": "MetadataProxyStatisticsPerLogicalSwitch
},
"required": false,
"title": "metadata proxy statistics per logical switch",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
MetadataProxyStatisticsPerLogicalSwitch (type) (Deprecated)
{
"deprecated": true,
"id": "MetadataProxyStatisticsPerLogicalSwitch",
"module_id": "AggSvcMetadataProxy",
"properties": {
"error_responses_from_nova_server": {
"required": true,
"title": "error responses from nova server",
"type": "integer"
},
"logical_switch_id": {
"required": true,
"title": "uuid of attached logical switch",
"type": "string"
},
"requests_from_clients": {
"required": true,
"title": "requests from clients",
"type": "integer"
},
"requests_to_nova_server": {
"required": true,
"title": "requests to nova server",
"type": "integer"
},
"responses_to_clients": {
"required": true,
"title": "responses to clients",
"type": "integer"
},
"succeeded_responses_from_nova_server": {
"required": true,
"title": "succeeded responses from nova server",
"type": "integer"
}
},
"type": "object"
}
MetadataProxyStatisticsPerSegment (type)
{
"id": "MetadataProxyStatisticsPerSegment",
"module_id": "PolicyMetadataProxy",
"properties": {
"error_responses_from_nova_server": {
"required": true,
"title": "error responses from nova server",
"type": "integer"
},
"requests_from_clients": {
"required": true,
"title": "requests from clients",
"type": "integer"
},
"requests_to_nova_server": {
"required": true,
"title": "requests to nova server",
"type": "integer"
},
"responses_to_clients": {
"required": true,
"title": "responses to clients",
"type": "integer"
},
"segment_path": {
"required": true,
"title": "Policy path of the attached segment",
"type": "string"
},
"succeeded_responses_from_nova_server": {
"required": true,
"title": "succeeded responses from nova server",
"type": "integer"
}
},
"type": "object"
}
MetadataProxyStatisticsRequestParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "DataSourceParameters
},
"id": "MetadataProxyStatisticsRequestParameters",
"module_id": "AggSvcMetadataProxy",
"properties": {
"logical_switch_id": {
"required": false,
"title": "The uuid of logical switch",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
MetadataProxyStatus (type) (Deprecated)
{
"deprecated": true,
"id": "MetadataProxyStatus",
"module_id": "AggSvcMetadataProxy",
"properties": {
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"proxy_status": {
"description": "UP means the metadata proxy is working fine on both transport-nodes(if have); DOWN means the metadata proxy is is down on both transport-nodes(if have), hence the metadata proxy will not repsonse any metadata request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working in one of the transport node while not in the other transport-node (if have). Hence if the metadata proxy in the working transport-node goes down, the metadata proxy will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP"
],
"required": true,
"type": "string"
},
"transport_nodes": {
"description": "Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes.",
"items": {
"type": "string"
},
"required": true,
"title": "ids of transport nodes where this metadata proxy is running",
"type": "array"
}
},
"type": "object"
}
MetricsAgent (type)
{
"description": "Intent resource created for Metrics",
"extends": {
"$ref": "UAAgentCommonResource
},
"id": "MetricsAgent",
"module_id": "MetricsAgent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_action": {
"description": "Action to perform for NSX+ agents",
"enum": [
"ONBOARD",
"OFFBOARD",
"FORCE_OFFBOARD"
],
"required": true,
"title": "Admin Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"correlation_id": {
"description": "Unique identifier created by DGS",
"required": true,
"title": "Correlation Identifier provided by DGS",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_time_series_metrics_ingestion": {
"default": false,
"description": "This flag denotes if metrics agent is configured to ingest timeseries metrics or not.",
"required": false,
"title": "Enable time series metrics ingestion",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"instance_id": {
"description": "Id of the NSX+ Instance where the site is onboarded.",
"required": true,
"title": "Instance id",
"type": "string"
},
"log_level": {
"default": "INFO",
"description": "Configure log level for NSX+ agents",
"enum": [
"INFO",
"DEBUG"
],
"required": false,
"title": "Log Level",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"org_id": {
"description": "Id of the NSX+ Organization where the site is onboarded.",
"required": true,
"title": "Org id",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receiver_endpoint": {
"description": "Receiver endpoint used by NSX+ agents to communicate with the cloud",
"required": true,
"title": "Receiver Endpoint",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Metrics Agent",
"type": "object"
}
MgmtConnStatus (type)
{
"additionalProperties": false,
"id": "MgmtConnStatus",
"module_id": "ClusterManagement",
"properties": {
"connectivity_status": {
"enum": [
"CONNECTED",
"DISCONNECTED",
"UNKNOWN"
],
"readonly": true,
"title": "Indicates the controller node's MP channel connectivity status",
"type": "string"
}
},
"type": "object"
}
MigrateGatewayWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Migrate default gateway workflow spec",
"extends": {
"$ref": "WorkflowSpec
},
"id": "MigrateGatewayWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "MigrateGatewayWorkflowSpec"
},
"properties": {
"advertise_subnet_to_tier0": {
"default": true,
"description": "If this flag is true, the segment's subnets will be advertised to the Tier-0 router connected by the Tier-1 router specified by the property \"tier1_path\".",
"readonly": false,
"required": false,
"title": "Advertise subnet flag",
"type": "boolean"
},
"ipv4_gateway": {
"description": "Gateway IPv4 address in CIDR format.",
"format": "ipv4-cidr-block",
"readonly": false,
"required": false,
"title": "IPv4 gateway",
"type": "string"
},
"ipv6_gateway": {
"description": "Gateway IPv6 address in CIDR format.",
"format": "ipv6-cidr-block",
"readonly": false,
"required": false,
"title": "IPv6 gateway",
"type": "string"
},
"ndra_profile_path": {
"description": "Policy path of Neighbor Discovery Router Advertisement (NDRA) profile. This profile will be applied to the downlink logical router port created in the Tier-1 router specified by the property \"tier1_path\". If this field is empty, the NDRA profile of the Tier-1 router will be applied. This profile must match the NDRA profile in the underlay router to which the DVPG VLAN is connected.",
"readonly": false,
"required": false,
"title": "NDRA profile path",
"type": "string"
},
"segment_path": {
"description": "Path of the segment which will connect to a Tier-1 router as the default gateway",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"tier1_path": {
"description": "Path of Tier-1 router to which the segment specified by property \"segment_path\" will connect as default gateway.",
"readonly": false,
"required": true,
"title": "Tier-1 router path",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
}
},
"title": "Migrate default gateway workflow spec",
"type": "object"
}
MigrateVmsWorkflowSpec (type)
{
"additionalProperties": false,
"description": "Migrate VMs workflow spec",
"extends": {
"$ref": "WorkflowSpec
},
"id": "MigrateVmsWorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "MigrateVmsWorkflowSpec"
},
"properties": {
"dvpg_id_and_segment_path_pairs": {
"description": "List of DVPG ID and segment path pair.",
"items": {
"$ref": "DvpgIdAndSegmentPathPair
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "List of DVPG ID and segment path pair",
"type": "array"
},
"target_cluster": {
"description": "Target cluster.",
"readonly": false,
"required": false,
"title": "Target cluster",
"type": "string"
},
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
},
"vm_ids": {
"description": "List of VM IDs.",
"items": {
"type": "string"
},
"maxItems": 200,
"minItems": 1,
"readonly": false,
"required": true,
"title": "List of VM IDs",
"type": "array",
"uniqueItems": true
}
},
"title": "Migrate VMs workflow spec",
"type": "object"
}
MigratedObject (type)
{
"additionalProperties": false,
"id": "MigratedObject",
"module_id": "PolicyMigration",
"properties": {
"parent_resource_id": {
"description": "Parent resource id.",
"required": false,
"title": "Parent resource id.",
"type": "string"
},
"parent_resource_type": {
"description": "Parent resource type.",
"required": false,
"title": "Parent resource type.",
"type": "string"
},
"policy_id": {
"description": "Policy id.",
"required": false,
"title": "Policy id.",
"type": "string"
},
"policy_path": {
"description": "Policy path.",
"required": false,
"title": "Policy path.",
"type": "string"
},
"resource_id": {
"description": "Resource id.",
"required": false,
"title": "Resource id.",
"type": "string"
},
"resource_type": {
"description": "Resource type.",
"required": false,
"title": "Resource type.",
"type": "string"
}
},
"title": "Migrated resource.\n",
"type": "object"
}
MigratedObjectListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigratedObjectListResult",
"module_id": "PolicyMigration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Migrated resource list results.",
"items": {
"$ref": "MigratedObject
},
"required": true,
"title": "Migrated resource list results.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigratedResourceListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigratedResourceListParameters",
"module_id": "MPPolicyMigration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_id": {
"description": "Resource id.",
"required": false,
"title": "Resource id",
"type": "string"
},
"resource_type": {
"description": "Resource type.",
"enum": [
"IPBLOCK",
"IPPOOL",
"IPBLOCK_SUBNET",
"IPPOOL_ALLOCATION",
"TIER0",
"TIER1",
"TIER0_LOGICAL_ROUTER_PORT",
"TIER1_LOGICAL_ROUTER_PORT",
"TIER0_LOGICAL_ROUTER_CONFIG",
"SPOOFGUARD_PROFILES",
"LOGICAL_SWITCH",
"LOGICAL_PORT",
"NAT",
"IP_SET",
"NS_GROUP",
"CERTIFICATE",
"CRL",
"LB_MONITOR",
"LB_POOL",
"LB_PERSISTENCE_PROFILE",
"LB_APPLICATION_PROFILE",
"LB_SERVICE",
"LB_CLIENT_SSL_PROFILE",
"LB_VIRTUAL_SERVER",
"DFW_SECTION"
],
"required": true,
"title": "Resource type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Migrated Resource list parameters",
"type": "object"
}
MigratedResourceMapping (type)
{
"additionalProperties": false,
"description": "Provide stats about ongoing MP2Policy promotion.",
"id": "MigratedResourceMapping",
"module_id": "MPPolicyMigration",
"properties": {
"failed_mp_resources": {
"description": "Failed resources details not migrated successfully.",
"items": {
"$ref": "MigratedTypeMap
},
"required": false,
"title": "Map of the failed resources.",
"type": "array"
},
"failed_objects_count": {
"description": "Count of total MP objects failed to be promoted.",
"required": false,
"title": "failed mp resource count",
"type": "integer"
},
"promoted_objects_count": {
"description": "Count of total MP objects been promoted successfully.",
"required": false,
"title": "promoted mp resource count",
"type": "integer"
},
"promotion_status": {
"description": "Status of MP2Policy promotion.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"PROCESSING",
"DONE"
],
"required": false,
"title": "Promotion status",
"type": "string"
},
"resource_map": {
"description": "Promoted migrated resource map.",
"items": {
"$ref": "MigratedTypeMap
},
"required": false,
"title": "Map of the migrated resource of this type",
"type": "array"
},
"resource_type": {
"description": "Type of resource been migrated.",
"required": false,
"title": "Resource type",
"type": "string"
},
"total_count": {
"description": "Count of total MP objects been migrated.",
"required": false,
"title": "Total mp resource count",
"type": "integer"
}
},
"title": "Provide stats about ongoing MP2Policy promotion\n",
"type": "object"
}
MigratedResourceTypeParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigratedResourceTypeParameters",
"module_id": "MPPolicyMigration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"description": "Resource type.",
"enum": [
"IPBLOCK",
"IPPOOL",
"IPBLOCK_SUBNET",
"IPPOOL_ALLOCATION",
"TIER0",
"TIER1",
"TIER0_LOGICAL_ROUTER_PORT",
"TIER1_LOGICAL_ROUTER_PORT",
"TIER0_LOGICAL_ROUTER_CONFIG",
"SPOOFGUARD_PROFILES",
"LOGICAL_SWITCH",
"LOGICAL_PORT",
"NAT",
"IP_SET",
"NS_GROUP",
"CERTIFICATE",
"CRL",
"LB_MONITOR",
"LB_POOL",
"LB_PERSISTENCE_PROFILE",
"LB_APPLICATION_PROFILE",
"LB_SERVICE",
"LB_CLIENT_SSL_PROFILE",
"LB_VIRTUAL_SERVER",
"DFW_SECTION"
],
"required": false,
"title": "Resource type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Migrated Resource list parameters",
"type": "object"
}
MigratedTypeMap (type)
{
"additionalProperties": false,
"description": "Each Mp object promoted mapped with its respective Policy resource.",
"id": "MigratedTypeMap",
"module_id": "MPPolicyMigration",
"properties": {
"error_list": {
"items": {
"$ref": "FeedBackErrorMessage
},
"required": true,
"title": "Error array list",
"type": "array"
},
"mp_resource_id": {
"required": false,
"title": "Mp Resource id",
"type": "string"
},
"mp_resource_type": {
"required": false,
"title": "MP Resource type",
"type": "string"
},
"policy_resource_id": {
"required": false,
"title": "Policy Resource id",
"type": "string"
},
"policy_resource_path": {
"required": false,
"title": "Policy Resource path",
"type": "string"
}
},
"type": "object"
}
MigrationComponentTypeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationComponentTypeListRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which migration unit groups to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationDataDownloadRequest (type)
{
"additionalProperties": false,
"id": "MigrationDataDownloadRequest",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file_type": {
"enum": [
"VRA_INPUT",
"VRA_OUTPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING",
"MIGRATION_REPORT"
],
"readonly": false,
"required": true,
"title": "Type of the Migration data file that needs to be downloaded.",
"type": "string"
}
},
"type": "object"
}
MigrationDataInfo (type)
{
"additionalProperties": false,
"id": "MigrationDataInfo",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": true,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file_location": {
"readonly": true,
"required": false,
"title": "Absolute location of the file.",
"type": "string"
},
"file_type": {
"enum": [
"VRA_INPUT",
"VRA_OUTPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING",
"MIGRATION_REPORT"
],
"readonly": true,
"required": true,
"title": "Type of the Migration data file for which info is requested.",
"type": "string"
},
"is_present": {
"readonly": true,
"required": true,
"title": "Indicates if the file is present.",
"type": "boolean"
}
},
"type": "object"
}
MigrationDataInfoRequest (type)
{
"additionalProperties": false,
"id": "MigrationDataInfoRequest",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file_type": {
"enum": [
"VRA_INPUT",
"VRA_OUTPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING",
"MIGRATION_REPORT"
],
"readonly": false,
"required": true,
"title": "Type of the Migration data file for which info is needed.",
"type": "string"
}
},
"type": "object"
}
MigrationDataUploadRequest (type)
{
"additionalProperties": false,
"id": "MigrationDataUploadRequest",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"file": {
"readonly": false,
"required": true,
"title": "Migration data file to upload.",
"type": "multipart_file"
},
"file_type": {
"enum": [
"VRA_INPUT",
"EDGE_CUTOVER_MAPPING",
"BYOT_L3_MAPPING",
"AVI_LB_MAPPING"
],
"readonly": false,
"required": true,
"title": "Type of the Migration data file that is being uploaded.",
"type": "string"
}
},
"type": "object"
}
MigrationFeedbackCategory (type)
{
"additionalProperties": false,
"description": "Categorization of feedback requests from the migration tool where user input is required.",
"id": "MigrationFeedbackCategory",
"module_id": "Migration",
"properties": {
"accepted_values": {
"description": "List of acceptable values for this feedback request.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Acceptable values for this feedback request",
"type": "array"
},
"category": {
"description": "Functional area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional area for the feedback query",
"type": "string"
},
"count": {
"description": "Total number of feedback requests for this functional area.",
"readonly": true,
"required": true,
"title": "Total number of feedback requests for this functional area",
"type": "int"
},
"resolved": {
"description": "Total number of resolved feedback requests for this functional area.",
"readonly": true,
"required": true,
"title": "Count of resolved feedback requests for this functional area",
"type": "int"
}
},
"title": "Category of feedback for Migration",
"type": "object"
}
MigrationFeedbackRequest (type)
{
"additionalProperties": false,
"description": "Detailed feedback requests from the migration tool where user input is required.",
"id": "MigrationFeedbackRequest",
"module_id": "Migration",
"properties": {
"accepted_actions": {
"description": "List of acceptable actions for this feedback request.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Acceptable actions for this feedback request",
"type": "array"
},
"accepted_value_type": {
"description": "Data type of the items listed in acceptable values list.",
"readonly": true,
"required": true,
"title": "Data type of the items listed in acceptable values",
"type": "string"
},
"accepted_values": {
"description": "List of acceptable values for this feedback request.",
"items": {
"type": "string"
},
"required": false,
"title": "Acceptable values for this feedback request",
"type": "array"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": true,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"hash": {
"description": "Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.",
"readonly": true,
"required": false,
"title": "Identifier for a feedback request type",
"type": "string"
},
"id": {
"description": "Identifier of the feedback request.",
"readonly": true,
"required": true,
"title": "UUID of the feedback request",
"type": "string"
},
"message": {
"description": "Detailed feedback request with options.",
"readonly": true,
"required": true,
"title": "Content of feedback request",
"type": "string"
},
"multi_value": {
"description": "Indicates if multiple values can be selected as response from the list of acceptable value.",
"readonly": true,
"required": true,
"title": "Indicates if multiple values can be selected as response",
"type": "boolean"
},
"object_id": {
"description": "Identifier of the object for which feedback is requested.",
"readonly": true,
"required": false,
"title": "UUID of the object",
"type": "string"
},
"rejected": {
"description": "Indicates if previous response was invalid. Please provide a valid response.",
"readonly": true,
"required": false,
"title": "Indicates if the previous feedback response was rejected",
"type": "boolean"
},
"resolution": {
"description": "If the feedback request was resolved earlier, provides details about the previous resolution.",
"readonly": true,
"required": false,
"title": "Previous resolution details for this feedback request",
"type": "string"
},
"resolved": {
"description": "Indicates if a valid response already exist for this feedback request.",
"readonly": true,
"required": false,
"title": "Indicates if this feedback request has already been resolved",
"type": "boolean"
},
"sub_vertical": {
"description": "Functional sub-area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional sub-area for the feedback query",
"type": "string"
},
"suggested_action": {
"description": "The suggested action to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested action for this feedback request",
"type": "string"
},
"suggested_value": {
"description": "The suggested value to resolve this feedback request.",
"readonly": true,
"required": true,
"title": "Suggested value for this feedback request",
"type": "string"
},
"v_object_id": {
"description": "Identifier for this object in the source NSX endpoint.",
"readonly": true,
"required": true,
"title": "Id of this object in the source NSX endpoint",
"type": "string"
},
"v_object_name": {
"description": "Name of this object in the source NSX endpoint.",
"readonly": true,
"required": true,
"title": "Name of this object in the source NSX endpoint",
"type": "string"
},
"vertical": {
"description": "Functional area that this query falls into.",
"readonly": true,
"required": true,
"title": "Functional area for the feedback query",
"type": "string"
}
},
"title": "Feedback detail required for Migration",
"type": "object"
}
MigrationFeedbackRequestListResult (type)
{
"additionalProperties": false,
"description": "List of detailed feedback requests from the migration tool where user input is required.",
"extends": {
"$ref": "ListResult
},
"id": "MigrationFeedbackRequestListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationFeedbackRequest
},
"readonly": false,
"required": true,
"title": "Paged Collection of feedback requests",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of feedback required for Migration",
"type": "object"
}
MigrationFeedbackResponse (type)
{
"additionalProperties": false,
"description": "Detailed feedback requests from the migration tool where user input is required.",
"id": "MigrationFeedbackResponse",
"module_id": "Migration",
"properties": {
"action": {
"description": "Action selected in response to the feedback request.",
"readonly": false,
"required": true,
"title": "Action selected for feedback request",
"type": "string"
},
"id": {
"description": "Identifier of the feedback request.",
"readonly": false,
"required": true,
"title": "UUID of the feedback request",
"type": "string"
},
"value": {
"description": "User input provided in response to the feedback request.",
"readonly": false,
"required": false,
"title": "User input for the feedback query",
"type": "string"
},
"values": {
"description": "User input provided in the form of a list of values in response to the feedback request.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "User input with multiple values for the feedback query",
"type": "array"
}
},
"title": "Feedback details required for Migration",
"type": "object"
}
MigrationFeedbackResponseList (type)
{
"additionalProperties": false,
"description": "List of detailed feedback response for the migration tool.",
"id": "MigrationFeedbackResponseList",
"module_id": "Migration",
"properties": {
"response_list": {
"description": "List of feedback responses.",
"items": {
"$ref": "MigrationFeedbackResponse
},
"readonly": false,
"required": true,
"title": "List of feedback responses",
"type": "array"
}
},
"title": "List of feedback reponse for Migration",
"type": "object"
}
MigrationFeedbackSummaryListResult (type)
{
"additionalProperties": false,
"description": "List of feedback categories and count of requests in each category.",
"extends": {
"$ref": "ListResult
},
"id": "MigrationFeedbackSummaryListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"feedback_resolution_job_status": {
"enum": [
"RUNNING",
"NOT_RUNNING"
],
"readonly": true,
"required": false,
"title": "Feedback resolution job status",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationFeedbackCategory
},
"readonly": false,
"required": true,
"title": "Paged Collection of feedback categories",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of feedback categories for Migration",
"type": "object"
}
MigrationGroupStatusListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationGroupStatusListRequestParameters",
"module_id": "Migration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only migration units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationMappingResult (type)
{
"additionalProperties": false,
"id": "MigrationMappingResult",
"module_id": "MPPolicyMigration",
"properties": {
"migrated_resource_mapping": {
"description": "Promotion stats list results.",
"items": {
"$ref": "MigratedResourceMapping
},
"required": false,
"title": "Promotion stats list results.",
"type": "array"
}
},
"type": "object"
}
MigrationNodeInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationNodeInfoListRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which nodes will be filtered",
"type": "string"
},
"component_version": {
"readonly": false,
"required": false,
"title": "Component version based on which nodes will be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationPlanResetRequest (type)
{
"additionalProperties": false,
"id": "MigrationPlanResetRequest",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"type": "object"
}
MigrationPlanSettings (type)
{
"additionalProperties": false,
"id": "MigrationPlanSettings",
"module_id": "Migration",
"properties": {
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Migration Method to specify whether the migration is to be performed serially or in parallel",
"type": "boolean"
},
"pause_after_each_group": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the migration after migration of each group is completed",
"type": "boolean"
},
"pause_on_error": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the migration plan execution when an error occurs",
"type": "boolean"
}
},
"type": "object"
}
MigrationSetupInfo (type)
{
"additionalProperties": false,
"description": "Details about source and destination NSX setup to be migrated",
"id": "MigrationSetupInfo",
"module_id": "Migration",
"properties": {
"avi_lb_endpoint": {
"$ref": "AviEndPoint,
"description": "AVI LB endpoint details.",
"readonly": true,
"required": false,
"title": "AVI LB endpoint details"
},
"create_segment_ports": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to create missing segment ports",
"type": "boolean"
},
"destination_nsx": {
"$ref": "DestinationNsxApiEndpoint,
"description": "IP address or hostname of the destination NSX API endpoint.",
"readonly": false,
"required": false,
"title": "Destination NSX API endpoint"
},
"esg_to_router_mapping_option": {
"description": "Mapping option can be - - UI - FILE_UPLOAD - NO_MAPPING",
"enum": [
"UI",
"FILE_UPLOAD",
"NO_MAPPING"
],
"readonly": true,
"required": false,
"title": "Mapping option",
"type": "string"
},
"migration_mode": {
"default": "ONPREMISE_V2T",
"description": "Migration mode can be - - VMC_V2T - ONPREMISE_VSPHERE2T - ONPREMISE_V2T - CMP_VRA - FULL_MIGRATION_WITH_BYOT - FULL_MIGRATION_WITH_BYOT_ON_FEDERATION - FULL_MIGRATION_WITH_BYOT_AND_VRA - FULL_MIGRATION_WITH_BYOT_AND_VRA_ON_FEDERATION - CONFIG_MIGRATION_ONLY_WITH_BYOT - CONFIG_AND_EDGE_MIGRATION_WITH_BYOT - CONFIG_MIGRATION_ONLY_WITH_BYOT_ON_FEDERATION - CONFIG_AND_EDGE_MIGRATION_WITH_BYOT_ON_FEDERATION - EDGE_CUTOVER - DFW_ONLY - DFW_WITH_BRIDGED_SEG - DFW_AND_HOST_AND_WORKLOAD - DFW_AND_HOST_AND_WORKLOAD_WITH_BRIDGED_SEG",
"enum": [
"VMC_V2T",
"ONPREMISE_VSPHERE2T",
"ONPREMISE_V2T",
"CMP_VRA",
"FULL_MIGRATION_WITH_BYOT",
"FULL_MIGRATION_WITH_BYOT_ON_FEDERATION",
"FULL_MIGRATION_WITH_BYOT_AND_VRA",
"FULL_MIGRATION_WITH_BYOT_AND_VRA_ON_FEDERATION",
"CONFIG_MIGRATION_ONLY_WITH_BYOT",
"CONFIG_AND_EDGE_MIGRATION_WITH_BYOT",
"CONFIG_MIGRATION_ONLY_WITH_BYOT_ON_FEDERATION",
"CONFIG_AND_EDGE_MIGRATION_WITH_BYOT_ON_FEDERATION",
"EDGE_CUTOVER",
"DFW_ONLY",
"DFW_WITH_BRIDGED_SEG",
"DFW_AND_HOST_AND_WORKLOAD",
"DFW_AND_HOST_AND_WORKLOAD_WITH_BRIDGED_SEG"
],
"readonly": false,
"required": false,
"title": "Migration mode",
"type": "string"
},
"nsxt_site_to_avi_mappings": {
"description": "List of mappings between NSX-T site and Avi. This will be populated only when the migration is executed on a cross VC setup.",
"items": {
"$ref": "NsxtSiteToAviMapping
},
"readonly": true,
"required": false,
"title": "List of mappings between NSX-T site and Avi",
"type": "array"
},
"nsxt_sites": {
"description": "Comprehensive information about NSX-T multi site setup. This will be populated only when the migration is executed on a cross VC setup.",
"items": {
"$ref": "NsxtSite
},
"readonly": true,
"required": false,
"title": "Comprehensive information about NSX-T Federation setup",
"type": "array"
},
"nsxv_sites": {
"description": "Comprehensive information about NSX-V multi site setup. This will be populated only when the migration is executed on a cross VC setup.",
"items": {
"$ref": "SourceNsxApiEndpoint
},
"readonly": true,
"required": false,
"title": "Comprehensive information about NSX-V multi site setup",
"type": "array"
},
"source_nsx": {
"description": "List of source NSX manager endpoints.",
"items": {
"$ref": "SourceNsxApiEndpoint
},
"readonly": false,
"required": false,
"title": "List of source NSX managers",
"type": "array"
},
"v2t_site_mappings": {
"description": "List of site mappings between NSX-V and NSX-T. This will be populated only when the migration is executed on a cross VC setup.",
"items": {
"$ref": "V2tSiteMapping
},
"readonly": true,
"required": false,
"title": "List of mappings between NSX-V and NSX-T sites",
"type": "array"
}
},
"title": "Details about source and destination NSX setup",
"type": "object"
}
MigrationStats (type)
{
"additionalProperties": false,
"description": "Provide stats about ongoing MP2Policy promotion.",
"id": "MigrationStats",
"module_id": "MPPolicyMigration",
"properties": {
"failed_objects_count": {
"required": false,
"title": "failed mp resource count",
"type": "string"
},
"promoted_objects_count": {
"required": false,
"title": "promoted mp resource count",
"type": "string"
},
"promotion_status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"PROCESSING",
"DONE"
],
"required": false,
"title": "Promotion status",
"type": "string"
},
"resource_type": {
"required": false,
"title": "Resource type",
"type": "string"
},
"total_count": {
"required": false,
"title": "Total mp resource count",
"type": "string"
}
},
"title": "Provide stats about ongoing MP2Policy promotion\n",
"type": "object"
}
MigrationStatsRequestParameters (type)
{
"additionalProperties": false,
"description": "MigrationStats Request Parameters",
"id": "MigrationStatsRequestParameters",
"module_id": "MPPolicyMigration",
"properties": {
"location": {
"default": "CURRENT",
"description": "Location flag corresponds to the version of stats. It can be CURRENT - stats of current promotion ARCHIVED - stats of previous promotion",
"enum": [
"CURRENT",
"ARCHIVED"
],
"required": false,
"title": "Location flag",
"type": "string"
},
"pre_promotion": {
"default": false,
"description": "This flag is only used for UI consumption. By default it's false . Flag to indicate whether to get stats before triggering promotion.",
"required": false,
"title": "Flag to indicate whether to get collection stats before triggering promotion",
"type": "boolean"
}
},
"title": "MigrationStats Request Parameters\n",
"type": "object"
}
MigrationStatsResult (type)
{
"additionalProperties": false,
"id": "MigrationStatsResult",
"module_id": "MPPolicyMigration",
"properties": {
"current_resource_type_in_promotion": {
"description": "This field used by UI which highlights the current resource type in promotion.",
"required": false,
"title": "Current Resource Type in Promotion",
"type": "string"
},
"migration_stats": {
"description": "Promotion stats list results.",
"items": {
"$ref": "MigrationStats
},
"required": false,
"title": "Promotion stats list results.",
"type": "array"
},
"total_count": {
"description": "Count of all objects being promoted. It is equal to sum of total_count for each resource type.",
"required": false,
"title": "Count of all objects being promoted.",
"type": "integer"
}
},
"type": "object"
}
MigrationStatus (type)
{
"additionalProperties": false,
"id": "MigrationStatus",
"module_id": "Migration",
"properties": {
"component_status": {
"items": {
"$ref": "ComponentMigrationStatus
},
"readonly": true,
"required": true,
"title": "List of component statuses",
"type": "array"
},
"overall_migration_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of migration",
"type": "string"
}
},
"type": "object"
}
MigrationStatusSummaryRequestParameters (type)
{
"additionalProperties": false,
"id": "MigrationStatusSummaryRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which migration units to be filtered",
"type": "string"
}
},
"type": "object"
}
MigrationSummary (type)
{
"additionalProperties": false,
"id": "MigrationSummary",
"module_id": "Migration",
"properties": {
"component_target_versions": {
"items": {
"$ref": "ComponentTargetVersion
},
"readonly": true,
"required": false,
"type": "array"
},
"migration_coordinator_version": {
"readonly": true,
"required": true,
"title": "Current version of migration coordinator",
"type": "string"
},
"migration_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of migration",
"type": "string"
},
"system_version": {
"readonly": true,
"required": true,
"title": "Current system version",
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"title": "Target system version",
"type": "string"
}
},
"type": "object"
}
MigrationSwitchInfo (type)
{
"additionalProperties": false,
"description": "Details about switch to be migrated",
"id": "MigrationSwitchInfo",
"module_id": "Migration",
"properties": {
"id": {
"description": "Switch Identifier.",
"readonly": true,
"required": true,
"title": "Switch id",
"type": "string"
},
"kind": {
"default": "DVS",
"description": "Kind of switch, can be DVS, VSS.",
"enum": [
"DVS",
"VSS"
],
"readonly": false,
"required": false,
"title": "Kind of switch",
"type": "string"
},
"name": {
"description": "Name of the switch.",
"readonly": false,
"required": false,
"title": "Switch name",
"type": "string"
},
"pnic_count": {
"description": "Number of PNICs associated with this switch.",
"readonly": true,
"required": false,
"title": "PNIC count",
"type": "int"
},
"version": {
"description": "Version of the switch to be migrated.",
"readonly": true,
"required": false,
"title": "Switch version",
"type": "string"
}
},
"title": "Details about switch to be migrated",
"type": "object"
}
MigrationSwitchListResult (type)
{
"additionalProperties": false,
"description": "Details about all the DVS and VSS present on the VC",
"extends": {
"$ref": "ListResult
},
"id": "MigrationSwitchListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "A paginated list of DVS/VSS present on the VC.",
"items": {
"$ref": "MigrationSwitchInfo
},
"readonly": false,
"required": false,
"title": "Paginated list of DVS/VSS present on the VC",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Details about all the DVS and VSS present on the VC",
"type": "object"
}
MigrationUnit (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MigrationUnit",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"current_version": {
"description": "This is component version e.g. if migration unit is of type HOST, then this is host version.",
"readonly": true,
"required": false,
"title": "Current version of migration unit",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the migration unit",
"type": "string"
},
"group": {
"$ref": "ResourceReference,
"readonly": true,
"required": false,
"title": "Info of the group to which this migration unit belongs"
},
"id": {
"description": "Identifier of the migration unit",
"readonly": true,
"required": true,
"title": "UUID of the migration unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about migration unit",
"type": "array"
},
"type": {
"readonly": false,
"required": false,
"title": "Migration unit type",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings indicating issues with the migration unit that may result in migration failure",
"type": "array"
}
},
"type": "object"
}
MigrationUnitAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MigrationUnitAggregateInfo",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during migration of this migration unit",
"type": "array"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of migration unit",
"type": "string"
},
"unit": {
"$ref": "MigrationUnit,
"description": "Details of the migration unit",
"readonly": true,
"required": true,
"title": "Migration unit info"
}
},
"type": "object"
}
MigrationUnitAggregateInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationUnitAggregateInfoListRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which migration units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "Identifier of group based on which migration units to be filtered",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only migration units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about migration unit to filter on",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"selection_status": {
"default": "ALL",
"enum": [
"SELECTED",
"DESELECTED",
"ALL"
],
"required": false,
"title": "Flag to indicate whether to return only selected, only deselected or both type of migration units",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitAggregateInfoListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of MigrationUnit AggregateInfo",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitGroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "MigrationUnitGroup",
"module_id": "Migration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether migration of this group is enabled or not",
"type": "boolean"
},
"extended_configuration": {
"items": {
"$ref": "KeyValuePair
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "Extended configuration for the group",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"migration_unit_count": {
"description": "Number of migration units in the group",
"readonly": true,
"required": false,
"title": "Count of migration units in the group",
"type": "int"
},
"migration_units": {
"items": {
"$ref": "MigrationUnit
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "List of migration units in the group",
"type": "array"
},
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Migration method to specify whether the migration is to be performed in parallel or serially",
"type": "boolean"
},
"pause_after_each_migration_unit": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether migration should be paused after migration of each migration-unit",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"type": "object"
}
MigrationUnitGroupAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "MigrationUnitGroupAggregateInfo",
"module_id": "Migration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the migration unit group that failed migration",
"type": "int"
},
"group": {
"$ref": "MigrationUnitGroup,
"readonly": false,
"required": true,
"title": "Migration unit group details"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Migration status of migration unit group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
MigrationUnitGroupAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitGroupAggregateInfoListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitGroupAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of migration status for migration unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationUnitGroupListRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which migration unit groups to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"summary": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag indicating whether to return summary",
"type": "boolean"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning migration unit groups",
"required": false,
"title": "Synchronize before returning migration unit groups",
"type": "boolean"
}
},
"type": "object"
}
MigrationUnitGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitGroupListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitGroup
},
"required": true,
"title": "Paged Collection of Migration unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitGroupStatus (type)
{
"additionalProperties": false,
"id": "MigrationUnitGroupStatus",
"module_id": "Migration",
"properties": {
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the migration unit group that failed migration",
"type": "int"
},
"group_id": {
"description": "Identifier for migration unit group",
"readonly": true,
"required": true,
"title": "UUID of migration unit group",
"type": "string"
},
"group_name": {
"description": "Name of the migration unit group",
"readonly": true,
"required": true,
"title": "Migration unit group Name",
"type": "string"
},
"migration_unit_count": {
"readonly": true,
"required": true,
"title": "Number of migration units in the group",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Migration status of migration unit group",
"type": "string"
}
},
"type": "object"
}
MigrationUnitGroupStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitGroupStatusListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitGroupStatus
},
"readonly": true,
"required": true,
"title": "Paged collection of migration status for migration unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitList (type)
{
"additionalProperties": false,
"id": "MigrationUnitList",
"module_id": "Migration",
"properties": {
"list": {
"items": {
"$ref": "MigrationUnit
},
"required": true,
"title": "Collection of Migration units",
"type": "array"
}
},
"type": "object"
}
MigrationUnitListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationUnitListRequestParameters",
"module_id": "Migration",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which migration units to be filtered",
"type": "string"
},
"current_version": {
"readonly": false,
"required": false,
"title": "Current version of migration unit based on which migration units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "UUID of group based on which migration units to be filtered",
"type": "string"
},
"has_warnings": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only migration units with warnings",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about migration unit to filter on",
"type": "string"
},
"migration_unit_type": {
"readonly": false,
"required": false,
"title": "Migration unit type based on which migration units to be filtered",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnit
},
"required": true,
"title": "Paged Collection of Migration units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitStatus (type)
{
"additionalProperties": false,
"id": "MigrationUnitStatus",
"module_id": "Migration",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "Name of migration unit",
"type": "string"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during migration of this migration unit",
"type": "array"
},
"id": {
"description": "Identifier of migration unit",
"readonly": true,
"required": true,
"title": "UUID of migration unit",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of migration progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of migration unit",
"type": "string"
}
},
"type": "object"
}
MigrationUnitStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitStatusListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitStatus
},
"required": true,
"title": "Paged Collection of migration units status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitTypeStats (type)
{
"additionalProperties": false,
"id": "MigrationUnitTypeStats",
"module_id": "Migration",
"properties": {
"node_count": {
"readonly": true,
"required": true,
"title": "Number of nodes",
"type": "int"
},
"node_with_issues_count": {
"readonly": true,
"required": false,
"title": "Number of nodes with issues that may cause migration failure",
"type": "int"
},
"type": {
"readonly": true,
"required": true,
"title": "Type of migration unit",
"type": "string"
},
"version": {
"readonly": true,
"required": true,
"title": "Version of the migration unit",
"type": "string"
}
},
"type": "object"
}
MigrationUnitTypeStatsList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MigrationUnitTypeStatsList",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MigrationUnitTypeStats
},
"readonly": true,
"required": false,
"title": "List of migration unit type stats",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MigrationUnitsStatsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MigrationUnitsStatsRequestParameters",
"module_id": "Migration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning migration unit stats",
"required": false,
"title": "Synchronize before returning migration unit stats",
"type": "boolean"
}
},
"type": "object"
}
MirrorDestination (type)
{
"abstract": true,
"id": "MirrorDestination",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"$ref": "MirrorDestinationResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorDestination'",
"required": true
}
},
"type": "object"
}
MirrorDestinationResourceType (type)
{
"additionalProperties": false,
"enum": [
"LogicalPortMirrorDestination",
"PnicMirrorDestination",
"IPMirrorDestination"
],
"id": "MirrorDestinationResourceType",
"module_id": "PortMirroring",
"title": "Resource types of mirror destination",
"type": "string"
}
MirrorSource (type)
{
"abstract": true,
"id": "MirrorSource",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"$ref": "MirrorSourceResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'",
"required": true
}
},
"type": "object"
}
MirrorSourceResourceType (type)
{
"additionalProperties": false,
"enum": [
"LogicalPortMirrorSource",
"PnicMirrorSource",
"VlanMirrorSource",
"LogicalSwitchMirrorSource"
],
"id": "MirrorSourceResourceType",
"module_id": "PortMirroring",
"title": "Resource types of mirror source",
"type": "string"
}
MirrorStackStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "MirrorStackStatusListResult",
"module_id": "PortMirroring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"overall_status": {
"$ref": "MirrorStackStatusType,
"description": "SUCCESS if all the TN's stack status are SUCCESS, FAILED if some of the TN's stack status are FAILED.",
"required": true,
"title": "Overall mirror stack status for all the TNs"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List all TN nodes which spaned in remote L3 mirror session mirror stack health status detailed info, including mirror stack status, vmknic status, TN node ID, TN node name and last updated status timestamp.",
"items": {
"$ref": "TnNodeStackSpanStatus
},
"required": true,
"title": "All TN nodes in remote L3 mirror session mirror stack health status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MirrorStackStatusType (type)
{
"additionalProperties": false,
"description": "MirrorStackStatusType indicates the health result after user configured mirror stack on L3PortMirrorSession. When configure mirror stack on L3PortMirrorSession, it has two preconditions, ESXi has been configured mirror stack and vmknic has been bounded to the stack. SUCCESS means the host has mirror stack and vmknic has been bounded to the stack, FAILED means either there is no mirror stack or the vmknic not bounded to it.",
"enum": [
"UNKNOWN",
"SUCCESS",
"FAILED"
],
"id": "MirrorStackStatusType",
"module_id": "PortMirroring",
"title": "Mirror stack status type",
"type": "string"
}
MiscConfig (type)
{
"extends": {
"$ref": "HighPerformanceConfig
},
"id": "MiscConfig",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "MISC_CONFIG"
},
"properties": {
"high_performance_config_params": {
"items": {
"$ref": "HighPerformanceConfigParams
},
"title": "List of parameters that could be used to configure high performance.",
"type": "array"
},
"high_performance_config_type": {
"enum": [
"ADV_CONFIG",
"DRIVER_CONFIG",
"MISC_CONFIG"
],
"required": true,
"title": "The specific type of config.",
"type": "string"
},
"uplink_rx_ring_size": {
"maximum": 8196,
"minimum": 512,
"title": "This property will be required to change the RX ring size\nof all uplinks in DVS. It should be in multiples of 32.\n",
"type": "int"
},
"uplink_tx_ring_size": {
"maximum": 8196,
"minimum": 512,
"title": "This property will be required to change the TX ring size\nof all uplinks in DVS. It should be in multiples of 32.\n",
"type": "int"
},
"version": {
"items": {
"type": "string"
},
"required": false,
"title": "Based on the high_performance_config_type, it could\nbe either driver version or host version. For\nhigh_performance_config_type as ADV_CONFIG or MISC_CONFIG,\nthis represents host version. For high_performance_config_type\nas DRIVER_CONFIG, this represents physical NIC driver version.\n",
"type": "array"
}
},
"title": "These are miscellaneous configuration options.",
"type": "object"
}
MissingLoggingServerConfigInfo (type)
{
"description": "Shows the missing logging Server config node's information.",
"id": "MissingLoggingServerConfigInfo",
"module_id": "CentralConfig",
"properties": {
"node_display_name": {
"description": "Display name of a node that isn't configured with a remote logging server.",
"required": false,
"title": "Display Name of Node",
"type": "string"
},
"node_id": {
"description": "ID of a node that isn't configured with a remote logging server.",
"required": false,
"title": "ID of Node",
"type": "string"
}
},
"title": "Missing Logging Server Config Info",
"type": "object"
}
MissingLoggingServerConfigInfoList (type)
{
"description": "Shows the missing logging Server config node's information",
"id": "MissingLoggingServerConfigInfoList",
"module_id": "CentralConfig",
"properties": {
"global_manager": {
"description": "Global Manager nodes that are missing remote logging server configuration identified by node ID and node display name.",
"items": {
"$ref": "MissingLoggingServerConfigInfo
},
"title": "Missing Logging Server Config Information for Global Manager nodes",
"type": "array"
},
"nsx_edge": {
"description": "NSX Edge nodes that are missing remote logging server configuration identified by node ID and node display name.",
"items": {
"$ref": "MissingLoggingServerConfigInfo
},
"title": "Missing Logging Server Config Information for NSX Edge nodes",
"type": "array"
},
"nsx_esxi": {
"description": "ESXi nodes that are missing remote logging server configuration identified by node ID and node display name.",
"items": {
"$ref": "MissingLoggingServerConfigInfo
},
"title": "Missing Logging Server Config Information for NSX ESXi nodes",
"type": "array"
},
"nsx_manager": {
"description": "NSX Manager nodes that are missing remote logging server configuration identified by node ID and node display name.",
"items": {
"$ref": "MissingLoggingServerConfigInfo
},
"title": "Missing Logging Server Config Information for NSX Manager Nodes",
"type": "array"
},
"nsx_public_cloud_gateway": {
"description": "NSX Public Cloud Gateway nodes that are missing remote logging server configuration identified by node ID and node display name.",
"items": {
"$ref": "MissingLoggingServerConfigInfo
},
"title": "Missing Logging Server Config Information for NSX Public Cloud Gateway nodes",
"type": "array"
}
},
"title": "Missing Logging Server Config Information List",
"type": "object"
}
MissingLoggingServerResponse (type)
{
"description": "Shows the missing logging server config related information.",
"id": "MissingLoggingServerResponse",
"module_id": "CentralConfig",
"properties": {
"nodes_missing_remote_logging_configuration": {
"items": {
"$ref": "MissingLoggingServerConfigInfoList
},
"required": true,
"title": "Missing Logging Server Information for All Nodes",
"type": "object"
}
},
"title": "Missing Logging Server Response",
"type": "object"
}
MitreAttack (type)
{
"additionalProperties": false,
"description": "Contain Mitre attack details like tacticName, tacticUrl, techniqueName and techniqueUrl.",
"id": "MitreAttack",
"module_id": "PolicyIDSMetrics",
"properties": {
"tactic_name": {
"description": "Represents tactic name of attack.",
"title": "Tactic Name",
"type": "string"
},
"tactic_url": {
"description": "Represents tactic url of attack.",
"title": "Tactic Url",
"type": "string"
},
"technique_name": {
"description": "Represents technique name of attack.",
"title": "Technique Name",
"type": "string"
},
"technique_url": {
"description": "Represents technique url of attack.",
"title": "Technique Url",
"type": "string"
}
},
"title": "Mitre Attack",
"type": "object"
}
MonitorQueryType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "MonitorQueryType is used to query load balancer monitors. LbActiveMonitor represents active load balancer monitors. While LbActiveMonitor is specified to query load balancer monitors, it returns all active monitors, including LbHttpMonitor, LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor.",
"enum": [
"LbHttpMonitor",
"LbHttpsMonitor",
"LbIcmpMonitor",
"LbTcpMonitor",
"LbUdpMonitor",
"LbPassiveMonitor",
"LbActiveMonitor"
],
"id": "MonitorQueryType",
"module_id": "LoadBalancer",
"title": "monitor query type",
"type": "string"
}
MonitorType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Load balancers monitor the health of backend servers to ensure traffic is not black holed. There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.",
"enum": [
"LbHttpMonitor",
"LbHttpsMonitor",
"LbIcmpMonitor",
"LbTcpMonitor",
"LbUdpMonitor",
"LbPassiveMonitor"
],
"id": "MonitorType",
"module_id": "LoadBalancer",
"title": "monitor type",
"type": "string"
}
MonitoringError (type)
{
"description": "Monitoring information is gathered from multiple sub-systems/components, using REST or RPC calls internally. It is quite possible for a component or sub-system fail, in which case it is captured as an error and reported.",
"id": "MonitoringError",
"module_id": "FederationObservability",
"properties": {
"error_code": {
"read_only": true,
"title": "NSX error code if available",
"type": "integer"
},
"error_message": {
"read_only": true,
"title": "Error mesage",
"type": "string"
},
"params": {
"items": {
"type": "object"
},
"read_only": true,
"title": "Parameters for construcing error details",
"type": "array"
}
},
"title": "Represents an error that occurred while gathering information",
"type": "object"
}
MonitoringEvent (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "MonitoringEvent",
"module_id": "Monitoring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"description": "Detailed description of the event.",
"readonly": true,
"title": "Detailed description of Event",
"type": "string"
},
"description_on_clear": {
"description": "Description of Event when an Event instance transitions from True to False.",
"readonly": true,
"title": "Description of event when cleared",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entity_resource_type": {
"description": "Resource Type of entity where this event is applicable eg. LogicalSwitch, LogicalPort etc.",
"readonly": true,
"title": "Resource Type of entity where this event is applicable",
"type": "string"
},
"event_false_snmp_oid": {
"description": "Optional field containing OID for SNMP trap sent when Event instance is False. This value is null if suppress_snmp_trap or suppress_clear_oid is True.",
"readonly": true,
"title": "OID for SNMP trap sent when Event instance is False",
"type": "string"
},
"event_tags": {
"description": "Tags applicable to event, for example, INFRASTRUCTURE or INTELLIGENCE.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Tags applicable to this event",
"type": "array"
},
"event_true_snmp_oid": {
"description": "Optional field containing OID for SNMP trap sent when Event instance is True. This value is null if suppress_snmp_trap is True.",
"readonly": true,
"title": "OID for SNMP trap sent when Event instance is True",
"type": "string"
},
"event_type": {
"description": "Name of Event, e.g. manager_cpu_usage_high, certificate_expired.",
"readonly": true,
"required": true,
"title": "Name of event type",
"type": "string"
},
"event_type_display_name": {
"description": "Display name of Event type.",
"readonly": true,
"required": true,
"title": "Display name of event type",
"type": "string"
},
"feature_display_name": {
"description": "Display name of feature defining this Event.",
"readonly": true,
"required": true,
"title": "Display name of feature",
"type": "string"
},
"feature_name": {
"description": "Feature defining this Event, e.g. manager_health, certificates.",
"readonly": true,
"required": true,
"title": "Feature defining this event",
"type": "string"
},
"id": {
"description": "Unique identifier in the form of feature_name.event_type.",
"readonly": true,
"required": true,
"title": "Identifier to identify an event_type uniquely",
"type": "string"
},
"is_disabled": {
"default": false,
"description": "Flag to indicate whether sampling for this Event is off or on.",
"title": "Indicate if event sampling is disabled",
"type": "boolean"
},
"is_sensitivity_fixed": {
"description": "Indicates if the sensitivity property is configurable via the API.",
"readonly": true,
"title": "Flag to indicate if sensitivity can be configured",
"type": "boolean"
},
"is_threshold_fixed": {
"description": "Indicates if the threshold property is configurable via the API.",
"readonly": true,
"title": "Flag to indicate if threshold can be configured",
"type": "boolean"
},
"is_threshold_floating_point": {
"description": "Flag to indicate if the threshold for this Event is a floating point number. If this value is true, the threshold_floating_point property is used to indicate the threshold at runtime; otherwise, the threshold property is used.",
"readonly": true,
"title": "Indicates if the threshold for this Event is a floating point value.\n",
"type": "boolean"
},
"kb_article": {
"description": "KB article link that contains more information on this event and recommended actions. Users can refer to the specified link if needed.",
"readonly": true,
"title": "Link to knowledge base article",
"type": "string"
},
"max_threshold": {
"description": "Maximum allowed threshold value if the threshold is configurable and a maximum value is applicable.",
"readonly": true,
"title": "Maximum allowed integer threshold value",
"type": "integer"
},
"max_threshold_floating_point": {
"description": "Maximum allowed floating point threshold value if the threshold_floating_point is configurable and a maximum value is applicable.",
"readonly": true,
"title": "Maximum allowed floating point threshold value",
"type": "number"
},
"min_threshold": {
"description": "Minimum allowed threshold value if the threshold is configurable and a minimum value is applicable.",
"readonly": true,
"title": "Minimum allowed integer point threshold value",
"type": "integer"
},
"min_threshold_floating_point": {
"description": "Minimum allowed floating point threshold value if the threshold_floating_point is configurable and a minimum value is applicable.",
"readonly": true,
"title": "Minimum allowed floating point threshold value",
"type": "number"
},
"node_types": {
"description": "Array identifying the nodes on which this Event is applicable. Can be one or more of the following values - nsx_public_cloud_gateway, nsx_edge, nsx_esx, nsx_kvm, nsx_manager.",
"items": {
"$ref": "MonitoringNodeType
},
"readonly": true,
"required": true,
"title": "Array identifying the nodes on which this Event is applicable",
"type": "array",
"uniqueItems": true
},
"recommended_action": {
"description": "Recommended action for the alarm condition.",
"readonly": true,
"title": "Recommended action steps",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sensitivity": {
"description": "Percentage of samples to consider and used in combination with threshold when determining whether an Event instance status is True or False. Event evaluation uses sampling to determine Event instance status. A higher sensitivity value specifies that more samples are used to ensure accuracy and ignore infrequent or rare spikes in sampled data.",
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Percentage of samples to consider",
"type": "integer"
},
"severity": {
"$ref": "MonitoringSeverity,
"description": "Severity of the Event.Can be one of - CRITICAL, HIGH, MEDIUM, LOW.",
"readonly": true,
"required": true,
"title": "Severity of the Event"
},
"summary": {
"description": "Summary description of the event.",
"readonly": true,
"title": "Summary description of Event",
"type": "string"
},
"suppress_alarm": {
"default": false,
"description": "Flag to suppress Alarm generation. Alarms are not generated for this Event when this is set to True.",
"title": "Flag to suppress Alarm generation",
"type": "boolean"
},
"suppress_snmp_trap": {
"default": false,
"description": "Flag to suppress SNMP trap generation. SNMP traps are not sent for this Event when this is set to True.",
"title": "Flag to suppress SNMP trap generation",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"threshold": {
"description": "Threshold to determine if a single sample is True. For example, if the configured threshold is 95% and the current CPU sample is 99%, then the current sample is considered True. Note, if is_threshold_floating_point is true, the threshold_floating_point property is used to indicate the threshold value.",
"required": true,
"title": "Threshold to determine if a single sample is True",
"type": "integer"
},
"threshold_floating_point": {
"description": "Floating point threshold to determine if a single sample is True. For example, if the configured threshold is 66.6 percent and the sample value is 68.8 percent, the current sample is considered True. Note, if is_threshold_floating_point is false, the threshold property is used to indicate the threshold value.",
"title": "Floating point threshold to determine if a single sample is True",
"type": "number"
},
"threshold_unit_type": {
"description": "Identifies the unit type of the threshold value.",
"enum": [
"DAYS",
"PERCENT",
"SECONDS",
"MILLISECONDS"
],
"readonly": true,
"title": "Identifies the unit type of the threshold value",
"type": "string"
},
"visibility": {
"description": "The visibility property enables enterprise_admin and site_reliability_engineer users to specify whether an event\u2019s corresponding alarm is visible to users assigned tenant roles in a multi-tenant deployment. By default, when the visibility property is not set, tenant users only see an alarm if they have access to the alarming entity per RBAC rules. Setting visibility to TENANT_NONE means even if a tenant user has RBAC access to the alarming entity, the user will not see the alarm. Setting visibility to TENANT_READ means if a tenant user does not have access to the alarming entity, the user will still have read only access to the alarm as long as the user has access to one of the paths specified in the visibility_paths property.",
"enum": [
"TENANT_NONE",
"TENANT_READ"
],
"title": "Visiblity of alarm",
"type": "string"
},
"visibility_paths": {
"description": "The visiblity_paths property must be set if visibility is set to TENANT_READ and must not be set if visibility is set to TENANT_NONE or not set. If a tenant user in a multi-tenant deployment does not have access to the alarming entity, the user will not be able to access the corresponding alarm unless visibility TENANT_READ is set and the user has access to at least one of the paths specified in visibility_paths.",
"items": {
"type": "string"
},
"title": "Paths to enable visibility of TENANT_READ alarms",
"type": "array"
}
},
"type": "object"
}
MonitoringInfo (type)
{
"description": "Provides monitoring information for all flows in federation from the given site where the API is invoked. For example - monitoring information from Global Manager doesn't provide details of Local Manager to Local Manager flows. Similary, LocalManager will not provide Global Manager ACTIVE to Global Manager STANDBY flow details.",
"id": "MonitoringInfo",
"module_id": "FederationObservability",
"properties": {
"errors": {
"items": {
"$ref": "MonitoringError
},
"read_only": true,
"title": "All errors occurred while gathering monitoring info",
"type": "array"
},
"flow_info": {
"items": {
"$ref": "FlowInfo
},
"read_only": true,
"title": "Monitoring information of flows in federation",
"type": "array"
}
},
"title": "Provides details of all flows in federation",
"type": "object"
}
MonitoringNodeType (type)
{
"enum": [
"nsx_autonomous_edge",
"nsx_bms",
"nsx_edge",
"nsx_esx",
"nsx_global_manager",
"nsx_intelligence",
"nsx_kvm",
"nsx_manager",
"nsx_public_cloud_gateway",
"nsx_dpu",
"nsx_aas"
],
"id": "MonitoringNodeType",
"module_id": "Monitoring",
"type": "string"
}
MonitoringProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base Monitoring Profile Binding Map",
"type": "object"
}
MonitoringSeverity (type)
{
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW"
],
"id": "MonitoringSeverity",
"module_id": "Monitoring",
"type": "string"
}
MonitoringStatus (type)
{
"enum": [
"OPEN",
"ACKNOWLEDGED",
"SUPPRESSED",
"RESOLVED"
],
"id": "MonitoringStatus",
"module_id": "Monitoring",
"type": "string"
}
MonthlyTelemetrySchedule (type)
{
"extends": {
"$ref": "TelemetrySchedule
},
"id": "MonthlyTelemetrySchedule",
"module_id": "TelemetryConfig",
"polymorphic-type-descriptor": {
"type-identifier": "MonthlyTelemetrySchedule"
},
"properties": {
"day_of_month": {
"description": "Day of month on which data will be collected. Specify a value between 1 through 31.",
"maximum": 31,
"minimum": 1,
"required": true,
"title": "Day of month on which data will be collected",
"type": "integer"
},
"frequency_type": {
"description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.",
"required": true,
"title": "Frequency at which data will be collected",
"type": "string"
},
"hour_of_day": {
"description": "Hour at which data will be collected. Specify a value between 0 through 23.",
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Hour at which data will be collected",
"type": "integer"
},
"minutes": {
"default": 0,
"description": "Minute at which data will be collected. Specify a value between 0 through 59.",
"maximum": 59,
"minimum": 0,
"required": false,
"title": "Minute at which data will be collected",
"type": "integer"
}
},
"type": "object"
}
MpData (type)
{
"description": "Manager ids list which are not owned by policy and system.",
"id": "MpData",
"module_id": "ManagerPolicyMigration",
"properties": {
"linked_id": {
"description": "Related identifier of manager id.",
"required": false,
"title": "Related identifier of manager id",
"type": "string"
},
"manager_id": {
"description": "Identifier of the manager object.",
"required": true,
"title": "Identifier of the manager object",
"type": "string"
}
},
"title": "Non-promoted manager ids",
"type": "object"
}
MpDataByPrincipleIdenity (type)
{
"description": "Manager ids list which are not owned by policy and system.",
"id": "MpDataByPrincipleIdenity",
"module_id": "ManagerPolicyMigration",
"properties": {
"principle_identity": {
"description": "Identifier of the manager object.",
"required": true,
"title": "Identifier of the manager object",
"type": "string"
},
"resource_ids": {
"description": "Array of Non promoted manager Ids..",
"items": {
"$ref": "MpData
},
"required": true,
"title": "List of non-promoted manager ids.",
"type": "array"
}
},
"title": "Non-promoted manager ids grouped by principle identity.",
"type": "object"
}
MpDataListResult (type)
{
"additionalProperties": false,
"description": "List of Non-promoted manager ids.",
"extends": {
"$ref": "ListResult
},
"id": "MpDataListResult",
"module_id": "ManagerPolicyMigration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of Non promoted manager Ids..",
"items": {
"$ref": "MpDataByPrincipleIdenity
},
"required": true,
"title": "List of Non-promoted manager ids.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Non-promoted manager ids list",
"type": "object"
}
MpDataSearchValue (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "MpDataSearchValue",
"module_id": "ManagerPolicyMigration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_value": {
"description": "Search filter value for some specific resource type like for Logical router it should be TIER0/TIER1.",
"required": false,
"title": "Search filter value",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"description": "Search filter value resource type of the manager data.",
"required": true,
"title": "resource_type filter value",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Searching Mp ids based on the type",
"type": "object"
}
MpMigrationData (type)
{
"additionalProperties": false,
"id": "MpMigrationData",
"module_id": "MPPolicyMigration",
"properties": {
"migration_data": {
"items": {
"$ref": "MPResource
},
"required": false,
"title": "migration data ( resource type and Ids ).",
"type": "array"
},
"mode": {
"default": "CONSUMER",
"enum": [
"GENERIC",
"CONSUMER"
],
"readonly": false,
"title": "Mode of MP2Policy migration",
"type": "string"
},
"setup_details": {
"$ref": "SetupDetails,
"description": "If setup details is not provided, default setup details will be used.",
"required": false,
"title": "Setup Details."
},
"skip_failed_resources": {
"default": false,
"required": false,
"title": "Default value is false. This value will indicate if there is error,\nskip the failed objects and proceed with next set of objects for MP to Policy promotion.\n",
"type": "boolean"
}
},
"title": "Contains manager and policy resource id.\n",
"type": "object"
}
MpOspfExternalLinkState (type)
{
"additionalProperties": false,
"description": "OSPF router link state details.",
"id": "MpOspfExternalLinkState",
"module_id": "AggSvcLogicalRouter",
"properties": {
"advertised_router": {
"readonly": true,
"required": true,
"title": "OSPF advertised router",
"type": "string"
},
"checksum": {
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "string"
},
"link_state_id": {
"readonly": true,
"required": true,
"title": "OSPF link id",
"type": "string"
},
"metric_type": {
"readonly": true,
"required": true,
"title": "Type of metric",
"type": "string"
},
"route": {
"$ref": "IPAddress,
"readonly": true,
"required": true,
"title": "Route with ip address and mask"
},
"sequence_number": {
"readonly": true,
"required": true,
"title": "Sequence number",
"type": "string"
},
"tag": {
"readonly": true,
"required": true,
"title": "Tag",
"type": "integer"
},
"up_time": {
"readonly": true,
"required": true,
"title": "LSA age",
"type": "integer"
}
},
"title": "OSPF router link state",
"type": "object"
}
MpOspfNetworkLinkStates (type)
{
"additionalProperties": false,
"description": "OSPF router link state details.",
"id": "MpOspfNetworkLinkStates",
"module_id": "AggSvcLogicalRouter",
"properties": {
"advertised_router": {
"readonly": true,
"required": true,
"title": "OSPF advertised router",
"type": "string"
},
"checksum": {
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "string"
},
"link_state_id": {
"readonly": true,
"required": true,
"title": "OSPF link id",
"type": "string"
},
"sequence_number": {
"readonly": true,
"required": true,
"title": "Sequence number",
"type": "string"
},
"up_time": {
"readonly": true,
"required": true,
"title": "LSA age",
"type": "integer"
}
},
"title": "OSPF router link state",
"type": "object"
}
MpOspfRouterLinkStates (type)
{
"additionalProperties": false,
"description": "OSPF router link state details.",
"id": "MpOspfRouterLinkStates",
"module_id": "AggSvcLogicalRouter",
"properties": {
"advertised_router": {
"readonly": true,
"required": true,
"title": "OSPF advertised router",
"type": "string"
},
"checksum": {
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "string"
},
"link_state_id": {
"readonly": true,
"required": true,
"title": "OSPF link id",
"type": "string"
},
"router_links": {
"readonly": true,
"required": true,
"title": "Number of router links",
"type": "integer"
},
"sequence_number": {
"readonly": true,
"required": true,
"title": "Sequence number",
"type": "string"
},
"up_time": {
"readonly": true,
"required": true,
"title": "LSA age",
"type": "integer"
}
},
"title": "OSPF router link state",
"type": "object"
}
MpOspfSummaryLinkStates (type)
{
"additionalProperties": false,
"description": "OSPF summary link state details.",
"id": "MpOspfSummaryLinkStates",
"module_id": "AggSvcLogicalRouter",
"properties": {
"advertised_router": {
"readonly": true,
"required": true,
"title": "OSPF advertised router",
"type": "string"
},
"checksum": {
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "string"
},
"link_state_id": {
"readonly": true,
"required": true,
"title": "OSPF link id",
"type": "string"
},
"sequence_number": {
"readonly": true,
"required": true,
"title": "Sequence number",
"type": "string"
},
"summary_address": {
"$ref": "IPAddress,
"readonly": true,
"required": true,
"title": "OSPF summary address"
},
"up_time": {
"readonly": true,
"required": true,
"title": "LSA age",
"type": "integer"
}
},
"title": "OSPF summary link state",
"type": "object"
}
MpsComputeCollectionStatus (type)
{
"additionalProperties": false,
"description": "Deployment Status for the compute collection.",
"id": "MpsComputeCollectionStatus",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"compute_collection_deployment_issues": {
"description": "List of issues and detailed description for each issue in case of deployment failure.",
"items": {
"$ref": "MpsErrorClass
},
"readonly": true,
"required": false,
"title": "Malware Prevention Service VM deployment issues",
"type": "array"
},
"compute_collection_deployment_status": {
"description": "Deployment status of MPS SVM on a compute collection. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment on a compute collection such as VC cluster.",
"enum": [
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"DEPLOYMENT_QUEUED",
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_QUEUED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_QUEUED"
],
"readonly": true,
"required": false,
"title": "Compute collection deployment progress status",
"type": "string"
},
"compute_collection_id": {
"description": "Compute collection ID.",
"readonly": true,
"required": false,
"title": "Compute collection ID",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"transport_node_status_list": {
"description": "List of transport node status added as part of the cluster",
"items": {
"$ref": "MpsTransportNodeStatus
},
"readonly": true,
"required": false,
"title": "List of Transport node status",
"type": "array"
}
},
"title": "MPS status on compute collections",
"type": "object"
}
MpsErrorClass (type)
{
"additionalProperties": false,
"id": "MpsErrorClass",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"error_id": {
"description": "Error Id encountered during MPS VM deployment.",
"readonly": true,
"required": true,
"type": "integer"
},
"error_message": {
"description": "Description of issue encountered during MPS VM deployment.",
"readonly": true,
"required": false,
"type": "string"
},
"error_timestamp": {
"description": "Timestamp when issue was issue encountered during MPS VM deployment.",
"readonly": true,
"required": false,
"title": "Timestamp when issue was encountered during MPS VM deployment",
"type": "string"
}
},
"title": "Error class for all the MPS related errors",
"type": "object"
}
MpsOvfSpec (type)
{
"id": "MpsOvfSpec",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"name": {
"description": "MPS OVF specification name.",
"readonly": false,
"required": false,
"title": "Name of the OVF",
"type": "string"
},
"ovf_url": {
"description": "Location of the hosted MPS SVM OVF.",
"readonly": false,
"required": true,
"title": "OVF url",
"type": "string"
}
},
"title": "MPS Ovf Specification",
"type": "object"
}
MpsOvfSpecListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "MpsOvfSpecListResult",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the MPS OVF specification.",
"items": {
"$ref": "MpsOvfSpec
},
"readonly": true,
"required": false,
"title": "MPS OVF specification list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "MPS OVF Specification List",
"type": "object"
}
MpsSubClusterSvmPropertiesPair (type)
{
"id": "MpsSubClusterSvmPropertiesPair",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"sub_cluster_id": {
"description": "Sub-cluster identifier",
"readonly": false,
"required": true,
"title": "Sub-cluster identifier",
"type": "string"
},
"svm_properties": {
"$ref": "MpsSvmProperties,
"description": "storage & network interface that needs to be used for the deployed Malware Service VM part of the sub-cluster.",
"readonly": false,
"required": true,
"title": "MPS SVM Properties"
}
},
"title": "Pair of Sub-cluster id and corresponding SVM Properties",
"type": "object"
}
MpsSvmConfig (type)
{
"description": "User provided configuration values that are required while deploying Malware Prevention SVM. This configuration is typically used when guest OS on the deployed VM boots up for the first time.",
"id": "MpsSvmConfig",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"ssh_key": {
"description": "This SSH Key can be used by admin user to ssh into the SVM appliance.",
"readonly": false,
"required": true,
"title": "SSH Key For Logging Into Appliance",
"type": "string"
}
},
"title": "MPS SVM Config",
"type": "object"
}
MpsSvmDeploymentSpec (type)
{
"description": "Used to provide the MPS Settings for the Malware Prevention SVM on a cluster.",
"extends": {
"$ref": "ManagedResource
},
"id": "MpsSvmDeploymentSpec",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_svm_property": {
"$ref": "MpsSvmProperties,
"description": "Cluster SVM properties contains the deployment specification, such as the storage and network to be used on the cluster where the Malware Prevention Service VM can be deployed.",
"readonly": false,
"required": true,
"title": "Cluster SVM Properties"
},
"compute_collection_id": {
"description": "Compute collection ID.",
"readonly": true,
"required": false,
"title": "Compute collection ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ovf_spec_name": {
"description": "Name of the OVF specification to be used for deployment, which specifies the OVF of the Malware Prevention Service appliance for a particular release.",
"readonly": false,
"required": true,
"title": "OVF Spec Name",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_cluster_svm_property_list": {
"description": "Sub-Cluster SVM Property list contains the Pair of sub cluster id and deployment specification that is to be used on the sub-cluster. This is only required if you have sub-clusters created in NSX and have specific requirement for using separate storage and network on those sub-cluster overriding the settings defined for the cluster.",
"items": {
"$ref": "MpsSubClusterSvmPropertiesPair
},
"maxItems": 16,
"readonly": false,
"required": false,
"title": "Sub-Cluster SVM Properties List",
"type": "array"
},
"svm_config": {
"$ref": "MpsSvmConfig,
"description": "SVM Config that are to be provided to Malware Prevention Service VM that is deployed.",
"readonly": false,
"required": true,
"title": "Mps SVM Config"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "MPS SVM Deployment specification for the cluster",
"type": "object"
}
MpsSvmNewApplianceSpec (type)
{
"description": "Used to provide the SVM deployment specification for changing the appliance on a cluster.",
"id": "MpsSvmNewApplianceSpec",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"deployment_spec_name": {
"description": "Name of the OVF specification to be used for deployment, which specifies the OVF of the Malware Prevention Service appliance for a particular release.",
"readonly": false,
"required": true,
"title": "Deployment Specification Name",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC.",
"readonly": false,
"required": false,
"title": "Storage Id",
"type": "string"
}
},
"title": "SVM Appliance specification to be used for changing appliance",
"type": "object"
}
MpsSvmProperties (type)
{
"description": "Storage & Network interface that needs to be used for the deployed Malware Service VM.",
"id": "MpsSvmProperties",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"ip_allocation_type": {
"description": "IP allocation type with values STATIC or DHCP.",
"enum": [
"STATIC",
"DHCP"
],
"readonly": false,
"required": true,
"title": "IP allocation type",
"type": "string"
},
"ip_pool_id": {
"description": "If the nic is supposed to get IP using a static IP pool then IP Pool id should be provided here.",
"readonly": false,
"required": false,
"title": "Static IP Pool Id",
"type": "string"
},
"network_id": {
"description": "Network Id to be attached to the Management NIC of the SVM. It can be a moref of a portgroup/ logical switch ID that allows the Malware Prevention VM to access the NSX Manager and the NApp deployment to receive configuration and raise malware detection events. If the portgroup/ logical switch ID is specified in 'Agent VM Settings' through the vSphere UI then this field should be empty.",
"readonly": false,
"required": false,
"title": "Network Id",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC. If the datastore used for the Malware Prevention VM on host is specified in 'Agent VM Settings' through the vSphere UI then this field should be empty\".",
"readonly": false,
"required": false,
"title": "Storage Id",
"type": "string"
}
},
"title": "Mps SVM Properties",
"type": "object"
}
MpsTnComponentHealthStatus (type)
{
"additionalProperties": false,
"description": "Health Status of MPS component.",
"id": "MpsTnComponentHealthStatus",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"is_stale": {
"description": "The parameter is set if the last received health status is older than the predefined interval of 4 minutes.",
"readonly": true,
"required": false,
"title": "Flag is true when health status is stale",
"type": "boolean"
},
"last_update_time": {
"description": "Latest timestamp when health status is received.",
"readonly": true,
"required": false,
"title": "Health status timestamp",
"type": "string"
},
"service_name": {
"description": "application.",
"readonly": true,
"required": false,
"title": "MPS Component name",
"type": "string"
},
"service_status": {
"description": "Status of MPS Component running status.",
"readonly": true,
"required": false,
"title": "MPS component running status.",
"type": "string"
}
},
"title": "MPS Component health status",
"type": "object"
}
MpsTransportNodeStatus (type)
{
"additionalProperties": false,
"description": "Deployment Status for the transport node.",
"id": "MpsTransportNodeStatus",
"module_id": "NsxMalwarePreventionDeployment",
"properties": {
"sub_cluster_id": {
"description": "Sub-cluster identifier",
"readonly": true,
"required": false,
"title": "Sub-cluster identifier",
"type": "string"
},
"tn_component_health_status_list": {
"description": "Health status of service VM deployed on this transport node.",
"items": {
"$ref": "MpsTnComponentHealthStatus
},
"readonly": true,
"required": false,
"title": "Health status of MPS Service deployed on transport node",
"type": "array"
},
"tn_configuration_issue": {
"description": "This object contains the list of issues encountered during post deployment configuration for a particular Transport Node.",
"items": {
"$ref": "MpsErrorClass
},
"readonly": true,
"required": false,
"title": "Collection of configuration issues during MPS deployment",
"type": "array"
},
"tn_deployment_issues": {
"description": "List of issue and detailed description of the issue in case of deployment failure.",
"items": {
"$ref": "MpsErrorClass
},
"readonly": true,
"required": false,
"title": "Malware Prevention Service VM deployment issues for Transport Node.",
"type": "array"
},
"tn_deployment_status": {
"description": "Deployment status of MPS SVM on Transport Node. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment.",
"enum": [
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"DEPLOYMENT_QUEUED",
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_QUEUED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_QUEUED"
],
"readonly": true,
"required": true,
"title": "Transport node deployment status",
"type": "string"
},
"transport_node_id": {
"description": "Transport node id.",
"readonly": true,
"required": true,
"title": "transport node id.",
"type": "string"
}
},
"title": "MPS status on deployed transport node",
"type": "object"
}
MsgClientInfo (type)
{
"id": "MsgClientInfo",
"module_id": "Common",
"properties": {
"account_name": {
"description": "Account name for the messaging client. Identifies the client on the management plane message bus.",
"readonly": false,
"required": false,
"type": "string"
},
"certificate": {
"description": "Messaging client's certificate. Used to authenticate to the control plane messaging endpoint.",
"readonly": false,
"required": false,
"type": "string"
},
"shared_secret": {
"description": "Messaging client's secret. Used to authenticate to the management plane messaging broker.",
"readonly": false,
"required": false,
"type": "string"
},
"software_version": {
"description": "Software version of the node.",
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "Information about a messaging client",
"type": "object"
}
MultiWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Combines two or more widgetconfigurations into a multi-widget",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "MultiWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "MultiWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widgets": {
"description": "Array of widgets that are part of the multi-widget.",
"items": {
"$ref": "WidgetItem
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "Widgets",
"type": "array"
}
},
"title": "Multi-Widget",
"type": "object"
}
MulticastForwarding (type)
{
"additionalProperties": false,
"description": "Multicast forwarding entry.",
"id": "MulticastForwarding",
"module_id": "AggSvcLogicalRouter",
"properties": {
"incoming_interface": {
"$ref": "MulticastForwardingInterface,
"description": "Ingress interface on whic multicast traffic is learned.",
"readonly": true,
"required": true,
"title": "Ingress interface"
},
"multicast_group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"outgoing_interfaces": {
"description": "Array of egress interfaces on whic multicast traffic is forwarded.",
"items": {
"$ref": "MulticastForwardingInterface
},
"readonly": true,
"required": false,
"title": "Egress interfaces",
"type": "array"
},
"source": {
"$ref": "IPAddress,
"description": "Multicast source address.",
"readonly": true,
"required": true,
"title": "Multicast source address"
}
},
"title": "Multicast forwarding entry",
"type": "object"
}
MulticastForwardingCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "MulticastForwardingCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"incoming_interface": {
"description": "Ingress interface on whic multicast traffic is learned.",
"readonly": true,
"required": true,
"title": "Ingress interface",
"type": "string"
},
"multicast_group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"outgoing_interfaces": {
"description": "Array of egress interfaces on whic multicast traffic is forwarded.",
"readonly": true,
"required": false,
"title": "Egress interfaces",
"type": "string"
},
"source": {
"$ref": "IPAddress,
"description": "Multicast source address.",
"readonly": true,
"required": true,
"title": "Multicast source address"
},
"transport_node": {
"description": "Transport node uuid or policy path.",
"readonly": true,
"required": true,
"title": "Transport node uuid or policy path",
"type": "string"
}
},
"type": "object"
}
MulticastForwardingInterface (type)
{
"additionalProperties": false,
"description": "Multicast forwarding interface details.",
"id": "MulticastForwardingInterface",
"module_id": "AggSvcLogicalRouter",
"properties": {
"ifuid": {
"description": "Interface id.",
"readonly": true,
"required": true,
"title": "Interface id",
"type": "string"
}
},
"title": "Multicast forwarding interface",
"type": "object"
}
MulticastForwardingPerEdge (type)
{
"additionalProperties": false,
"description": "Multicast Forwarding Per Edge.",
"id": "MulticastForwardingPerEdge",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"mcast_forwarding": {
"items": {
"$ref": "MulticastForwarding
},
"required": false,
"type": "array"
}
},
"title": "Multicast Forwarding Per Edge",
"type": "object"
}
MulticastRoute (type)
{
"additionalProperties": false,
"description": "Multicast route details.",
"id": "MulticastRoute",
"module_id": "AggSvcLogicalRouter",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"input_interface": {
"description": "Ingress interface on which multicast traffic is learned.",
"readonly": true,
"required": true,
"title": "Ingress interface",
"type": "string"
},
"output_interface": {
"description": "Egress interface on which multicast traffic is forwarded.",
"readonly": true,
"required": true,
"title": "Egress interface",
"type": "string"
},
"source_address": {
"$ref": "IPAddress,
"description": "Multicast source address.",
"readonly": true,
"required": true,
"title": "Multicast source address"
},
"ttl": {
"description": "Time-to-live value for multicast packets.",
"readonly": true,
"required": true,
"title": "Time to live",
"type": "integer"
},
"uptime": {
"description": "Time for which multicast route entry is active.",
"readonly": true,
"required": true,
"title": "Multicast route uptime",
"type": "string"
}
},
"title": "Multicast route details",
"type": "object"
}
MulticastRouteCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "MulticastRouteCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"input_interface": {
"description": "Ingress interface on which multicast traffic is learned.",
"readonly": true,
"required": true,
"title": "Ingress interface",
"type": "string"
},
"output_interface": {
"description": "Egress interface on which multicast traffic is forwarded.",
"readonly": true,
"required": true,
"title": "Egress interface",
"type": "string"
},
"source_address": {
"$ref": "IPAddress,
"description": "Multicast source address.",
"readonly": true,
"required": true,
"title": "Multicast source address"
},
"transport_node": {
"description": "Transport node uuid or policy path.",
"readonly": true,
"required": true,
"title": "Transport node uuid or policy path",
"type": "string"
},
"ttl": {
"description": "Time-to-live value for multicast packets.",
"readonly": true,
"required": true,
"title": "Time to live",
"type": "integer"
},
"uptime": {
"description": "Time for which multicast route entry is active.",
"readonly": true,
"required": true,
"title": "Multicast route uptime",
"type": "string"
}
},
"type": "object"
}
MulticastRoutesPerEdge (type)
{
"additionalProperties": false,
"description": "Multicast Routes Per Edge.",
"extends": {
"$ref": "ListResult
},
"id": "MulticastRoutesPerEdge",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"mcast_routes": {
"items": {
"$ref": "MulticastRoute
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Multicast Routes Per Edge",
"type": "object"
}
NAPILogLevelValue (type)
{
"additionalProperties": false,
"id": "NAPILogLevelValue",
"properties": {
"log_level": {
"enum": [
"critical",
"error",
"warn",
"info",
"debug",
"off"
],
"required": true,
"title": "Log Level",
"type": "string"
}
},
"title": "Log Level Value",
"type": "object"
}
NDRAAdvertisedRoute (type)
{
"additionalProperties": false,
"id": "NDRAAdvertisedRoute",
"module_id": "Routing",
"properties": {
"route_lifetime": {
"default": 1800,
"description": "Lifetime of advertised route in seconds.",
"maximum": 65520,
"minimum": 0,
"required": false,
"title": "Lifetime of advertised route",
"type": "integer"
},
"route_preference": {
"$ref": "NDRAPreference,
"default": "MEDIUM",
"description": "NDRA Route preference. Indicates preference of the router associated with a prefix over others, when multiple identical prefixes (for different routers) have been received.",
"required": false,
"title": "Route preference"
},
"subnet": {
"$ref": "IPv6CIDRBlock,
"description": "Advertised route subnet",
"required": true,
"title": "Advertised route subnet"
}
},
"type": "object"
}
NDRAPreference (type)
{
"additionalProperties": false,
"description": "For an NDRA router, indicates preference of this router over other default routers. For an NDRA route, indicates preference of the router associated with this prefix over others, when multiple identical prefixes (for different routers) have been received. Preference values are LOW, MEDIUM (default) and HIGH. RESERVED value is not to be used and is treated as MEDIUM.",
"enum": [
"LOW",
"MEDIUM",
"HIGH",
"RESERVED"
],
"id": "NDRAPreference",
"module_id": "Routing",
"title": "NDRA Router and route preference",
"type": "string"
}
NDRAPrefixConfig (type)
{
"additionalProperties": false,
"description": "Overrides the router advertisement attributes for the IPv6 prefixes.",
"id": "NDRAPrefixConfig",
"module_id": "LogicalRouterPorts",
"properties": {
"network_prefix": {
"$ref": "IPv6CIDRBlock,
"description": "Override the neighbor discovery prefix preferred time and prefix valid time for the subnet on uplink port whose network matches with the network address of CIDR specified in network_prefix.",
"required": true,
"title": "Network prefix"
},
"prefix_preferred_time": {
"description": "The time interval in seconds, in which the prefix is advertised as preferred.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Prefix preferred time",
"type": "integer"
},
"prefix_valid_time": {
"description": "The time interval in seconds, in which the prefix is advertised as valid.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
NDRAProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "NDRAProfile",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_config": {
"$ref": "RaDNSConfig,
"required": false,
"title": "DNS Configuration"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ndra_advertised_route": {
"description": "Route advertised in NDRAProfile.",
"items": {
"$ref": "NDRAAdvertisedRoute
},
"required": false,
"type": "array"
},
"ra_config": {
"$ref": "RAConfig,
"required": true,
"title": "RA Configuration"
},
"ra_mode": {
"$ref": "RAMode,
"default": "SLAAC_DNS_THROUGH_RA",
"required": true,
"title": "RA Mode"
},
"reachable_timer": {
"default": 0,
"description": "Neighbour reachable time duration in milliseconds. A value of 0 means unspecified.",
"maximum": 3600000,
"minimum": 0,
"required": false,
"title": "Reachable timer",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retransmit_interval": {
"default": 1000,
"description": "The time, in milliseconds, between retransmitted neighbour solicitation messages.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Retransmission interval",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
NDRAProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NDRAProfileListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NDRAProfile
},
"required": true,
"title": "Paginated list of NDRAProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NSAttributes (type)
{
"additionalProperties": false,
"id": "NSAttributes",
"module_id": "NSProfile",
"properties": {
"attributes_data": {
"$ref": "NSAttributesData,
"required": true,
"title": "Data for attribute"
},
"sub_attributes": {
"items": {
"$ref": "NSAttributesData
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
}
},
"title": "NS Attributes data holder structure",
"type": "object"
}
NSAttributesData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "NSAttributesData",
"module_id": "NSProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attribute_source": {
"enum": [
"SYSTEM",
"CUSTOM"
],
"required": false,
"title": "Attribute is predefined or custom",
"type": "string"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Data type of attribute/sub attribute key",
"type": "string"
},
"description": {
"required": false,
"title": "Description for NSProfile attributes",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"description": "NSProfile attribute/sub attribute keys.",
"required": true,
"title": "Key for attribute/sub attribute",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"value": {
"description": "Multiple attribute/sub attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "value for attribute/sub attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Attributes/sub-attributes data holder structure for NSProfile",
"type": "object"
}
NSGroup (type)
{
"additionalProperties": false,
"description": "NSGroups are recursive groupings of different NSX elements (logical and physical), typically used in policy definitions.",
"extends": {
"$ref": "ManagedResource
},
"id": "NSGroup",
"module_id": "NSGroup",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"readonly": true,
"required": false,
"title": "Count of the members added to this NSGroup",
"type": "integer"
},
"members": {
"description": "Reference to the direct/static members of the NSGroup. Can be ID based expressions only. VirtualMachine cannot be added as a static member.",
"items": {
"$ref": "NSGroupSimpleExpression
},
"maxItems": 500,
"required": false,
"title": "Members of NSGroup",
"type": "array"
},
"membership_criteria": {
"description": "List of tag or name based expressions which define the dynamic membership criteria for this NSGroup. An object must satisfy atleast one of these expressions to qualify as a member of this group. It is not recommended to use ID based expressions in this section. ID based expression should be used in \"members\" section",
"items": {
"$ref": "NSGroupExpression
},
"maxItems": 5,
"required": false,
"title": "The criteria for membership of this NSGroup",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Networking and Security Group",
"type": "object"
}
NSGroupComplexExpression (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NSGroupExpression
},
"id": "NSGroupComplexExpression",
"module_id": "NSGroup",
"polymorphic-type-descriptor": {
"type-identifier": "NSGroupComplexExpression"
},
"properties": {
"expressions": {
"description": "Represents expressions which are to be logically 'AND'ed.The array cannot contain NSGroupComplexExpression.Only NSGroupTagExpression and NSGroupSimpleExpressions are accepted.",
"items": {
"$ref": "NSGroupExpression
},
"maxItems": 5,
"minItems": 2,
"required": true,
"title": "List of simple and tag expressions",
"type": "array"
},
"resource_type": {
"enum": [
"NSGroupSimpleExpression",
"NSGroupComplexExpression",
"NSGroupTagExpression"
],
"required": true,
"type": "string"
}
},
"title": "Complex expressions to represent NSGroup membership",
"type": "object"
}
NSGroupDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "NSGroupDeleteRequestParameters",
"module_id": "NSGroup",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "NSGroup delete request parameters",
"type": "object"
}
NSGroupExpression (type)
{
"id": "NSGroupExpression",
"module_id": "NSGroup",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"NSGroupSimpleExpression",
"NSGroupComplexExpression",
"NSGroupTagExpression"
],
"required": true,
"type": "string"
}
},
"title": "Policy expression for NSGroup membership",
"type": "object"
}
NSGroupExpressionList (type)
{
"additionalProperties": false,
"id": "NSGroupExpressionList",
"module_id": "NSGroup",
"properties": {
"members": {
"items": {
"$ref": "NSGroupExpression
},
"maxItems": 500,
"required": true,
"title": "List of NSGroupExpressions to be passed to add and remove APIs\n",
"type": "array"
}
},
"title": "List of NSGroupExpressions",
"type": "object"
}
NSGroupInfo (type)
{
"description": "NSGroupInfo contains information about a particular NSGroup used in a SI Rule. It also contains information about policy path used to create this NSGroup.",
"id": "NSGroupInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"nsgroup": {
"$ref": "ResourceReference,
"description": "NSGroup Data.",
"readonly": true,
"required": false,
"title": "NSGroup"
},
"nsgroup_policy_path": {
"description": "Relative Policy path of a particular NSGroup.",
"readonly": true,
"required": true,
"title": "Policy Path of a Particular NSGroup",
"type": "string"
}
},
"title": "NSGroupInfo",
"type": "object"
}
NSGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSGroupListRequestParameters",
"module_id": "NSGroup",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"member_types": {
"description": "Specify valid member types in CSV format to filter NSGroups. Returns NSGroups whose member types are same as or subset of specified member types",
"required": false,
"title": "Specify member types to filter corresponding NSGroups\n",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"populate_references": {
"default": false,
"description": "If set to true, the target_resource property of each NSGroupExpresion will be populated from the associated resource when the expression uniquely identifies a resource.",
"title": "Populate metadata of resource referenced by NSGroupExpressions\n",
"type": "boolean"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSGroup list request parameters",
"type": "object"
}
NSGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSGroupListResult",
"module_id": "NSGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSGroup
},
"required": true,
"title": "NSGroup list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of NSGroups",
"type": "object"
}
NSGroupRequestParameters (type)
{
"additionalProperties": false,
"id": "NSGroupRequestParameters",
"module_id": "NSGroup",
"properties": {
"populate_references": {
"default": false,
"description": "If set to true, the target_resource property of each NSGroupExpresion will be populated from the associated resource when the expression uniquely identifies a resource.",
"title": "Populate metadata of resource referenced by NSGroupExpressions\n",
"type": "boolean"
}
},
"title": "NSGroup request parameters",
"type": "object"
}
NSGroupServiceAssociationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSGroupServiceAssociationListRequestParameters",
"module_id": "GroupingObjectsProviders",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"fetch_parentgroup_associations": {
"default": false,
"description": "If set to true, will fetch direct as well as indirect associated service entities for the given NSGroup.",
"required": false,
"title": "Fetch complete list of associated resources considering\nnesting\n",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"service_type": {
"enum": [
"firewall",
"ipfix"
],
"required": true,
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSGroup Service association list request parameters",
"type": "object"
}
NSGroupSimpleExpression (type)
{
"extends": {
"$ref": "NSGroupExpression
},
"id": "NSGroupSimpleExpression",
"module_id": "NSGroup",
"polymorphic-type-descriptor": {
"type-identifier": "NSGroupSimpleExpression"
},
"properties": {
"op": {
"description": "All operators perform a case insensitive match.",
"enum": [
"EQUALS",
"CONTAINS",
"STARTSWITH",
"ENDSWITH",
"NOTEQUALS"
],
"required": true,
"title": "Operator of the expression",
"type": "string"
},
"resource_type": {
"enum": [
"NSGroupSimpleExpression",
"NSGroupComplexExpression",
"NSGroupTagExpression"
],
"required": true,
"type": "string"
},
"target_property": {
"required": true,
"title": "Field of the resource on which this expression is evaluated",
"type": "string"
},
"target_resource": {
"$ref": "ResourceReference,
"description": "Reference of the target. Will be populated when the property is a resource id, the op (operator) is EQUALS and populate_references is set to be true.",
"readonly": true,
"required": false,
"title": "Reference of the target"
},
"target_type": {
"$ref": "NSGroupValidResourceType,
"required": true,
"title": "Type of the resource on which this expression is evaluated"
},
"value": {
"required": true,
"title": "Value that satisfies this expression",
"type": "string"
}
},
"title": "Simple expressions to represent NSGroup membership",
"type": "object"
}
NSGroupTagExpression (type)
{
"description": "Includes both scope and tag attribute of Tag. The scope and tag expressions are logically 'AND' with each other. eg- tag.scope = \"S1\" AND tag.tag = 'T1'",
"extends": {
"$ref": "NSGroupExpression
},
"id": "NSGroupTagExpression",
"module_id": "NSGroup",
"polymorphic-type-descriptor": {
"type-identifier": "NSGroupTagExpression"
},
"properties": {
"resource_type": {
"enum": [
"NSGroupSimpleExpression",
"NSGroupComplexExpression",
"NSGroupTagExpression"
],
"required": true,
"type": "string"
},
"scope": {
"maxLength": 128,
"required": false,
"title": "The tag.scope attribute of the object",
"type": "string"
},
"scope_op": {
"default": "EQUALS",
"enum": [
"EQUALS"
],
"required": false,
"title": "Operator of the scope expression eg- tag.scope = \"S1\".",
"type": "string"
},
"tag": {
"maxLength": 256,
"required": false,
"title": "The tag.tag attribute of the object",
"type": "string"
},
"tag_op": {
"default": "EQUALS",
"description": "Target_type VirtualMachine supports all specified operators for tag expression while LogicalSwitch and LogicalPort supports only EQUALS operator. All operators perform a case insensitive match.",
"enum": [
"EQUALS",
"CONTAINS",
"STARTSWITH",
"ENDSWITH"
],
"required": false,
"title": "Operator of the tag expression eg- tag.tag = \"Production\"",
"type": "string"
},
"target_type": {
"enum": [
"LogicalSwitch",
"LogicalPort",
"VirtualMachine",
"IPSet"
],
"required": true,
"title": "Type of the resource on which this expression is evaluated",
"type": "string"
}
},
"title": "TAG expressions to represent NSGroup membership",
"type": "object"
}
NSGroupValidResourceType (type)
{
"enum": [
"NSGroup",
"IPSet",
"MACSet",
"LogicalSwitch",
"LogicalPort",
"VirtualMachine",
"DirectoryGroup",
"VirtualNetworkInterface",
"TransportNode",
"CloudNativeServiceInstance",
"PhysicalServer",
"LogicalRouter",
"LogicalRouterPort"
],
"id": "NSGroupValidResourceType",
"module_id": "NSGroup",
"title": "Resource type valid for use in an NSGroupExpression",
"type": "string"
}
NSProfile (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes and sub-attributes of various network services (ex. L7 services,domain name,encryption algorithm) The entity will be consumed in DFW rules and can be added in new tuple called profile in DFW rules. This entity is design to be generic and can be consumed at other places as well where attributes and sub-attributes collection can be used. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<nsx-mgr>/api/v1/ns-profiles/attributes",
"extends": {
"$ref": "ManagedResource
},
"id": "NSProfile",
"module_id": "NSProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_valid": {
"default": true,
"description": "If set to false, the NSProfile has some app ids which are unsupported. Those were allowed to be added in previous releases but in testing in later phases found that those app ids could not be detected.",
"readonly": true,
"title": "Flag indicating if NSProfile has supported app ids",
"type": "boolean"
},
"nsprofile_attribute": {
"description": "Reference to the encapsulating object of attributes/sub-attributes for NSProfile.",
"items": {
"$ref": "NSAttributes
},
"required": true,
"title": "NSProfile attributes and sub-attributes object",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Network Services Profile entity",
"type": "object"
}
NSProfileDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "NSProfileDeleteRequestParameters",
"module_id": "NSProfile",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "NSProfile delete request parameters",
"type": "object"
}
NSProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSProfileListRequestParameters",
"module_id": "NSProfile",
"properties": {
"attribute_type": {
"description": "It fetches NSProfiles for the given attribute type. Only one type of supported attribute type can be mentioned in a single API call.API will return all NSProfiles that have at least one attribute level key which matches given attribute type. If not provided, all NSProfiles will be returned.",
"required": false,
"title": "Fetch NSProfiles for the given attribute type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSProfile list request parameters.",
"type": "object"
}
NSProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSProfileListResult",
"module_id": "NSProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSProfile
},
"readonly": true,
"title": "Paged collection of NSProfiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of NSProfiles",
"type": "object"
}
NSService (type)
{
"additionalProperties": false,
"description": "A Networking and Security Service allows users to specify characteristics to use for matching network traffic. For example the user can specify port and protocol pair.",
"extends": {
"$ref": "ManagedResource
},
"id": "NSService",
"module_id": "NSService",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"default_service": {
"description": "The default NSServices are created in the system by default. These NSServices can't be modified/deleted",
"readonly": true,
"title": "NSServices created in the system by default",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nsservice_element": {
"$ref": "NSServiceElement,
"required": true,
"title": "An NSService Element that describes traffic corresponding to this NSService"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
NSServiceDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "NSServiceDeleteRequestParameters",
"module_id": "NSService",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "NSService delete request parameters",
"type": "object"
}
NSServiceElement (type)
{
"abstract": true,
"id": "NSServiceElement",
"module_id": "Types",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"EtherTypeNSService",
"IPProtocolNSService",
"IGMPTypeNSService",
"ICMPTypeNSService",
"ALGTypeNSService",
"L4PortSetNSService"
],
"required": true,
"title": "The specific type of NSServiceElement",
"type": "string"
}
},
"title": "An NSService element that describes traffic corresponding to an NSService",
"type": "object"
}
NSServiceGroup (type)
{
"additionalProperties": false,
"description": "A Networking and Security Service Group that represents a group of NSServices",
"extends": {
"$ref": "ManagedResource
},
"id": "NSServiceGroup",
"module_id": "NSServiceGroup",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"default_service": {
"description": "The default NSServiceGroups are created in the system by default. These NSServiceGroups can't be modified/deleted",
"readonly": true,
"title": "NSServiceGroups created in the system by default",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"members": {
"description": "List of NSService resources that can be added as members to an NSServiceGroup.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 50,
"required": true,
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_type": {
"enum": [
"ETHER",
"NON_ETHER"
],
"readonly": true,
"title": "Type of the NSServiceGroup",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
NSServiceGroupDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "NSServiceGroupDeleteRequestParameters",
"module_id": "NSServiceGroup",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "NSServiceGroup delete request parameters",
"type": "object"
}
NSServiceGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSServiceGroupListRequestParameters",
"module_id": "NSServiceGroup",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"default_service": {
"description": "If set to true, then it will display only default NSServiceGroups. If set to false, then it will display all those NSServiceGroups which are not default. If it is not provided, then complete (default as well as non default) list of NSServiceGroups will be displayed.",
"title": "Fetch all default NSServiceGroups",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSServiceGroup list request parameters",
"type": "object"
}
NSServiceGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSServiceGroupListResult",
"module_id": "NSServiceGroup",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSServiceGroup
},
"required": true,
"title": "Paged collection of NSServiceGroups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of NSServiceGroups",
"type": "object"
}
NSServiceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSServiceListRequestParameters",
"module_id": "NSService",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"default_service": {
"description": "If set to true, then it will display only default NSServices. If set to false, then it will display all those NSServices which are not default. If it is not provided, then complete (default as well as non default) list of NSServices will be displayed.",
"title": "Fetch all default NSServices",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSService list request parameters.",
"type": "object"
}
NSServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSServiceListResult",
"module_id": "NSService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSService
},
"required": true,
"title": "Paged collection of NSServices",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of NSservices",
"type": "object"
}
NSSupportedAttributeTypesResult (type)
{
"additionalProperties": false,
"id": "NSSupportedAttributeTypesResult",
"module_id": "NSProfile",
"properties": {
"attribute_types": {
"items": {
"type": "string"
},
"readonly": true,
"title": "List of NSSupportedAttributes types",
"type": "array"
}
},
"title": "NSSupportedAttributes Types",
"type": "object"
}
NSSupportedAttributes (type)
{
"additionalProperties": false,
"id": "NSSupportedAttributes",
"module_id": "NSProfile",
"properties": {
"ns_attributes": {
"description": "The type represent pre-defined or user defined list of supported attributes and sub-attributes that can be used while creating NSProfile",
"items": {
"$ref": "NSAttributes
},
"required": true,
"title": "Collection of supported attributes and sub-attributes",
"type": "array"
}
},
"title": "Supported attributes and sub-attributes for NSProfile",
"type": "object"
}
NSSupportedAttributesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NSSupportedAttributesListRequestParameters",
"module_id": "NSProfile",
"properties": {
"attribute_source": {
"description": "",
"enum": [
"SYSTEM",
"CUSTOM",
"ALL"
],
"required": false,
"title": "Fetch attributes source",
"type": "string"
},
"attribute_type": {
"description": "It fetches attributes and subattributes for the given attribute type supported in the system which can be used for NSProfile creation.",
"required": false,
"title": "Fetch attributes and sub-attributes for the given attribute type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSAttributes list request parameters.",
"type": "object"
}
NSSupportedAttributesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSSupportedAttributesListResult",
"module_id": "NSProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSSupportedAttributes
},
"readonly": true,
"title": "Paged collection of NSSupportedAttributes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSSupportedAttributes for supported attributes and sub-attributes",
"type": "object"
}
NSXManagerDeploymentInfo (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NSXManagerDeploymentInfo",
"module_id": "NSXDeploymentInfo",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"deployed_by": {
"required": true,
"title": "Deployed By",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"instance_id": {
"required": true,
"title": "Instance Id",
"type": "string"
},
"log_token": {
"required": true,
"title": "Log Token",
"type": "string"
},
"managed_by": {
"required": true,
"title": "Managed By",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"version": {
"required": false,
"title": "Version",
"type": "string"
}
},
"title": "Deployment Details of NSX Manager deployed via VCF",
"type": "object"
}
NSXProfileReference (type)
{
"description": "It is a reference to any NSX profile. It comprise of NSX profile type eg. DFWCPUProfile, CentralConfigProfile etc. and id of profile i.e. target_id",
"extends": {
"$ref": "ResourceReference
},
"id": "NSXProfileReference",
"module_id": "ServiceConfig",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"profile_type": {
"$ref": "ProfileType,
"required": true
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Reference of single NSX profile which need to added in service config profiles",
"type": "object"
}
NSXRelease (type)
{
"additionalProperties": false,
"id": "NSXRelease",
"module_id": "Upgrade",
"properties": {
"downloaded": {
"readonly": true,
"required": false,
"title": "Hint whether this bundle is downloaded or not.",
"type": "boolean"
},
"readiness_checked": {
"readonly": true,
"required": false,
"title": "Hint whether readiness is checked for the current system for this version",
"type": "boolean"
},
"release_date": {
"description": "Release date",
"readonly": true,
"required": false,
"title": "Release date",
"type": "string"
},
"release_notes": {
"description": "Release notes of the release.",
"readonly": true,
"required": false,
"title": "Release notes.",
"type": "string"
},
"type": {
"description": "The purpose of the release.",
"enum": [
"PATCH_UPDATE",
"MAINTENANCE_UPDATE",
"SECURITY_PATCH",
"HOT_PATCH"
],
"readonly": true,
"required": false,
"title": "Version type",
"type": "string"
},
"version": {
"description": "Version available on VMware download site.",
"readonly": true,
"required": false,
"title": "Version available on VMware download site.",
"type": "string"
}
},
"type": "object"
}
NSXReleaseRequest (type)
{
"additionalProperties": false,
"id": "NSXReleaseRequest",
"module_id": "Upgrade",
"properties": {
"source": {
"description": "Source where notification is generated",
"readonly": true,
"required": false,
"title": "Source where notification is generated",
"type": "string"
}
},
"type": "object"
}
NSXReleases (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NSXReleases",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NSXRelease
},
"readonly": true,
"required": false,
"title": "List of NSX Releases available.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NSXTConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to an NSX-T type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "NSXTConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "NSXTConnectionInfo"
},
"properties": {
"edge_cluster_ids": {
"deprecated": true,
"description": "Edge Cluster UUIDs on enforcement point. Edge cluster information is required for creating logical L2, L3 constructs on enforcement point. Max 1 edge cluster ID. This is a deprecated property. The edge cluster id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-clusters and GET /infra/sites/site-id/enforcement-points/enforcementpoint-1/edge-clusters/edge-cluster-id. The value passed through this property will be ignored.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Edge Cluster IDs",
"type": "array"
},
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"transport_zone_ids": {
"deprecated": true,
"description": "Transport Zone UUIDs on enforcement point. Transport zone information is required for creating logical L2, L3 constructs on enforcement point. Max 1 transport zone ID. This is a deprecated property. The transport zone id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones and GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones/transport-zone-id. The value passed through this property will be ignored.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Transport Zone IDs",
"type": "array"
},
"username": {
"description": "Username.",
"title": "Username",
"type": "string"
}
},
"title": "NSX-T Connection Info",
"type": "object"
}
NSXVConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to an NSX-V type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "NSXVConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "NSXVConnectionInfo"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": true,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "secure_string"
}
},
"title": "NSX-V Connection Info",
"type": "object"
}
NamedTeamingPolicy (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "TeamingPolicy
},
"id": "NamedTeamingPolicy",
"module_id": "UplinkHostSwitchProfile",
"properties": {
"active_list": {
"items": {
"$ref": "Uplink
},
"required": true,
"title": "List of Uplinks used in active list",
"type": "array"
},
"name": {
"description": "An uplink teaming policy of a given name defined in UplinkHostSwitchProfile. The names of all NamedTeamingPolicies in an UplinkHostSwitchProfile must be different, but a name can be shared by different UplinkHostSwitchProfiles. Different TransportNodes can use different NamedTeamingPolicies having the same name in different UplinkHostSwitchProfiles to realize an uplink teaming policy on a logical switch. An uplink teaming policy on a logical switch can be any policy defined by a user; it does not have to be a single type of FAILOVER or LOADBALANCE. It can be a combination of types, for instance, a user can define a policy with name \"MyHybridTeamingPolicy\" as \"FAILOVER on all ESX TransportNodes and LOADBALANCE on all KVM TransportNodes\". The name is the key of the teaming policy and can not be changed once assigned.",
"maxLength": 136,
"required": true,
"title": "The name of the uplink teaming policy",
"type": "string"
},
"policy": {
"enum": [
"FAILOVER_ORDER",
"LOADBALANCE_SRCID",
"LOADBALANCE_SRC_MAC"
],
"required": true,
"title": "Teaming policy",
"type": "string"
},
"rolling_order": {
"required": false,
"title": "Flag for preemptive mode",
"type": "boolean"
},
"standby_list": {
"items": {
"$ref": "Uplink
},
"required": false,
"title": "List of Uplinks used in standby list",
"type": "array"
}
},
"title": "Uplink Teaming Policy with a name that can be referenced by logical switches",
"type": "object"
}
NamespaceMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "NamespaceMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The display name of the member on the enforcement point",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The ID of the member on the enforcement point",
"type": "string"
},
"pods": {
"items": {
"$ref": "PolicyGroupMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
NappRegistration (type)
{
"description": "Contains a NSX Application Platform.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "NappRegistration",
"module_id": "PolicyNappRegistration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_id": {
"description": "UUID of the cluster maintained internally.",
"readonly": true,
"required": true,
"title": "UUID of NSX Application Platform",
"type": "string"
},
"cluster_name": {
"description": "Name of NSX Application Platform.",
"required": false,
"title": "Name of NSX Application Platform",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ingress_ip_address": {
"description": "IP of NSX Application Platform for Ingress HTTP connection.",
"format": "hostname-or-ip",
"required": false,
"title": "Ingress IP address of NSX Application Platform",
"type": "string"
},
"is_intelligence_enabled": {
"description": "Whether Intelligence is enabled on NSX Application Platform.",
"required": false,
"title": "Is Intelligence enabled on NSX Application Platform",
"type": "boolean"
},
"is_malware_prevention_enabled": {
"description": "Whether Malware Prevention is enabled on NSX Application Platform.",
"required": false,
"title": "Is Malware Prevention enabled on NSX Application Platform",
"type": "boolean"
},
"is_metric_enabled": {
"description": "Whether Metric is enabled on NSX Application Platform.",
"required": false,
"title": "Is Metric enabled on NSX Application Platform",
"type": "boolean"
},
"kafka_topic_context": {
"description": "Context kafka topic name.",
"required": false,
"title": "Context Kafka topic name",
"type": "string"
},
"kafka_topic_flow": {
"description": "Flow Kafka Topic name.",
"required": false,
"title": "Flow Kafka topic name",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"message_bus_ip_address": {
"description": "IP of NSX Application Platform for Message bus.",
"format": "hostname-or-ip",
"required": false,
"title": "Message bus IP address of NSX Application Platform",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"description": "Status of NSX Application Platform.",
"readonly": true,
"required": false,
"title": "Status of NSX Application Platform",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Info to register NSX Application Platform",
"type": "object"
}
NappRegistrationList (type)
{
"description": "Contains a list of NSX Application Platforms.",
"id": "NappRegistrationList",
"module_id": "PolicyNappRegistration",
"properties": {
"napp_registration_results": {
"description": "List of NSX Application Platforms registered on NSX.",
"items": {
"$ref": "NappRegistration
},
"minItems": 1,
"required": true,
"title": "List of NSX Application Platform Registrations",
"type": "array"
}
},
"title": "Info to register a list of NSX Application Platforms",
"type": "object"
}
NatActions (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "NAT action types.",
"enum": [
"SNAT",
"DNAT",
"REFLEXIVE",
"NO_SNAT",
"NO_DNAT",
"NAT64"
],
"id": "NatActions",
"module_id": "Nat",
"title": "NAT action types",
"type": "string"
}
NatCounters (type) (Deprecated)
{
"deprecated": true,
"id": "NatCounters",
"module_id": "AggSvcLogicalRouter",
"properties": {
"active_sessions": {
"readonly": true,
"required": false,
"title": "The number of active sessions",
"type": "integer"
},
"total_bytes": {
"readonly": true,
"required": false,
"title": "The number of bytes",
"type": "integer"
},
"total_packets": {
"readonly": true,
"required": false,
"title": "The number of packets",
"type": "integer"
}
},
"type": "object"
}
NatFirewallMatch (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The type indicates how the firewall is applied to a traffic packet. MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped.",
"enum": [
"MATCH_EXTERNAL_ADDRESS",
"MATCH_INTERNAL_ADDRESS",
"BYPASS"
],
"id": "NatFirewallMatch",
"module_id": "Nat",
"title": "The rule how the firewall is applied to a traffic packet",
"type": "string"
}
NatRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The configuration entity to define a NAT rule. It defines how an ip packet is matched via source address or/and destination address or/and service(s), how the address (and/or) port is translated, and how the related firewall stage is involved or bypassed.",
"extends": {
"$ref": "ManagedResource
},
"id": "NatRule",
"module_id": "Nat",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"$ref": "NatActions,
"description": "Valid actions: SNAT, DNAT, NO_SNAT, NO_DNAT, REFLEXIVE, NAT64. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, can NOT be supported when the logical router is running at active-active HA mode; REFLEXIVE is stateless. NO_SNAT and NO_DNAT have no translated_fields, only match fields are supported.",
"required": true,
"title": "NAT rule action type"
},
"applied_tos": {
"description": "Holds the list of LogicalRouterPort Ids that a NAT rule can be applied to. The LogicalRouterPort used must belong to the same LogicalRouter for which the NAT Rule is created. As of now a NAT rule can only have a single LogicalRouterPort as applied_tos. When applied_tos is not set, the NAT rule is applied to all LogicalRouterPorts beloging to the LogicalRouter.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"required": false,
"title": "List of LogicalRouterPort resources as applied to",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Indicator to enable/disable the rule.",
"required": false,
"title": "enable/disable the rule",
"type": "boolean"
},
"firewall_match": {
"$ref": "NatFirewallMatch,
"description": "Indicate how firewall is applied to a traffic packet. Firewall can be bypassed, or be applied to external/internal address of NAT rule.",
"required": false,
"title": "The rule how the firewall is applied"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_rule_id": {
"description": "Internal NAT rule uuid for debug used in Controller and backend.",
"readonly": true,
"required": false,
"title": "Internal NAT rule uuid",
"type": "string"
},
"logging": {
"default": false,
"description": "Enable/disable the logging of rule.",
"required": false,
"title": "Enable/disable the logging of rule",
"type": "boolean"
},
"logical_router_id": {
"description": "The logical router id which the nat rule runs on.",
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"match_destination_network": {
"description": "IP Address | CIDR | (null implies Any)",
"required": false,
"title": "match destination network",
"type": "string"
},
"match_service": {
"$ref": "NSServiceElement,
"description": "A NSServiceElement that specifies the matching services of source ports, destination ports, ip protocol version and number, sub protocol version and number, ICMP type and code, etc. The match_service can be one of IPProtocolNSService,L4PortSetNSService or ICMPTypeNSService. REFLEXIVE NAT does not support match_service.",
"required": false,
"title": "match service"
},
"match_source_network": {
"description": "IP Address | CIDR | (null implies Any)",
"required": false,
"title": "match source network",
"type": "string"
},
"pb_vpn_mode": {
"$ref": "PbVpnMode,
"default": "BYPASS",
"description": "Indicate how the rule applies to Policy-Based VPN traffic. It's supported only for NAT rule action type DNAT and NO_DNAT. BYPASS indicates that NAT rule is applied to the traffic received on Routed-Based VPN tunnel. EXCLUSIVE indicates that NAT rule is applied to the inbound traffic received on Policy-Based VPN tunnel only.",
"required": false,
"title": "The rule how the NAT applies to Policy-Based VPN traffic"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_priority": {
"default": 1024,
"description": "Ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.",
"required": false,
"title": "NAT rule priority",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"translated_network": {
"description": "The translated address for the matched IP packet. For a SNAT, it can be a single ip address, an ip range, or a CIDR block. For a DNAT and a REFLEXIVE, it can be a single ip address or a CIDR block. Translated network is not supported for NO_SNAT or NO_DNAT.",
"required": false,
"title": "IP Address | IP Range | CIDR",
"type": "string"
},
"translated_ports": {
"description": "The translated port(s) for the mtached IP packet. It can be a single port or a port range. Please note, port translating is supported only for DNAT.",
"required": false,
"title": "port number or port range. DNAT only",
"type": "string"
}
},
"title": "The configuration entity to define a NAT rule",
"type": "object"
}
NatRuleList (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "NatRuleList",
"module_id": "Nat",
"properties": {
"rules": {
"description": "Add new NatRules to the list in Bulk creation.",
"items": {
"$ref": "NatRule
},
"maxItems": 128,
"required": true,
"title": "NAT rules list",
"type": "array"
}
},
"type": "object"
}
NatRuleListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "NatRuleListResult",
"module_id": "Nat",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NatRule
},
"required": true,
"title": "NAT rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NatRuleTypeParameter (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The parameters for getting NAT rules.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "NatRuleTypeParameter",
"module_id": "Nat",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"rule_type": {
"description": "If not specify rule_type, backend returns NAT rule list for IPv4. If specify rule_type to ALL, backend returns all NAT rules list. If specify rule_type to NATv4, backend returns NAT rule list for IPv4. If specify rule_type to NAT64, backend returns NAT rule list for IPv6.",
"enum": [
"ALL",
"NATv4",
"NAT64"
],
"required": false,
"title": "Action type for getting NAT rules",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "The parameter of getting NAT rules",
"type": "object"
}
NatStatisticsPerLogicalRouter (type) (Deprecated)
{
"deprecated": true,
"id": "NatStatisticsPerLogicalRouter",
"module_id": "AggSvcLogicalRouter",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_id": {
"readonly": true,
"required": true,
"title": "Id for the logical router",
"type": "string"
},
"per_transport_node_statistics": {
"items": {
"$ref": "NatStatisticsPerTransportNode
},
"readonly": true,
"required": false,
"title": "Detailed per node statistics",
"type": "array"
},
"statistics_across_all_nodes": {
"$ref": "NatCounters,
"readonly": true,
"required": true,
"title": "Rolled-up statistics for all rules on the logical router across all the nodes"
}
},
"type": "object"
}
NatStatisticsPerRule (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "NatCounters
},
"id": "NatStatisticsPerRule",
"module_id": "AggSvcLogicalRouter",
"properties": {
"active_sessions": {
"readonly": true,
"required": false,
"title": "The number of active sessions",
"type": "integer"
},
"id": {
"readonly": true,
"required": true,
"title": "The id of the NAT rule.",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_id": {
"readonly": true,
"required": true,
"title": "The id of the logical router which owns the NAT rule.",
"type": "string"
},
"total_bytes": {
"readonly": true,
"required": false,
"title": "The number of bytes",
"type": "integer"
},
"total_packets": {
"readonly": true,
"required": false,
"title": "The number of packets",
"type": "integer"
},
"warning_message": {
"readonly": true,
"required": false,
"title": "The warning message about the NAT Rule statistics.",
"type": "string"
}
},
"type": "object"
}
NatStatisticsPerTransportNode (type)
{
"extends": {
"$ref": "NatCounters
},
"id": "NatStatisticsPerTransportNode",
"module_id": "AggSvcLogicalRouter",
"properties": {
"active_sessions": {
"readonly": true,
"required": false,
"title": "The number of active sessions",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"total_bytes": {
"readonly": true,
"required": false,
"title": "The number of bytes",
"type": "integer"
},
"total_packets": {
"readonly": true,
"required": false,
"title": "The number of packets",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "Id for the transport node",
"type": "string"
}
},
"type": "object"
}
NdSnoopingConfig (type)
{
"additionalProperties": false,
"description": "Contains Neighbor Discovery Protocol (ND) snooping related configuration.",
"id": "NdSnoopingConfig",
"module_id": "PolicyIpDiscovery",
"properties": {
"nd_snooping_enabled": {
"default": false,
"description": "Enable this method will snoop the NS (Neighbor Solicitation) and NA (Neighbor Advertisement) messages in the ND (Neighbor Discovery Protocol) family of messages which are transmitted by a VM. From the NS messages, we will learn about the source which sent this NS message. From the NA message, we will learn the resolved address in the message which the VM is a recipient of. Addresses snooped by this method are subject to TOFU (Trust on First Use) policies as enforced by the system.",
"required": false,
"title": "Is ND snooping enabled or not",
"type": "boolean"
},
"nd_snooping_limit": {
"default": 3,
"description": "Maximum number of ND (Neighbor Discovery Protocol) snooped IPv6 addresses",
"maximum": 15,
"minimum": 2,
"required": false,
"title": "Maximum number of ND (Neighbor Discovery Protocol) bindings",
"type": "int"
}
},
"title": "ND Snooping Configuration",
"type": "object"
}
NdpHeader (type)
{
"additionalProperties": false,
"id": "NdpHeader",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv6Address,
"description": "The IP address of the destination of the solicitation. It MUST NOT be a multicast address.",
"required": false,
"title": "The destination IP address"
},
"msg_type": {
"default": "NEIGHBOR_SOLICITATION",
"description": "This field specifies the type of the Neighbor discover message being sent. NEIGHBOR_SOLICITATION - Neighbor Solicitation message to discover the link-layer address of an on-link IPv6 node or to confirm a previously determined link-layer address. NEIGHBOR_ADVERTISEMENT - Neighbor Advertisement message in response to a Neighbor Solicitation message.",
"enum": [
"NEIGHBOR_SOLICITATION",
"NEIGHBOR_ADVERTISEMENT"
],
"title": "NDP message type",
"type": "string"
}
},
"title": "Neighbor discovery protocol header",
"type": "object"
}
NeighborProperties (type)
{
"additionalProperties": false,
"id": "NeighborProperties",
"module_id": "Lldp",
"properties": {
"capabilities": {
"display": {
"order": 6
},
"readonly": true,
"title": "Capabilities",
"type": "string"
},
"enabled_capabilities": {
"display": {
"order": 7
},
"readonly": true,
"title": "Enabled capabilities",
"type": "string"
},
"ifindex": {
"display": {
"order": 9
},
"readonly": true,
"title": "Interface index",
"type": "integer"
},
"link_aggregation_capable": {
"display": {
"order": 12
},
"readonly": true,
"title": "Aggregation Capability",
"type": "boolean"
},
"link_aggregation_port_id": {
"display": {
"order": 14
},
"readonly": true,
"title": "Aggregation port id",
"type": "string"
},
"link_aggregation_status": {
"description": "True if currently in aggregation",
"display": {
"order": 13
},
"readonly": true,
"title": "Aggregation Status",
"type": "boolean"
},
"mac": {
"display": {
"order": 2
},
"pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$",
"readonly": true,
"title": "Interface MAC address",
"type": "string"
},
"mgmt_addr": {
"display": {
"order": 8
},
"readonly": true,
"title": "Management address",
"type": "string"
},
"name": {
"display": {
"order": 1
},
"readonly": true,
"title": "Interface name",
"type": "string"
},
"oid": {
"display": {
"order": 11
},
"readonly": true,
"title": "Object identifier",
"type": "string"
},
"port_desc": {
"display": {
"order": 3
},
"readonly": true,
"title": "Port description",
"type": "string"
},
"system_desc": {
"display": {
"order": 5
},
"readonly": true,
"title": "System description",
"type": "string"
},
"system_name": {
"display": {
"order": 4
},
"readonly": true,
"title": "System name",
"type": "string"
},
"system_port_number": {
"display": {
"order": 10
},
"readonly": true,
"title": "System port number",
"type": "integer"
}
},
"title": "Neighbor properties",
"type": "object"
}
NestedExpression (type)
{
"additionalProperties": false,
"description": "Nested expressions is a list of condition expressions that must follow the below criteria: 0. Only allowed expressions in a NestedExpression are Condition and ConjunctionOperator. 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all condition expressions must be at even indices, separated by the conjunction expressions AND at odd indices. 2. There may be at most 5 condition expressions inside a list. 3. NestedExpressions are homogeneous in nature, i.e, all expressions inside a nested expression must have the same member type.",
"extends": {
"$ref": "Expression
},
"id": "NestedExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "NestedExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expressions": {
"description": "Expression.",
"items": {
"$ref": "Expression
},
"minItems": 1,
"required": true,
"title": "Expression",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NestedExpression",
"type": "object"
}
NestedServiceServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "NestedServiceServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "NestedServiceServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nested_service_path": {
"required": true,
"title": "path of nested service",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"NestedServiceServiceEntry"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"ServiceEntry"
]
},
{
"leftType": [
"NestedServiceServiceEntry"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"Service"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents nesting service",
"type": "object"
}
NetworkError (type)
{
"description": "Network error related to container objects.",
"id": "NetworkError",
"module_id": "InventoryContainerObj",
"properties": {
"error_code": {
"description": "Error code of network related error.",
"readonly": true,
"required": false,
"title": "Error code",
"type": "string"
},
"error_message": {
"description": "Detailed message of network related error.",
"readonly": true,
"required": false,
"title": "Error message",
"type": "string"
},
"spec": {
"description": "Additional error information in json format.",
"readonly": true,
"required": false,
"title": "Other specifications",
"type": "string"
}
},
"title": "Network Error",
"type": "object"
}
NetworkInfo (type)
{
"additionalProperties": false,
"description": "Only support IP address or subnet. Its type can be of IPv4 or IPv6. It will be converted to subnet when netmask is specified(e.g., 192.168.1.3/24 => 192.168.1.0/24, 2008:12:12:12::2/64 => 2008:12:12:12::/64).",
"id": "NetworkInfo",
"module_id": "LiveTrace",
"properties": {
"dst_ip": {
"$ref": "IPElement,
"description": "The destination IP can be an IP address or a subnet.",
"required": false,
"title": "The destination IP address or subnet"
},
"src_ip": {
"$ref": "IPElement,
"description": "The source IP can be an IP address or a subnet.",
"required": false,
"title": "The source IP address or subnet"
}
},
"type": "object"
}
NetworkInterfaceRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to filter REST API for list network interface.",
"extends": {
"$ref": "DataSourceParameters
},
"id": "NetworkInterfaceRequestParameters",
"module_id": "ApplianceStats",
"properties": {
"admin_status": {
"description": "Defines admin status of the interface.",
"enum": [
"UP",
"DOWN"
],
"title": "Admin status of the interface",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Node network interface request parameters",
"type": "object"
}
NetworkPolicyImportRequest (type)
{
"additional_properties": false,
"description": "This contains a list of K8s Network Policy IDs to be imported as DFW SecurityPolicy.",
"id": "NetworkPolicyImportRequest",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"network_policy_ids": {
"description": "A set of network policy UUIDs that has to be imported to NSX SecurityPolicy",
"items": {
"type": "string"
},
"maxItems": 5000,
"required": true,
"title": "Set of K8s Network policy identifiers",
"type": "array"
},
"sequence_number_lower": {
"description": "This is an optional field. If specified, the \"drop\" action policy will be placed at this position. If unspecified, the drop policy will be created after its corresponding allow policy. The default-drop policies' sequence_number = last existing policy sequence_number + 2. If you specify the sequence numbers explicitly, you must specify both sequence_number_upper and sequence_number_lower at the same time. The sequence_number_lower must be greater than sequence_number_upper.",
"required": false,
"title": "The sequence number at which the drop policy is placed",
"type": "int"
},
"sequence_number_upper": {
"description": "This is an optional field. If specified, the \"allow\" action policy will be placed at this position. If unspecified, the import API should find the lowest existing copy-span security policy applied to the original container cluster, and put the imported policies behind it. The allow policies' sequence_number=last existing copy-span policy sequence_number + 1",
"required": false,
"title": "The sequence number at which the allow policy is placed",
"type": "int"
}
},
"title": "List of K8s Network Policies to be imported",
"type": "object"
}
NetworkPolicyImportRequestParameters (type)
{
"additional_properties": false,
"description": "Request parameters while importing the network policies",
"id": "NetworkPolicyImportRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"on_error": {
"default": "ABORT",
"enum": [
"ABORT",
"CONTINUE"
],
"required": false,
"title": "Action to take when error occurs",
"type": "string"
}
},
"title": "Import Request Parameters",
"type": "object"
}
NetworkPolicyImportResponse (type)
{
"additional_properties": false,
"description": "The response contains the count of network policies imported. If there are any failures, then the error response is also included",
"id": "NetworkPolicyImportResponse",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"errors": {
"description": "Contains a list of errors against each of the network policy id that failed during import.",
"items": {
"$ref": "ImportErrorMessage
},
"title": "List of errors, if any specific to networkpolicy",
"type": "array"
},
"errors_general": {
"description": "contains a list of errors agains general errors",
"items": {
"$ref": "ImportErrorMessage
},
"title": "List of general errors",
"type": "array"
},
"request_count": {
"description": "This is the count of the network policies that were contained in the import request",
"title": "The total number of network policies in the import request",
"type": "int"
},
"success_count": {
"description": "The count of the successfully imported network policies.",
"required": false,
"title": "The count of successfully imported policies",
"type": "int"
}
},
"title": "Summary response of the import action",
"type": "object"
}
NewHostTransportNodeSpec (type)
{
"additionalProperties": false,
"description": "Spec for new Host Transport Node which is added after V2T Host migration has started.",
"id": "NewHostTransportNodeSpec",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"host_migration_unit_id": {
"description": "Migration unit id of the newly added Host Transport Node. This can be specified when the migration mode chosen also does HOST migration. For migration modes that do not perform HOST migration, this value should not be specified. Instead host_transport_node_id value should be specified.",
"readonly": false,
"required": false,
"title": "Host Migrationt Unit Id.",
"type": "string"
},
"host_transport_node_id": {
"description": "Id of the newly added Host Transport Node.",
"readonly": false,
"required": false,
"title": "Host Transport Node id.",
"type": "string"
}
},
"title": "Transport Node spec for the newly added NSX-T Host",
"type": "object"
}
NewRole (type)
{
"id": "NewRole",
"module_id": "AAA",
"properties": {
"new_role_description": {
"required": false,
"title": "New role description",
"type": "string"
},
"new_role_id": {
"pattern": "^[_a-z0-9-]+$",
"required": true,
"title": "New role id",
"type": "string"
},
"new_role_name": {
"required": true,
"title": "New role name",
"type": "string"
}
},
"title": "New Role",
"type": "object"
}
NextHopPrefixListsMapping (type)
{
"additionalProperties": false,
"description": "Next hop to prefix lists mapping.",
"id": "NextHopPrefixListsMapping",
"module_id": "LogicalRouterPorts",
"properties": {
"next_hop": {
"description": "Next hop address.",
"required": true,
"title": "Next hop address",
"type": "string"
},
"prefix_lists": {
"description": "Array of Prefix list UUIDs.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Prefix list UUIDs",
"type": "array"
}
},
"title": "Next hop to prefix lists mapping",
"type": "object"
}
NicInfo (type)
{
"description": "Information of a network interface present on the partner appliance that needs to be configured by the NSX Manager.",
"id": "NicInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"gateway_address": {
"description": "Gateway address associated with the NIC metadata.",
"readonly": false,
"required": false,
"title": "Gateway address",
"type": "string"
},
"ip_address": {
"description": "IP address associated with the NIC metadata. Required only when assigning IP statically for a deployment that is for a single VM instance.",
"readonly": false,
"required": false,
"title": "IP address",
"type": "string"
},
"ip_allocation_type": {
"description": "IP allocation type with values STATIC, DHCP, or NONE indicating that IP address is not required.",
"enum": [
"STATIC",
"DHCP",
"NONE"
],
"readonly": false,
"required": false,
"title": "IP allocation type",
"type": "string"
},
"ip_pool_id": {
"description": "If the nic should get IP using a static IP pool then IP pool id should be provided here.",
"readonly": false,
"required": false,
"title": "Static IP Pool Id",
"type": "string"
},
"network_id": {
"description": "Network Id associated with the NIC metadata. It can be a moref, or a logical switch ID. If it is to be taken from 'Agent VM Settings', then it should be empty.",
"readonly": false,
"required": false,
"title": "Network Id",
"type": "string"
},
"nic_metadata": {
"$ref": "NicMetadata,
"description": "NIC metadata information.",
"readonly": true,
"required": true,
"title": "NIC metadata"
},
"subnet_mask": {
"description": "Subnet mask associated with the NIC metadata.",
"readonly": false,
"required": false,
"title": "Subnet mask",
"type": "string"
}
},
"title": "NIC information",
"type": "object"
}
NicMetadata (type)
{
"description": "Information on the Network interfaces present on the partner appliance that needs to be configured by the NSX Manager.",
"id": "NicMetadata",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"interface_index": {
"description": "Network Interface index.",
"minimum": 0,
"readonly": false,
"required": true,
"title": "Interface Index",
"type": "integer"
},
"interface_label": {
"description": "Network Interface label.",
"readonly": false,
"required": true,
"title": "Interface label",
"type": "string"
},
"interface_type": {
"description": "Interface that needs to be configured on the partner appliance. Ex. MANAGEMENT, DATA1, DATA2, HA1, HA2, CONTROL.",
"enum": [
"MANAGEMENT",
"DATA1",
"DATA2",
"HA1",
"HA2",
"CONTROL"
],
"readonly": false,
"required": true,
"title": "Interface type",
"type": "string"
},
"transports": {
"description": "Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS. Here, the transports array specifies the kinds of transport where this particular NIC is user configurable. If nothing is specified, and the \"user_configurable\" flag is true, then user configuration will be allowed for all transports. If any transport is/are specified, then it will be considered as user configurable for the specified transports only.\"",
"items": {
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH"
],
"type": "string"
},
"maxItems": 3,
"minItems": 0,
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "array"
},
"user_configurable": {
"description": "Used to specify if the given interface needs configuration. Management nics will always need the configuration, for others it will be use case specific. For example, a DATA NIC may be user configurable if the appliance is deployed in certain mode, such as L3_ROUTED.",
"readonly": false,
"required": false,
"title": "Required Configuration",
"type": "boolean"
}
},
"title": "NIC Metadata",
"type": "object"
}
NiocProfile (type) (Deprecated)
{
"deprecated": true,
"description": "This profile is created for Network I/O Control(NIOC).",
"extends": {
"$ref": "BaseHostSwitchProfile
},
"id": "NiocProfile",
"module_id": "NiocProfile",
"polymorphic-type-descriptor": {
"type-identifier": "NiocProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true.",
"nsx_feature": "Nioc",
"required": false,
"title": "Enabled status of NIOC feature",
"type": "boolean"
},
"host_infra_traffic_res": {
"description": "host_infra_traffic_res specifies bandwidth allocation for various traffic resources.",
"items": {
"$ref": "ResourceAllocation
},
"nsx_feature": "Nioc",
"required": false,
"title": "Resource allocation associated with NiocProfile",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Profile for Nioc",
"type": "object"
}
NoIpv4 (type)
{
"description": "This type can be specified in ip assignment spec of host switch if no IPv4 assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "IpAssignmentSpec
},
"id": "NoIpv4",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "NoIpv4"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
}
},
"title": "No IP assignment.",
"type": "object"
}
NoIpv6 (type)
{
"description": "This type can be specified in ipv6 assignment spec of host switch if no IPv6 assignment is desired for host switch virtual tunnel endpoints.",
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "NoIpv6",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "NoIpv6"
},
"properties": {
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "No IPv6 assignment.",
"type": "object"
}
NoRestRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameter definition for requests that do not allow parameters.",
"id": "NoRestRequestParameters",
"module_id": "Types",
"properties": {},
"type": "object"
}
Node (type)
{
"id": "Node",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
NodeAsyncReplicatorServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeAsyncReplicatorServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodeAuthProviderVidmProperties (type)
{
"additionalProperties": false,
"id": "NodeAuthProviderVidmProperties",
"properties": {
"client_id": {
"required": true,
"title": "vIDM client id",
"type": "string"
},
"client_secret": {
"required": false,
"sensitive": true,
"title": "vIDM client secret",
"type": "string"
},
"host_name": {
"required": true,
"title": "Fully Qualified Domain Name(FQDN) of vIDM",
"type": "string"
},
"lb_enable": {
"required": false,
"title": "Load Balancer enable flag",
"type": "boolean"
},
"node_host_name": {
"description": "host name to use when creating the redirect URL for clients to follow after authenticating to vIDM",
"required": true,
"title": "host name of the node redirected to",
"type": "string"
},
"thumbprint": {
"description": "Hexadecimal SHA256 hash of the vIDM server's X.509 certificate",
"required": true,
"title": "vIDM certificate thumbprint",
"type": "string"
},
"vidm_enable": {
"required": false,
"title": "vIDM enable flag",
"type": "boolean"
}
},
"title": "Node AAA provider vIDM properties",
"type": "object"
}
NodeAuthProviderVidmStatus (type)
{
"additionalProperties": false,
"id": "NodeAuthProviderVidmStatus",
"properties": {
"runtime_state": {
"required": true,
"title": "AAA provider vIDM status",
"type": "string"
},
"vidm_enable": {
"required": true,
"title": "vIDM enable flag",
"type": "boolean"
}
},
"title": "Node AAA provider vIDM status",
"type": "object"
}
NodeAuthServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeAuthServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "AuthServiceProperties,
"title": "AUTH Service properties"
}
},
"title": "Node AUTH service properties",
"type": "object"
}
NodeCapabilitiesResult (type)
{
"additionalProperties": false,
"id": "NodeCapabilitiesResult",
"module_id": "FabricNode",
"properties": {
"capabilities": {
"items": {
"$ref": "NodeCapability
},
"required": true,
"title": "Node capability results",
"type": "array"
}
},
"title": "List of capabilities of a fabric node",
"type": "object"
}
NodeCapability (type)
{
"additionalProperties": false,
"id": "NodeCapability",
"module_id": "FabricNode",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "Description of this capability that can be displayed in UI",
"type": "string"
},
"key": {
"readonly": true,
"required": true,
"title": "String that identifies the base capability for all nodes",
"type": "string"
},
"provider": {
"readonly": true,
"required": true,
"title": "Provider of this capability for the node",
"type": "string"
},
"value": {
"readonly": true,
"required": true,
"title": "Value of this capability",
"type": "string"
},
"version": {
"readonly": true,
"required": true,
"title": "Version of the capability",
"type": "int"
}
},
"title": "Capability of a fabric node",
"type": "object"
}
NodeCertificateInfo (type)
{
"id": "NodeCertificateInfo",
"module_id": "ClusterManagement",
"properties": {
"certificate": {
"title": "Certificate content",
"type": "string"
},
"certificate_sha256_thumbprint": {
"title": "SHA256 of certificate",
"type": "string"
},
"entity_type": {
"$ref": "NsxEntity,
"title": "Entity type of this certificate"
}
},
"type": "object"
}
NodeConfigProperties (type)
{
"additionalProperties": false,
"id": "NodeConfigProperties",
"properties": {
"maintenance_mode_enabled": {
"default": "disabled",
"description": "Maintenance Mode enabled",
"enum": [
"entering",
"enabled",
"exiting",
"disabled"
],
"readonly": true,
"type": "string"
},
"management_interface": {
"description": "Network properties of the management interface",
"readonly": true,
"title": "Management Interface Properties",
"type": [
{
"$ref": "NodeNetworkInterfaceProperties
}
]
},
"management_interface_vlan_id": {
"description": "VLAN ID of the In-Band management interface",
"maximum": 4094,
"minimum": 1,
"readonly": true,
"title": "Management Interface VLAN ID",
"type": "integer"
},
"management_routes": {
"description": "Management interface static routes of this node",
"items": {
"$ref": "NodeRouteProperties
},
"readonly": true,
"title": "Management Interface Static Routes",
"type": "array"
}
},
"title": "Information about configuration of this node",
"type": "object"
}
NodeEntityInfo (type)
{
"id": "NodeEntityInfo",
"module_id": "ClusterManagement",
"properties": {
"entity_type": {
"$ref": "NsxEntity,
"title": "Entity type of this service endpoint"
},
"ip_address": {
"title": "IP address of service provider",
"type": "string"
},
"ipv6_address": {
"title": "IPv6 address of service provider",
"type": "string"
},
"port": {
"maximum": 65535,
"minimum": 0,
"title": "Port number of service provider",
"type": "integer"
}
},
"type": "object"
}
NodeFileSystemProperties (type)
{
"additionalProperties": false,
"id": "NodeFileSystemProperties",
"module_id": "ApplianceStats",
"properties": {
"file_system": {
"readonly": true,
"title": "File system id",
"type": "string"
},
"mount": {
"readonly": true,
"title": "File system mount",
"type": "string"
},
"total": {
"readonly": true,
"title": "File system size in kilobytes",
"type": "integer"
},
"type": {
"readonly": true,
"title": "File system type",
"type": "string"
},
"used": {
"readonly": true,
"title": "Amount of file system used in kilobytes",
"type": "integer"
}
},
"title": "File system properties",
"type": "object"
}
NodeGrubProperties (type)
{
"additionalProperties": false,
"id": "NodeGrubProperties",
"properties": {
"timeout": {
"maximum": 2147483647,
"minimum": 0,
"title": "GRUB menu timeout value in seconds",
"type": "integer"
},
"users": {
"items": {
"$ref": "NodeGrubUserProperties
},
"title": "List of node GRUB user properties",
"type": "array"
}
},
"title": "Node GRUB properties",
"type": "object"
}
NodeGrubUserProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeGrubUserProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"password": {
"sensitive": true,
"title": "Password for the GRUB user",
"type": "string"
},
"username": {
"title": "Username of the GRUB user",
"type": "string"
}
},
"title": "Node GRUB user properties",
"type": "object"
}
NodeHealth (type)
{
"additionalProperties": false,
"id": "NodeHealth",
"module_id": "NodeHealth",
"properties": {
"components_health": {
"title": "Comoponents health details",
"type": "string"
},
"healthy": {
"title": "Flag indicating that node is healthy or not",
"type": "boolean"
}
},
"title": "Node Health information",
"type": "object"
}
NodeHttpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeHttpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "HttpServiceProperties,
"title": "HTTP Service properties"
}
},
"title": "Node HTTP service properties",
"type": "object"
}
NodeIdServicesMap (type)
{
"additionalProperties": false,
"id": "NodeIdServicesMap",
"module_id": "CertificateManager",
"properties": {
"node_id": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "NodeId",
"type": "string"
},
"service_types": {
"description": "List of ServiceTypes.",
"items": {
"$ref": "ServiceType
},
"readonly": false,
"required": true,
"type": "array"
}
},
"type": "object"
}
NodeInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeInfo",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"component_version": {
"readonly": true,
"required": true,
"title": "Component version of the node",
"type": "string"
},
"display_name": {
"readonly": true,
"required": true,
"title": "Name of the node",
"type": "string"
},
"id": {
"description": "Identifier of the node",
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"type": {
"readonly": true,
"required": true,
"title": "Node type",
"type": "string"
}
},
"type": "object"
}
NodeInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NodeInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which nodes will be filtered",
"type": "string"
},
"component_version": {
"readonly": false,
"required": false,
"title": "Component version based on which nodes will be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NodeInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NodeInfoListResult",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeInfo
},
"required": true,
"title": "Paged Collection of Nodes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NodeInstallUpgradeServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeInstallUpgradeServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "InstallUpgradeServiceProperties,
"title": "install-upgrade Service properties"
}
},
"title": "Node install-upgrade service properties",
"type": "object"
}
NodeInterSiteStatistics (type)
{
"additionalProperties": false,
"id": "NodeInterSiteStatistics",
"module_id": "AggSvcInterSite",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the remote tunnel port statistics was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"stats_per_site": {
"description": "Remote tunnel statistics per site.",
"items": {
"$ref": "RemoteTunnelStatisticsPerSite
},
"readonly": true,
"title": "Remote tunnel statistics per site",
"type": "array"
},
"transport_node_id": {
"description": "Edge node id whose statistics is being reported.",
"readonly": true,
"required": true,
"title": "Edge node id",
"type": "string"
}
},
"type": "object"
}
NodeInterfaceAlias (type)
{
"additionalProperties": false,
"id": "NodeInterfaceAlias",
"module_id": "ApplianceStats",
"properties": {
"broadcast_address": {
"$ref": "IPAddress,
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface broadcast address"
},
"ip6_address": {
"items": {
"$ref": "IPv6CIDRBlock
},
"title": "Interface IPv6 CIDR addresses",
"type": "array"
},
"ip_address": {
"$ref": "IPAddress,
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface IP address"
},
"ip_configuration": {
"enum": [
"dhcp",
"static",
"not configured",
"autoconf"
],
"title": "Interface configuration",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface netmask",
"type": "string"
},
"physical_address": {
"$ref": "MACAddress,
"title": "Interface MAC address"
}
},
"title": "Node network interface alias",
"type": "object"
}
NodeInterfaceProperties (type)
{
"additionalProperties": false,
"id": "NodeInterfaceProperties",
"module_id": "ApplianceStats",
"properties": {
"admin_status": {
"enum": [
"UP",
"DOWN"
],
"title": "Interface administration status",
"type": "string"
},
"backing_nsx_managed": {
"title": "Indicates whether backing of VIRTUAL network interface is managed by NSX",
"type": "boolean"
},
"connected_switch": {
"title": "Connected switch",
"type": "string"
},
"connected_switch_type": {
"description": "Type of switch associated with the interface.",
"enum": [
"VSS",
"DVS",
"N-VDS"
],
"readonly": true,
"required": false,
"title": "Type of switch",
"type": "string"
},
"device": {
"description": "Device name.",
"readonly": true,
"required": false,
"title": "Device name",
"type": "string"
},
"dpu_alias": {
"description": "Specifies the Data processing unit dpu alias(device alias) if the interface is backed by a DPU.",
"readonly": true,
"required": false,
"title": "Data processing unit device alias",
"type": "string"
},
"dpu_backed": {
"description": "If interface is backed by data processing unit (DPU) and state of DPU is MANAGED, then this property is true.",
"readonly": true,
"required": false,
"title": "Flag to indicate DPU backed interface",
"type": "boolean"
},
"dpu_id": {
"description": "Data processing unit ID if the interface is backed by a DPU.",
"readonly": true,
"required": false,
"title": "Data processing unit ID",
"type": "string"
},
"driver": {
"description": "Driver name.",
"readonly": true,
"required": false,
"title": "Driver name",
"type": "string"
},
"ens_capable": {
"title": "Interface capability for Enhanced Networking Stack",
"type": "boolean"
},
"ens_enabled": {
"title": "Indicates whether interface is enabled for Enhanced Networking Stack",
"type": "boolean"
},
"ens_interrupt_capable": {
"description": "This boolean property describes if network interface is capable for Enhanced Networking Stack interrupt",
"title": "Interface capability for Enhanced Networking Stack interrupt",
"type": "boolean"
},
"ens_interrupt_enabled": {
"description": "This boolean property describes if network interface is enabled for Enhanced Networking Stack interrupt",
"title": "Indicates whether interface is enabled for Enhanced Networking Stack interrupt",
"type": "boolean"
},
"host_managed": {
"title": "Indicates whether interface is managed by the host",
"type": "boolean"
},
"interface_alias": {
"items": {
"$ref": "NodeInterfaceAlias
},
"title": "IP Alias",
"type": "array"
},
"interface_id": {
"title": "Interface ID",
"type": "string"
},
"interface_type": {
"enum": [
"PHYSICAL",
"VIRTUAL",
"BOND",
"TEAMING"
],
"title": "Interface Type",
"type": "string"
},
"interface_uuid": {
"readonly": true,
"required": false,
"title": "UUID of the interface",
"type": "string"
},
"key": {
"description": "Device key.",
"readonly": true,
"required": false,
"title": "Device key",
"type": "string"
},
"link_status": {
"enum": [
"UP",
"DOWN"
],
"title": "Interface administration status",
"type": "string"
},
"lport_attachment_id": {
"title": "LPort Attachment Id assigned to VIRTUAL network interface of a node",
"type": "string"
},
"mtu": {
"title": "Interface MTU",
"type": "integer"
},
"pci": {
"description": "PCI device.",
"readonly": true,
"required": false,
"title": "PCI device",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"title": "Source of status data"
},
"speed": {
"description": "Interface speed in Mbps.",
"readonly": true,
"required": false,
"title": "Speed",
"type": "number"
},
"state": {
"description": "This property shows the current state of virtual tunnel end point (VTEP). If not in NORMAL state, then overlay workloads using this TEP will face network outage. In those cases, check if TEP has valid IP or any other underlay connectivity issues, and enable TEP HA to failover workloads to other healthy TEPs. Note that MAINTENANCE state is triggered by user and TEP will be disabled.",
"enum": [
"INVALID_STATE",
"INIT",
"NORMAL",
"IP_WAITING",
"BFD_DOWN",
"MAINTENANCE"
],
"required": false,
"title": "Virtual tunnel end point state",
"type": "string"
}
},
"title": "Node network interface properties",
"type": "object"
}
NodeInterfacePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeInterfacePropertiesListResult",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeInterfaceProperties
},
"required": true,
"title": "Node interface property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network interface properties list results",
"type": "object"
}
NodeInterfaceStatisticsProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeInterfaceStatisticsProperties",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"interface_id": {
"title": "Interface ID",
"type": "string"
},
"rx_bytes": {
"title": "Total bytes received since the uptime",
"type": "integer"
},
"rx_drop_no_match": {
"description": "Total packets dropped due to <VNI, MAC> lookup failures since the uptime. Available only for Edge Transport Node.",
"title": "Total packets dropped due to <VNI, MAC> lookup failures since the uptime",
"type": "integer"
},
"rx_dropped": {
"title": "Total packets dropped since the uptime",
"type": "integer"
},
"rx_errors": {
"title": "Total receive error packets since the uptime",
"type": "integer"
},
"rx_frame": {
"description": "Total framing error packets since the uptime. Available only for Host Transport Node.",
"title": "Total framing error packets since the uptime",
"type": "integer"
},
"rx_misses": {
"description": "Total packets missed while receive since the uptime. Available only for Edge Transport Node.",
"title": "Total packets missed while receive since the uptime",
"type": "integer"
},
"rx_nombufs": {
"description": "Total packets dropped due to MBUF Alloc failures since the uptime. Available only for Edge Transport Node.",
"title": "Total packets dropped due to MBUF Alloc failures since the uptime",
"type": "integer"
},
"rx_packets": {
"title": "Total packets received since the uptime",
"type": "integer"
},
"source": {
"$ref": "DataSourceType,
"title": "Source of status data."
},
"tx_bytes": {
"title": "Total bytes transmitted since the uptime",
"type": "integer"
},
"tx_carrier": {
"description": "Total packets for carrier losses detected on transmit. Available only for Host Transport Node.",
"title": "Total packets for carrier losses detected on transmit",
"type": "integer"
},
"tx_colls": {
"description": "Total packets for collisions detected on transmit. Available only for Host Transport Node.",
"title": "Total packets for collisions detected on transmit",
"type": "integer"
},
"tx_dropped": {
"title": "Total packets dropped on transmit since the uptime",
"type": "integer"
},
"tx_drops": {
"description": "Total packets dropped on transmit since the uptime. Available only for Edge Transport Node.",
"title": "Total packets dropped on transmit since the uptime",
"type": "integer"
},
"tx_errors": {
"title": "Total packets for transmit errors since the uptime",
"type": "integer"
},
"tx_packets": {
"title": "Total packets transmitted since the uptime",
"type": "integer"
}
},
"title": "Node network interface statistic properties",
"type": "object"
}
NodeLogProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeLogProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"last_modified_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Last modified time expressed in milliseconds since epoch"
},
"log_name": {
"readonly": true,
"title": "Name of log file",
"type": "string"
},
"log_size": {
"readonly": true,
"title": "Size of log file in bytes",
"type": "integer"
}
},
"title": "Node log properties",
"type": "object"
}
NodeLogPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeLogPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeLogProperties
},
"required": true,
"title": "Node log property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node log property query results",
"type": "object"
}
NodeMessagingClientInfo (type)
{
"id": "NodeMessagingClientInfo",
"module_id": "ClusterManagement",
"properties": {
"clients": {
"items": {
"$ref": "MessagingClientInfo
},
"title": "A list of messaging clients owned by this entity",
"type": "array"
},
"entity_type": {
"$ref": "NsxEntity,
"title": "Entity type of this messaging client"
}
},
"type": "object"
}
NodeMode (type)
{
"description": "Possible values of a mode in a \"/config/nsx_appliance_mode\" file",
"id": "NodeMode",
"module_id": "ApplianceModes",
"properties": {
"mode_id": {
"description": "Possible enum values in a \"/config/nsx_appliance_mode\" file",
"enum": [
"ON_PREM",
"SERVICE",
"VMC",
"VMC_LOCAL"
],
"required": true,
"title": "Nsx node mode",
"type": "string"
}
},
"title": "Stub for Nsx node modes",
"type": "object"
}
NodeMotdProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeMotdProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"motd": {
"title": "Message of the day to display when users login to node using the NSX CLI",
"type": [
"string",
"null"
]
}
},
"title": "Node message of the day properties",
"type": "object"
}
NodeNameServersProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeNameServersProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"name_servers": {
"items": {
"type": "string"
},
"maxItems": 3,
"required": true,
"title": "Name servers",
"type": "array"
}
},
"title": "Node network name servers properties",
"type": "object"
}
NodeNetworkInterfaceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeNetworkInterfaceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"admin_status": {
"enum": [
"up",
"down"
],
"readonly": true,
"title": "Interface administration status",
"type": "string"
},
"bond_cur_active_slave": {
"readonly": true,
"title": "Bond's currently active slave device",
"type": "string"
},
"bond_lacp_rate": {
"readonly": true,
"title": "Bond's rate at which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode",
"type": "string"
},
"bond_mode": {
"enum": [
"ACTIVE_BACKUP",
"802_3AD",
"ROUND_ROBIN",
"BROADCAST",
"XOR",
"TLB",
"ALB"
],
"title": "Bond mode",
"type": "string"
},
"bond_primary": {
"title": "Bond's primary device name in active-backup bond mode",
"type": "string"
},
"bond_primary_slave": {
"readonly": true,
"title": "Bond's primary device name in active-backup bond mode",
"type": "string"
},
"bond_slaves": {
"items": {
"type": "string"
},
"title": "Bond's slave devices",
"type": "array"
},
"bond_xmit_hash_policy": {
"enum": [
"layer2",
"layer2+3",
"layer3+4",
"encap2+3",
"encap3+4"
],
"readonly": true,
"title": "Bond's transmit hash policy for balance-xor and 802.3ad modes",
"type": "string"
},
"broadcast_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface broadcast address",
"type": "string"
},
"default_gateway": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface's default gateway",
"type": "string"
},
"interface_id": {
"readonly": true,
"required": true,
"title": "Interface ID",
"type": "string"
},
"ip6_addresses": {
"items": {
"$ref": "IPv6AddressProperties
},
"title": "Interface IPv6 addresses",
"type": "array"
},
"ip_addresses": {
"items": {
"$ref": "IPv4AddressProperties
},
"maxItems": 1,
"title": "Interface IP addresses",
"type": "array"
},
"ip_configuration": {
"enum": [
"dhcp",
"static",
"not configured"
],
"required": true,
"title": "Interface configuration",
"type": "string"
},
"is_kni": {
"readonly": true,
"title": "Interface is a KNI",
"type": "boolean"
},
"link_status": {
"enum": [
"up",
"down"
],
"readonly": true,
"title": "Interface administration status",
"type": "string"
},
"mtu": {
"title": "Interface MTU",
"type": "integer"
},
"physical_address": {
"pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$",
"readonly": true,
"title": "Interface MAC address",
"type": "string"
},
"plane": {
"enum": [
"mgmt",
"debug",
"none"
],
"title": "Interface plane",
"type": "string"
},
"vlan": {
"maximum": 4094,
"minimum": 1,
"readonly": true,
"title": "VLAN Id",
"type": "integer"
}
},
"title": "Node network interface properties",
"type": "object"
}
NodeNetworkInterfacePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeNetworkInterfacePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeNetworkInterfaceProperties
},
"required": true,
"title": "Node network interface property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network interface properties list results",
"type": "object"
}
NodeNetworkProperties (type)
{
"extends": {
"$ref": "Resource
},
"id": "NodeNetworkProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "Network configuration properties",
"type": "object"
}
NodeNtpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeNtpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "NtpServiceProperties,
"title": "NTP Service properties"
}
},
"title": "Node NTP service properties",
"type": "object"
}
NodePhonehomeCoordinatorServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodePhonehomeCoordinatorServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "PhonehomeCoordinatorServiceProperties,
"title": "Phonehome Coordinator Service properties"
}
},
"title": "Node Phonehome Coordinator service properties",
"type": "object"
}
NodePolicyServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodePolicyServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodePortLocalEndpoint (type)
{
"description": "Specifies details of endpoints, when container application is NodePortLocal",
"id": "NodePortLocalEndpoint",
"module_id": "InventoryContainerObj",
"properties": {
"node_ip": {
"description": "Specifies IP address of node.",
"format": "ip",
"readonly": false,
"required": false,
"title": "IP address of node",
"type": "string"
},
"node_port": {
"description": "Specifies the port on the node that can be used to access the service.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port on the node",
"type": "integer"
},
"protocol": {
"description": "Specifies protocol of endpoint. e.g. TCP, UDP.",
"enum": [
"TCP",
"UDP",
"SCTP"
],
"title": "Protocol of endpoint",
"type": "string"
}
},
"title": "Details of NodePortLocal endpoint",
"type": "object"
}
NodeProcessProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeProcessProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cpu_time": {
"readonly": true,
"title": "CPU time (user and system) consumed by process in milliseconds",
"type": "integer"
},
"mem_resident": {
"readonly": true,
"title": "Resident set size of process in bytes",
"type": "integer"
},
"mem_used": {
"readonly": true,
"title": "Virtual memory used by process in bytes",
"type": "integer"
},
"pid": {
"readonly": true,
"title": "Process id",
"type": "integer"
},
"ppid": {
"readonly": true,
"title": "Parent process id",
"type": "integer"
},
"process_name": {
"readonly": true,
"title": "Process name",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Process start time expressed in milliseconds since epoch"
},
"uptime": {
"readonly": true,
"title": "Milliseconds since process started",
"type": "integer"
}
},
"title": "Node process properties",
"type": "object"
}
NodeProcessPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeProcessPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeProcessProperties
},
"required": true,
"title": "Node process property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node process property query results",
"type": "object"
}
NodeProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cli_coredump_config": {
"$ref": "CoreDumpConfig,
"readonly": true,
"title": "NSX CLI core dump files config"
},
"cli_history_size": {
"minimum": 0,
"title": "NSX CLI command history limit, set to 0 to configure no history size limit",
"type": "integer"
},
"cli_output_datetime": {
"title": "NSX CLI display datetime stamp in command output",
"type": "boolean"
},
"cli_timeout": {
"minimum": 0,
"title": "NSX CLI inactivity timeout, set to 0 to configure no timeout",
"type": "integer"
},
"export_type": {
"enum": [
"RESTRICTED",
"UNRESTRICTED"
],
"readonly": true,
"title": "Export restrictions in effect, if any",
"type": "string"
},
"fully_qualified_domain_name": {
"readonly": true,
"title": "Fully qualified domain name",
"type": "string"
},
"hostname": {
"$ref": "SystemHostname,
"title": "Host name or fully qualified domain name of node",
"type": "string"
},
"kernel_version": {
"readonly": true,
"title": "Kernel version",
"type": "string"
},
"motd": {
"title": "Message of the day to display when users login to node using the NSX CLI",
"type": [
"string",
"null"
]
},
"node_type": {
"enum": [
"NSX Manager",
"NSX Global Manager",
"NSX Edge",
"NSX Autonomous Edge",
"NSX Cloud Service Manager",
"NSX Public Cloud Gateway",
"NSX Malware Prevention Service VM"
],
"readonly": true,
"title": "Node type",
"type": "string"
},
"node_uuid": {
"maxLength": 36,
"readonly": true,
"title": "Node Unique Identifier",
"type": "string"
},
"node_version": {
"readonly": true,
"title": "Node version",
"type": "string"
},
"product_version": {
"readonly": true,
"title": "Product version",
"type": "string"
},
"system_datetime": {
"$ref": "DatetimeUTC,
"title": "System date time in UTC"
},
"system_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Current time expressed in milliseconds since epoch"
},
"timezone": {
"title": "Timezone",
"type": "string"
}
},
"title": "Node properties",
"type": "object"
}
NodeProtonServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeProtonServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodeResources (type)
{
"additionalProperties": false,
"description": "Required node resources to deploy a form factor",
"id": "NodeResources",
"module_id": "PolicyCloudNative",
"properties": {
"cpu": {
"description": "Number of CPU cores required to deploy a form factor.",
"title": "Number of CPU cores",
"type": "integer"
},
"disk": {
"description": "Disk required to deploy a form factor.",
"title": "Disk required in GB",
"type": "integer"
},
"ephemeral_storage": {
"description": "Transient storage required to deploy a form factor.",
"title": "Transient storage required in GB",
"type": "integer"
},
"number_of_master_nodes": {
"description": "Required number of primary nodes.",
"title": "Number of primary nodes",
"type": "integer"
},
"number_of_worker_nodes": {
"description": "Required number of worker nodes.",
"title": "Number of worker nodes",
"type": "integer"
},
"ram": {
"description": "Memore required to deploy a form factor.",
"title": "Memory required in GB",
"type": "integer"
}
},
"title": "Node resources",
"type": "object"
}
NodeRouteProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeRouteProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"destination": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Destination covered by route",
"type": "string"
},
"from_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "From address",
"type": "string"
},
"gateway": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Address of next hop",
"type": "string"
},
"interface_id": {
"title": "Network interface id of route",
"type": "string"
},
"ipv6": {
"title": "IPv6 flag",
"type": "boolean"
},
"metric": {
"description": "Default metric value for IPv4 is 0, whereas for IPv6 default value is 1024",
"title": "Metric value of route",
"type": "string"
},
"netmask": {
"description": "For IPv4 this field expects valid IPv4 netmask address, whereas in case of IPv6 it expects valid prefix length",
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$|^[\\d]{1,3}$",
"title": "Netmask or prefix length of destination covered by route",
"type": "string"
},
"proto": {
"default": "boot",
"enum": [
"unspec",
"redirect",
"kernel",
"boot",
"static",
"gated",
"ra",
"mrt",
"zebra",
"bird",
"dnrouted",
"xorp",
"ntk",
"dhcp"
],
"title": "Routing protocol identifier of route",
"type": "string"
},
"route_id": {
"readonly": true,
"title": "Unique identifier for the route",
"type": "string"
},
"route_type": {
"enum": [
"default",
"static",
"blackhole",
"prohibit",
"throw",
"unreachable"
],
"required": true,
"title": "Route type",
"type": "string"
},
"scope": {
"title": "Scope of destinations covered by route",
"type": "string"
},
"src": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$|^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$",
"title": "Source address to prefer when sending to destinations of route",
"type": "string"
}
},
"title": "Node network route properties",
"type": "object"
}
NodeRoutePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeRoutePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeRouteProperties
},
"required": true,
"title": "Node route property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network route properties list results",
"type": "object"
}
NodeRtepIpsConfig (type)
{
"additionalProperties": false,
"id": "NodeRtepIpsConfig",
"module_id": "EdgeClusters",
"properties": {
"member_index": {
"description": "System generated index for cluster member",
"readonly": true,
"required": false,
"title": "System generated index for cluster member",
"type": "int"
},
"rtep_ips": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Remote tunnel endpoint ip address.",
"type": "array"
},
"transport_node_id": {
"description": "Identifier of the transport node backed by an Edge node",
"readonly": true,
"required": false,
"title": "UUID of edge transport node",
"type": "string"
}
},
"type": "object"
}
NodeSearchDomainsProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSearchDomainsProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"search_domains": {
"items": {
"type": "string"
},
"required": true,
"title": "Search domains",
"type": "array"
}
},
"title": "Node network search domains properties",
"type": "object"
}
NodeServiceProperties (type)
{
"extends": {
"$ref": "Resource
},
"id": "NodeServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
}
},
"title": "Node service properties",
"type": "object"
}
NodeServicePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeServicePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeServiceProperties
},
"required": true,
"title": "Node service property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node service property query results",
"type": "object"
}
NodeServiceStatusProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeServiceStatusProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"health": {
"enum": [
"STABLE",
"DEGRADED"
],
"readonly": true,
"required": false,
"title": "Service health in addition to runtime_state",
"type": "string"
},
"monitor_pid": {
"readonly": true,
"title": "Service monitor process id",
"type": "integer"
},
"monitor_runtime_state": {
"enum": [
"running",
"stopped"
],
"readonly": true,
"title": "Service monitor runtime state",
"type": "string"
},
"pids": {
"items": {
"type": "integer"
},
"readonly": true,
"title": "Service process ids",
"type": "array"
},
"reason": {
"readonly": true,
"required": false,
"title": "Reason for service degradation",
"type": "string"
},
"runtime_state": {
"enum": [
"running",
"stopped"
],
"readonly": true,
"title": "Service runtime state",
"type": "string"
}
},
"title": "Node service status properties",
"type": "object"
}
NodeSnmpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSnmpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "SnmpServiceProperties,
"required": true,
"title": "SNMP Service properties"
}
},
"title": "Node SNMP service properties",
"type": "object"
}
NodeSnmpV3EngineID (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSnmpV3EngineID",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"v3_engine_id": {
"required": true,
"title": "SNMP v3 engine id",
"type": "string"
}
},
"title": "SNMP V3 Engine Id",
"type": "object"
}
NodeSshServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSshServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "SshServiceProperties,
"title": "SSH Service properties"
}
},
"title": "Node SSH service properties",
"type": "object"
}
NodeStatus (type)
{
"id": "NodeStatus",
"module_id": "FabricNode",
"properties": {
"external_id": {
"required": false,
"title": "HostNode external id",
"type": "string"
},
"host_node_deployment_status": {
"description": "This enum specifies the current nsx install state for host node or current deployment and ready state for edge node. The ready status 'NODE_READY' indicates whether edge node is ready to become a transport node. The status 'EDGE_CONFIG_ERROR' indicates that edge hardware or underlying host is not supported. After all fabric level operations are done for an edge node, this value indicates transport node related configuration issues and state as relevant.",
"enum": [
"NOT_PREPARED",
"INSTALL_IN_PROGRESS",
"INSTALL_FAILED",
"INSTALL_SUCCESSFUL",
"INSTALL_SKIPPED",
"UNINSTALL_IN_PROGRESS",
"UNINSTALL_FAILED",
"UNINSTALL_SUCCESSFUL",
"UNINSTALL_SCHEDULED",
"UNINSTALL_SKIPPED",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"PENDING_UPGRADE",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"HOST_DISCONNECTED",
"POWERED_OFF",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_NETWORK_EDIT_PENDING",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"REPLACE_FAILED",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"RETRYING_REPLACE",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"DELETE_IN_PROGRESS",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REDEPLOY_ACTIVITY_FAILED",
"VM_REDEPLOY_FAILED",
"REDEPLOYED_VM_REGISTRATION_PENDING",
"REPLACE_ACTIVITY_FAILED",
"REPLACED_RPC_CLIENT_OF_TN",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"VM_RESOURCE_RESERVATION_FAILED",
"ADVANCED_CONFIG_EDIT_PENDING",
"ADVANCED_CONFIG_EDIT_FAILED",
"COMPUTE_MANAGER_NOT_FOUND",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING"
],
"readonly": true,
"required": false,
"title": "Install/Uninstall status of deployment.",
"type": "string"
},
"inventory_sync_paused": {
"readonly": true,
"required": false,
"title": "Is true if inventory sync is paused else false",
"type": "boolean"
},
"inventory_sync_reenable_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Inventory sync auto re-enable target time, in epoch milis"
},
"last_heartbeat_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp of the last heartbeat status change, in epoch milliseconds."
},
"last_sync_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp of the last successful update of Inventory, in epoch milliseconds."
},
"lcp_connectivity_status": {
"default": "UNKNOWN",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Indicates the fabric node's LCP<->CCP channel connectivity status, UP, DOWN, DEGRADED, UNKNOWN.",
"type": "string"
},
"lcp_connectivity_status_details": {
"default": [],
"items": {
"$ref": "ControlConnStatus
},
"readonly": true,
"required": false,
"title": "Details, if any, about the current LCP<->CCP channel connectivity status of the fabric node.",
"type": "array"
},
"maintenance_mode": {
"enum": [
"OFF",
"ENTERING",
"ON",
"EXITING",
"ENABLED",
"DISABLED"
],
"readonly": true,
"required": false,
"title": "Indicates the fabric node's status of maintenance mode, OFF, ENTERING, ON, EXITING, ENABLED, DISABLED.",
"type": "string"
},
"mpa_connectivity_status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Indicates the fabric node's MP<->MPA channel connectivity status, UP, DOWN, UNKNOWN.",
"type": "string"
},
"mpa_connectivity_status_details": {
"readonly": true,
"required": false,
"title": "Details, if any, about the current MP<->MPA channel connectivity status of the fabric node.",
"type": "string"
},
"software_version": {
"readonly": true,
"title": "Software version of the fabric node.",
"type": "string"
},
"system_status": {
"$ref": "NodeStatusProperties,
"readonly": true,
"required": false,
"title": "Node status properties"
}
},
"title": "Runtime status information of the fabric node.",
"type": "object"
}
NodeStatusProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeStatusProperties",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cpu_cores": {
"readonly": true,
"title": "Number of CPU cores on the system",
"type": "integer"
},
"cpu_sockets": {
"readonly": true,
"required": false,
"title": "Number of CPU sockets on the system",
"type": "integer"
},
"cpu_usage": {
"$ref": "CpuUsage,
"description": "Highest and average usage of DPDK and non-DPDK core of Edge Node.",
"readonly": true,
"title": "CPU usage of DPDK and non-DPDK core groups"
},
"dfw_heap_memory_usage": {
"items": {
"$ref": "DfwHeapMemoryUsage,
"description": "Heap usage of dfw modules.",
"title": "Heap usage of dfw modules"
},
"readonly": true,
"type": "array"
},
"disk_space_total": {
"description": "Amount of disk space available on the system, in kilobytes.",
"readonly": true,
"title": "Amount of disk space available on the system, in kilobytes",
"type": "integer"
},
"disk_space_used": {
"descrption": "Amount of disk space in use on the system, in kilobytes.",
"readonly": true,
"title": "Amount of disk space in use on the system, in kilobytes",
"type": "integer"
},
"dpdk_cpu_cores": {
"description": "Number of DPDK cores on Edge Node which are used for packet IO processing.",
"readonly": true,
"title": "Number of DPDK CPU cores on the system",
"type": "integer"
},
"dpus": {
"items": {
"$ref": "DpuStatusProperties
},
"readonly": true,
"title": "Data processing units on the system",
"type": "array"
},
"edge_mem_usage": {
"$ref": "EdgeTransportNodeMemoryUsage,
"description": "Point in time usage of system, datapath, swap and cache memory in edge node. Valid only for Edge transport node.",
"readonly": true,
"title": "Memory usage of edge node"
},
"file_systems": {
"items": {
"$ref": "NodeFileSystemProperties
},
"readonly": true,
"title": "File systems configured on the system",
"type": "array"
},
"hostname": {
"readonly": true,
"title": "Host name of the system",
"type": "string"
},
"load_average": {
"items": {
"type": "number"
},
"readonly": true,
"title": "One, five, and fifteen minute load averages for the system",
"type": "array"
},
"mem_cache": {
"readonly": true,
"title": "Amount of RAM on the system that can be flushed out to disk, in kilobytes",
"type": "integer"
},
"mem_total": {
"readonly": true,
"title": "Amount of RAM allocated to the system, in kilobytes",
"type": "integer"
},
"mem_used": {
"readonly": true,
"title": "Amount of RAM in use on the system, in kilobytes",
"type": "integer"
},
"non_dpdk_cpu_cores": {
"description": "Number of non-DPDK cores on Edge Node.",
"readonly": true,
"title": "Number of non-DPDK CPU cores on the system",
"type": "integer"
},
"remote_logging_server_configured": {
"description": "Indicates if remote logging server is configured.",
"readonly": true,
"title": "Remote Logging Server Configured",
"type": "boolean"
},
"source": {
"$ref": "DataSourceType,
"readonly": true,
"title": "Source of status data."
},
"swap_total": {
"readonly": true,
"title": "Amount of disk available for swap, in kilobytes",
"type": "integer"
},
"swap_used": {
"readonly": true,
"title": "Amount of swap disk in use, in kilobytes",
"type": "integer"
},
"system_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Current time expressed in milliseconds since epoch"
},
"uptime": {
"readonly": true,
"title": "Milliseconds since system start",
"type": "integer"
}
},
"title": "Node status properties",
"type": "object"
}
NodeSummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSummary",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"component_version": {
"readonly": true,
"required": true,
"title": "Component version",
"type": "string"
},
"node_count": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": true,
"title": "Count of nodes",
"type": "int"
},
"type": {
"readonly": true,
"required": true,
"title": "Node type",
"type": "string"
},
"upgrade_unit_subtype": {
"enum": [
"RESOURCE",
"ACTION"
],
"readonly": true,
"required": false,
"title": "UpgradeUnit sub type",
"type": "string"
}
},
"type": "object"
}
NodeSummaryList (type)
{
"additionalProperties": false,
"id": "NodeSummaryList",
"module_id": "Migration",
"properties": {
"results": {
"items": {
"$ref": "NodeSummary
},
"required": true,
"title": "List of Node Summary",
"type": "array"
}
},
"type": "object"
}
NodeSyslogExporterProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSyslogExporterProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"exporter_name": {
"required": true,
"title": "Syslog exporter name",
"type": "string"
},
"facilities": {
"items": {
"$ref": "SyslogFacility
},
"title": "Facilities to export",
"type": "array"
},
"level": {
"enum": [
"EMERG",
"ALERT",
"CRIT",
"ERR",
"WARNING",
"NOTICE",
"INFO",
"DEBUG"
],
"required": true,
"title": "Logging level to export",
"type": "string"
},
"msgids": {
"items": {
"pattern": "^.+$",
"type": "string"
},
"title": "MSGIDs to export",
"type": "array"
},
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Port to export to, defaults to 514 for TCP, TLS, UDP protocols or 9000 for LI, LI-TLS protocols",
"type": "integer"
},
"protocol": {
"enum": [
"TCP",
"TLS",
"UDP",
"LI",
"LI-TLS"
],
"required": true,
"title": "Export protocol",
"type": "string"
},
"server": {
"$ref": "HostnameOrIPv46Address,
"required": true,
"title": "IP address or hostname of server to export to",
"type": "string"
},
"structured_data": {
"items": {
"pattern": "^(alarmId|alarmState|audit|comp|depr|entId|eReqId|errorCode|eventFeatureName|eventId|eventSev|eventState|eventType|euser|inst|level|method|nodeId|org|path|proj|security|site|subcomp|s2comp|splitId|splitIndex|tenantId|tid|tname|update|username|vpc|namespace)=.+$",
"type": "string"
},
"title": "Structured data to export",
"type": "array"
},
"tls_ca_pem": {
"title": "CA certificate PEM of TLS server to export to",
"type": "string"
},
"tls_cert_pem": {
"title": "Certificate PEM of the rsyslog client",
"type": "string"
},
"tls_client_ca_pem": {
"title": "CA certificate PEM of the rsyslog client",
"type": "string"
},
"tls_key_pem": {
"sensitive": true,
"title": "Private key PEM of the rsyslog client",
"type": "string"
}
},
"title": "Node syslog exporter properties",
"type": "object"
}
NodeSyslogExporterPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeSyslogExporterPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeSyslogExporterProperties
},
"required": true,
"title": "Node syslog exporter results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node syslog exporter list results",
"type": "object"
}
NodeTime (type)
{
"additionalProperties": false,
"description": "Node system time in UTC",
"id": "NodeTime",
"properties": {
"system_datetime": {
"$ref": "DatetimeUTC,
"required": true,
"title": "Datetime string in UTC"
}
},
"title": "Node system time in UTC",
"type": "object"
}
NodeType (type)
{
"id": "NodeType",
"module_id": "CertificateManager",
"title": "Node Type",
"type": "string"
}
NodeUserPasswordProperty (type)
{
"additionalProperties": false,
"id": "NodeUserPasswordProperty",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "The new password for user",
"type": "string"
}
},
"type": "object"
}
NodeUserProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeUserProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"full_name": {
"title": "Full name for the user",
"type": "string"
},
"group_id": {
"maximum": 2147483647,
"minimum": 0,
"readonly": true,
"title": "Primary group id for the user",
"type": "integer"
},
"home_dir": {
"readonly": true,
"title": "The absolute path of user home directory",
"type": "string"
},
"last_password_change": {
"maximum": 2147483647,
"minimum": 0,
"readonly": true,
"title": "Number of days since password was last changed",
"type": "integer"
},
"login_shell": {
"readonly": true,
"title": "The absolute path of login shell",
"type": "string"
},
"old_password": {
"sensitive": true,
"title": "Old password for the user (required on PUT if password specified)",
"type": "string"
},
"password": {
"sensitive": true,
"title": "Password for the user (optionally specified on PUT, unspecified on GET)",
"type": "string"
},
"password_change_frequency": {
"default": 90,
"description": "Number of days password is valid before it must be changed. This can be set to 0 to indicate no password change is required or a positive integer up to 9999. By default local user passwords must be changed every 90 days.",
"maximum": 9999,
"minimum": 0,
"title": "Number of days password is valid before it must be changed",
"type": "integer"
},
"password_change_warning": {
"default": 7,
"desciption": "Number of days before user receives warning message to change the password before it expires. By default users will receive 7 days prior warning message to change the password.",
"maximum": 9999,
"minimum": 0,
"title": "Number of days before user receives warning message of password expiration",
"type": "integer"
},
"password_reset_required": {
"title": "Boolean value that states if a password reset is required",
"type": "boolean"
},
"status": {
"description": "Status of the user. This value can be ACTIVE indicating authentication attempts will be successful if the correct credentials are specified. The value can also be PASSWORD_EXPIRED indicating authentication attempts will fail because the user's password has expired and must be changed. Or, this value can be NOT_ACTIVATED indicating the user's password has not yet been set and must be set before the user can authenticate.",
"enum": [
"ACTIVE",
"PASSWORD_EXPIRED",
"NOT_ACTIVATED"
],
"readonly": true,
"title": "User status",
"type": "string"
},
"userid": {
"maximum": 2147483647,
"minimum": 0,
"readonly": true,
"title": "Numeric id for the user",
"type": "integer"
},
"username": {
"maxLength": 32,
"minLength": 1,
"pattern": "^[a-zA-Z][a-zA-Z0-9@-_.\\-]*$",
"title": "User login name (must be \"root\" if userid is 0)",
"type": "string"
}
},
"title": "Node user properties",
"type": "object"
}
NodeUserPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeUserPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeUserProperties
},
"required": true,
"title": "List of node users",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node users list results",
"type": "object"
}
NodeUserSettings (type)
{
"additionalProperties": false,
"id": "NodeUserSettings",
"module_id": "FabricNode",
"properties": {
"audit_password": {
"description": "Password for the node audit user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node audit user password",
"type": "secure_string"
},
"audit_username": {
"description": "The default username is \"audit\". To configure username, you must provide this property together with <b>audit_password</b>. Username must contain ASCII characters only.",
"pattern": "^[\\x00-\\x7F]+$",
"required": false,
"title": "CLI \"audit\" username",
"type": "string"
},
"cli_password": {
"description": "Password for the node cli user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node cli password",
"type": "secure_string"
},
"cli_username": {
"default": "admin",
"description": "To configure username, you must provide this property together with <b>cli_password</b>. Username must contain ASCII characters only.",
"pattern": "^[\\x00-\\x7F]+$",
"required": false,
"title": "CLI \"admin\" username",
"type": "string"
},
"root_password": {
"description": "Password for the node root user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node root user password",
"type": "secure_string"
}
},
"type": "object"
}
NodeVersion (type)
{
"additionalProperties": false,
"id": "NodeVersion",
"properties": {
"node_version": {
"readonly": true,
"title": "Node version",
"type": "string"
},
"product_version": {
"readonly": true,
"title": "Product version",
"type": "string"
}
},
"type": "object"
}
NormalizationListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NormalizationListRequestParameters",
"module_id": "Normalization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"preferred_normalization_type": {
"$ref": "NormalizationTargetType,
"description": "Type to which the resource needs to be normalized. Multiple types can be passed by repeating the parameter. The order in which the types are passed is honored and decides to which type the resource is normalized. The resource is normalized to the first type in the list to which it can be normalized. For example, consider an NSGroup NS1 that has an LSwitch LS1. Assume that NS1 is being normalized to a list of translated entities [LSwitch, LPort]. As LSwitch is the first translated entity to which NSGroup can be translated, the translation will return a list having the LSwitch LS1. Normalization is supported from NSGroup to NSGroup, LogicalSwitch, LogicalPort, IPSets and MACSets.",
"required": true,
"title": "Type to which the resource is to be normalized."
},
"resource_id": {
"required": true,
"title": "Identifier of the resource on which normalization is to be performed",
"type": "string"
},
"resource_type": {
"$ref": "NormalizationSourceType,
"required": true,
"title": "Type of the resource for which normalization is to be performed"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Normalization list request parameters.",
"type": "object"
}
NormalizationSourceType (type)
{
"enum": [
"NSGroup"
],
"id": "NormalizationSourceType",
"module_id": "Normalization",
"title": "Resource type valid for use as source in normalization API.",
"type": "string"
}
NormalizationTargetType (type)
{
"enum": [
"NSGroup",
"IPSet",
"MACSet",
"LogicalSwitch",
"LogicalPort",
"DirectoryGroup"
],
"id": "NormalizationTargetType",
"module_id": "Normalization",
"title": "Resource type valid for use as target in normalization API.",
"type": "string"
}
NormalizedResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NormalizedResourceListResult",
"module_id": "Normalization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ResourceReference
},
"required": true,
"title": "Normalized resource list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of normalized resources",
"type": "object"
}
Notification (type)
{
"id": "Notification",
"module_id": "NfwConfig",
"properties": {
"notification_id": {
"description": "A string identifying feature_name.notification_name to indicate a notification watcher is interested in receiving notifications for the URI identified by the feature_name.notification_name.",
"title": "A string identifying feature_name.notification_name",
"type": "string"
},
"uri_filters": {
"items": {
"type": "string"
},
"required": false,
"title": "Optional list of URIs",
"type": "array",
"uniqueItems": true
}
},
"type": "object"
}
NotificationAuthenticationScheme (type)
{
"description": "NotificationAuthenticationScheme describes how notification requests should authenticate to the server.",
"id": "NotificationAuthenticationScheme",
"module_id": "NfwConfig",
"properties": {
"certificate_id": {
"description": "Certificate ID with a valid certificate and private key, procured from trust-management API.",
"title": "Valid certificate ID",
"type": "string"
},
"password": {
"description": "Password to use if scheme_name is BASIC_AUTH.",
"sensitive": true,
"title": "Password for authentication",
"type": "secure_string"
},
"scheme_name": {
"description": "Authentication scheme to use when making notification requests to the partner/customer specified watcher. Specify one of BASIC_AUTH or CERTIFICATE.",
"enum": [
"BASIC_AUTH",
"CERTIFICATE"
],
"required": true,
"title": "Authentication scheme to use when making notification requests",
"type": "string"
},
"username": {
"description": "Username to use if scheme_name is BASIC_AUTH.",
"title": "Username for authentication",
"type": "string"
}
},
"type": "object"
}
NotificationWatcher (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NotificationWatcher",
"module_id": "NfwConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_scheme": {
"$ref": "NotificationAuthenticationScheme,
"description": "A NotificationAuthenticationScheme that describes how notification requests should authenticate to the server.",
"required": true,
"title": "Scheme to authenticate requests sent to the server"
},
"certificate_sha256_thumbprint": {
"description": "Contains the hex-encoded SHA256 thumbprint of the HTTPS certificate. It must be specified if use_https is set to true.",
"required": false,
"title": "SHA256 thumbprint of the HTTPS certificate",
"type": "string"
},
"description": {
"description": "Optional description that can be associated with this NotificationWatcher.",
"required": false,
"title": "Description associated with this notification watcher",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "System generated identifier to identify a notification watcher uniquely.",
"readonly": true,
"title": "Identifier to identify a notification watcher uniquely",
"type": "string"
},
"max_send_uri_count": {
"default": 5000,
"description": "If the number of notification URIs accumulated in specified send_interval exceeds max_send_uri_count, then multiple notification requests (each with max_send_uri_count or less number of notification URIs) will be sent to this NotificationWatcher. The default value is 5000.",
"maximum": 5000,
"minimum": 1,
"required": false,
"title": "Optional maximum number of notification URIs batched in a single notification request",
"type": "integer"
},
"method": {
"description": "Type of method notification requests should be made on the specified server. The value must be set to POST.",
"enum": [
"POST"
],
"required": true,
"title": "Type of method notification requests should be made on the server",
"type": "string"
},
"port": {
"description": "Optional integer port value to specify a non-standard HTTP or HTTPS port.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Integer port value to specify a non-standard HTTP or HTTPS port",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"send_interval": {
"description": "Optional time interval (in seconds) for which notification URIs will be accumulated. At the end of the time interval the accumulated notification URIs will be sent to this NotificationWatcher in the form of zero (nothing accumulated) or more notification requests as soon as possible. If it is not specified, the NotificationWatcher should expected to receive notifications at any time.",
"minimum": 30,
"required": false,
"title": "Optional time interval for which notification URIs will be accumulated",
"type": "integer"
},
"send_timeout": {
"default": 30,
"description": "Optional time duration (in seconds) to specify request timeout to notification watcher. If the send reaches the timeout, will try to send refresh_needed as true in the next time interval. The default value is 30 seconds.",
"minimum": 1,
"required": false,
"title": "Optional time period within which response for a notification request should be received from this NotificationWatcher",
"type": "integer"
},
"server": {
"description": "IP address or fully qualified domain name of the partner/customer watcher.",
"required": true,
"title": "IP address or fully qualified domain name of watcher",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uri": {
"description": "URI notification requests should be made on the specified server.",
"required": true,
"title": "URI notification requests should be made on the server",
"type": "string"
},
"use_https": {
"default": false,
"description": "Optional field, when set to true indicates REST API server should use HTTPS.",
"required": false,
"title": "Flag to indicate if REST API server should use HTTPS",
"type": "boolean"
}
},
"type": "object"
}
NotificationWatcherListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NotificationWatcherListResult",
"module_id": "NfwConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NotificationWatcher
},
"readonly": true,
"title": "List of notification watchers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NotificationsList (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NotificationsList",
"module_id": "NfwConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"notifications": {
"items": {
"$ref": "Notification
},
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
NsLookupParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The parameters for DNS nslookup.",
"id": "NsLookupParameters",
"module_id": "DnsForwarder",
"properties": {
"address": {
"description": "IP address or FQDN for this lookup",
"required": false,
"title": "IP address or FQDN for nslookup",
"type": "string"
},
"server_ip": {
"$ref": "IPv4Address,
"description": "If absent, the underlying DNS forwarder will be used as the target server. And the answer could be cached by the forwarder if it was not cached yet. If provided, the query will go directly to the given server. You will need to ensure this address represents a workable and reachale DNS server. The answer will not be cached by the forwarder unless this server_ip is exactly the same listener ip of the forwarder.",
"required": false,
"title": "Target server used for this lookup"
},
"source_ip": {
"$ref": "IPv4Address,
"description": "Source ip used for this lookup. If absent, the listener ip of the underlying DNS forwarder will be used as the source ip. If provided, you will need to ensure this source ip is valid and can be routed back to the transport node via data plane",
"required": false,
"title": "Source ip used for this lookup"
}
},
"title": "The parameters of nslookup",
"type": "object"
}
NsxEntity (type)
{
"enum": [
"HTTP",
"DATASTORE",
"MANAGER",
"POLICY",
"CONTROLLER"
],
"id": "NsxEntity",
"module_id": "ClusterManagement",
"type": "string"
}
NsxNodeType (type)
{
"enum": [
"NSX_ESX",
"NSX_KVM",
"NSX_BAREMETAL_SERVER",
"NSX_EDGE",
"NSX_PUBLIC_CLOUD_GATEWAY",
"NSX_MANAGER",
"NSX_POLICY_MANAGER",
"NSX_CONTROLLER",
"GLOBAL_MANAGER"
],
"id": "NsxNodeType",
"module_id": "SystemHealthAgent",
"title": "Valid NSX node type",
"type": "string"
}
NsxOdsNodeType (type)
{
"enum": [
"NSX_ESX",
"NSX_KVM",
"NSX_BAREMETAL_SERVER",
"NSX_EDGE",
"NSX_PUBLIC_CLOUD_GATEWAY",
"NSX_MANAGER",
"NSX_POLICY_MANAGER",
"NSX_CONTROLLER",
"GLOBAL_MANAGER"
],
"id": "NsxOdsNodeType",
"module_id": "PolicyOds",
"title": "Valid NSX node type for ods runbook",
"type": "string"
}
NsxRole (type)
{
"id": "NsxRole",
"module_id": "AAA",
"properties": {
"permissions": {
"deprecated": true,
"description": "Please use the /user-info/permissions api to get the permission that the user has on each feature.",
"items": {
"enum": [
"read-api",
"read-write-api",
"crud",
"read",
"execute",
"none"
],
"type": "string"
},
"required": false,
"title": "Permissions",
"type": "array"
},
"role": {
"description": "This field represents the identifier of the role. With the introduction of custom roles, this field is no longer an enum.",
"required": true,
"title": "Role ID",
"type": "string"
}
},
"title": "Role",
"type": "object"
}
NsxTDNSForwarderStatistics (type)
{
"description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders, on an NSX-T type of enforcement point.",
"extends": {
"$ref": "DNSForwarderStatisticsPerEnforcementPoint
},
"id": "NsxTDNSForwarderStatistics",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "NsxTDNSForwarderStatistics"
},
"properties": {
"cached_entries": {
"readonly": true,
"title": "The total number of cached entries",
"type": "integer"
},
"conditional_forwarder_statistics": {
"items": {
"$ref": "NsxTDNSForwarderZoneStatistics
},
"maxItems": 5,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of conditional forwarder zones",
"type": "array"
},
"configured_cache_size": {
"readonly": true,
"title": "The configured cache size, in kb",
"type": "integer"
},
"default_forwarder_statistics": {
"$ref": "NsxTDNSForwarderZoneStatistics,
"readonly": true,
"title": "The statistics of default forwarder zone"
},
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the statistics are fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"queries_answered_locally": {
"readonly": true,
"title": "The total number of queries answered from local cache",
"type": "integer"
},
"queries_forwarded": {
"readonly": true,
"title": "The total number of forwarded DNS queries",
"type": "integer"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatistics"
],
"required": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current statistics, in ms"
},
"total_queries": {
"readonly": true,
"title": "The total number of received DNS queries",
"type": "integer"
},
"used_cache_statistics": {
"items": {
"$ref": "NsxTPerNodeUsedCacheStatistics
},
"maxItems": 2,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of used cache",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder",
"type": "object"
}
NsxTDNSForwarderStatus (type)
{
"description": "The current runtime status of the DNS forwarder.",
"extends": {
"$ref": "DNSForwarderStatusPerEnforcementPoint
},
"id": "NsxTDNSForwarderStatus",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "NsxTDNSForwarderStatus"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the status is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"extra_message": {
"readonly": true,
"required": false,
"title": "Extra message, if available",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatus"
],
"required": true,
"type": "string"
},
"status": {
"description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The DNS forwarder may be working (or not working). NO_BACKUP means DNS forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP",
"UNKNOWN"
],
"readonly": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current status, in ms"
}
},
"title": "The current runtime status of DNS forwarder",
"type": "object"
}
NsxTDNSForwarderZoneStatistics (type)
{
"description": "Statistics counters of the DNS forwarder zone.",
"id": "NsxTDNSForwarderZoneStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"domain_names": {
"description": "Domain names configured for the forwarder. Empty if this is the default forwarder.",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 0,
"readonly": true,
"title": "Domain names configured for the forwarder",
"type": "array"
},
"upstream_statistics": {
"items": {
"$ref": "NsxTUpstreamServerStatistics
},
"maxItems": 3,
"minItems": 0,
"readonly": true,
"required": false,
"title": "Statistics per upstream server.",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder zone",
"type": "object"
}
NsxTDnsAnswer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyDnsAnswerPerEnforcementPoint
},
"id": "NsxTDnsAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"authoritative_answers": {
"items": {
"$ref": "NsxTDnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Authoritative answers",
"type": "array"
},
"dns_server": {
"description": "Dns server ip address and port, format is \"ip address#port\".",
"required": true,
"title": "Dns server information",
"type": "string"
},
"edge_node_id": {
"description": "ID of the edge node that performed the query.",
"required": true,
"title": "Edge node id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"non_authoritative_answers": {
"items": {
"$ref": "NsxTDnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Non authoritative answers",
"type": "array"
},
"raw_answer": {
"description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.",
"required": false,
"title": "Raw message returned from the dns forwarder",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DNS forwarder nslookup answer.",
"enum": [
"NsxTDnsAnswer"
],
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "Answer of dns nslookup",
"type": "object"
}
NsxTDnsQueryAnswer (type)
{
"additionalProperties": false,
"id": "NsxTDnsQueryAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"address": {
"description": "Resolved IP address matched with the nslookup address provided as a request parameter.",
"required": false,
"title": "Matched ip address",
"type": "string"
},
"name": {
"description": "Matched name of the given address.",
"required": false,
"title": "Matched name",
"type": "string"
}
},
"title": "Answer of nslookup",
"type": "object"
}
NsxTPerNodeUsedCacheStatistics (type)
{
"description": "Query statistics counters of used cache from node",
"id": "NsxTPerNodeUsedCacheStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"cached_entries": {
"readonly": true,
"title": "The total number of cached entries",
"type": "integer"
},
"node_id": {
"readonly": true,
"title": "UUID of active/standby transport node",
"type": "string"
},
"used_cache_size": {
"readonly": true,
"title": "The memory size used in cache, in kb",
"type": "integer"
}
},
"title": "Per node used cache query statistics counters",
"type": "object"
}
NsxTUpstreamServerStatistics (type)
{
"description": "Query statistics counters to an upstream server including successfully forwarded queries and failed queries.",
"id": "NsxTUpstreamServerStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"queries_failed": {
"readonly": true,
"title": "Queries failed to forward.",
"type": "integer"
},
"queries_succeeded": {
"readonly": true,
"title": "Queries forwarded successfully",
"type": "integer"
},
"upstream_server": {
"$ref": "IPAddress,
"readonly": true,
"title": "Upstream server ip"
}
},
"title": "Upstream server query statistics counters",
"type": "object"
}
NsxtNodeType (type)
{
"enum": [
"NSX_ESX",
"NSX_KVM",
"NSX_BAREMETAL_SERVER",
"NSX_EDGE",
"NSX_PUBLIC_CLOUD_GATEWAY",
"NSX_MANAGER",
"NSX_POLICY_MANAGER",
"NSX_CONTROLLER",
"GLOBAL_MANAGER"
],
"id": "NsxtNodeType",
"module_id": "PolicySha",
"title": "Valid NSX node type",
"type": "string"
}
NsxtSite (type)
{
"additionalProperties": false,
"description": "Details about NSX-T site.",
"id": "NsxtSite",
"module_id": "Migration",
"properties": {
"federation_site_display_name": {
"description": "Display name for the federation site.",
"readonly": true,
"required": false,
"title": "Display name for the federation site",
"type": "string"
},
"federation_site_id": {
"description": "Federation site id.",
"readonly": true,
"required": true,
"title": "Federation site id",
"type": "string"
},
"federation_site_type": {
"description": "Type of federation site. It can be GlobalManager or Site.",
"enum": [
"GlobalManager",
"Site"
],
"readonly": true,
"required": true,
"title": "Type of the federation site",
"type": "string"
},
"nsxt_ip": {
"description": "IP address of NSX-T appliance at the site.",
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address of NSX-T appliance",
"type": "string"
}
},
"title": "Details about NSX-T site",
"type": "object"
}
NsxtSiteToAviMapping (type)
{
"additionalProperties": false,
"description": "Details about mapping of NSX-T site to AVI LB endpoint.",
"id": "NsxtSiteToAviMapping",
"module_id": "Migration",
"properties": {
"avi_lb_endpoint": {
"$ref": "AviEndPoint,
"description": "AVI LB endpoint details.",
"readonly": true,
"required": true,
"title": "AVI LB endpoint details"
},
"federation_site_id": {
"description": "Federation NSX-T site id.",
"readonly": true,
"required": true,
"title": "Federation NSX-T site id",
"type": "string"
}
},
"title": "Details about mapping of NSX-T site to AVI LB endpoint",
"type": "object"
}
NtpProperties (type)
{
"additionalProperties": false,
"description": "This object contains the list of NTP servers used by NSX nodes.",
"id": "NtpProperties",
"module_id": "CentralConfig",
"properties": {
"servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPAddress
},
"required": true,
"title": "NTP servers",
"type": "array"
}
},
"title": "NTP service properties",
"type": "object"
}
NtpServiceProperties (type)
{
"additionalProperties": false,
"id": "NtpServiceProperties",
"properties": {
"servers": {
"items": {
"$ref": "HostnameOrIPv46Address
},
"required": true,
"title": "NTP servers",
"type": "array"
},
"start_on_boot": {
"default": true,
"required": false,
"title": "Start NTP service when system boots",
"type": "boolean"
}
},
"title": "NTP Service properties",
"type": "object"
}
NvdsUpgradeConfigIssue (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NvdsUpgradeConfigIssue",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"component": {
"readonly": true,
"required": false,
"title": "Name of the component/object",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error": {
"readonly": true,
"required": false,
"title": "Error for the component describing precheck failure",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"objid": {
"readonly": true,
"required": true,
"title": "Id of the object that generated error",
"type": "string"
},
"recommendation": {
"readonly": true,
"required": true,
"title": "Recommendation to resolve the error returned for component",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"warning": {
"readonly": true,
"required": false,
"title": "Warning for the component describing precheck failure",
"type": "string"
}
},
"title": "Issues reported by upgrade readiness check",
"type": "object"
}
NvdsUpgradeHostState (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NvdsUpgradeHostState",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dn_ext_id": {
"readonly": true,
"required": false,
"title": "DiscoveredNode identifier",
"type": "string"
},
"host": {
"readonly": true,
"required": true,
"title": "TransportNode identifier",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"readonly": true,
"required": false,
"title": "TransportNode ip address",
"type": "string"
},
"overall_state": {
"enum": [
"UPGRADE_READY",
"UPGRADE_PROCESSING",
"UPGRADE_QUEUED",
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"SUCCESS"
],
"readonly": true,
"required": true,
"title": "Overall state of N-VDSes on the TransportNodes",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"state_details": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Details of the N-VDS upgrade state on the host",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"upgrade_stage": {
"description": "This field returns current stage of Migration task. Here is a sequence of stages the task cycles through, TN_MIGRATION_TASK_IN_QUEUE RETRIEVE_SAVED_CONFIG, TN_VALIDATE, VMS_RETRIVAL, VMS_UNREGISTRATION, TN_STATELESS_WAIT_FOR_HP, DETACH_TNP, TNP_WAIT, TN_SEND_HS_MIGRATION_MSG, TN_ADD_HOST_TO_VDS, TN_UPDATE, TN_UPDATE_WAIT, TN_DELETE, TN_DELETE_WAIT, FN_DELETE_WAIT, TN_RECONFIG_HOST, TN_CREATE, TN_CREATE_WAIT, UPDATE_TNP_AND_APPLY, TN_EXIT_MM, VMS_REGISTRATION, VMS_REGISTRATION_WAIT, TN_MIGRATION_COMPLETED Depending on the type of host (stateful, stateless, Sddc, etc.) migration task may not cycle through all stages but in will follow above sequence. If stage is TN_MIGRATION_COMPLETED refer to field overall_state for SUCCESS or UPGRADE_FAILURE and state_details for details on same.",
"readonly": true,
"required": false,
"title": "Current migration task stage",
"type": "string"
}
},
"title": "Individual host upgrade state",
"type": "object"
}
NvdsUpgradePrecheckId (type)
{
"id": "NvdsUpgradePrecheckId",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"precheck_id": {
"readonly": true,
"required": true,
"title": "Tracking ID of nvds upgrade precheck",
"type": "string"
}
},
"title": "Nvds upgrade precheck ID",
"type": "object"
}
NvdsUpgradePrecheckParameters (type)
{
"id": "NvdsUpgradePrecheckParameters",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"tolerate_different_configurations": {
"default": true,
"readonly": true,
"required": false,
"title": "tolerate differnet configurations",
"type": "boolean"
}
},
"title": "Parameters of nvds upgrade precheck",
"type": "object"
}
NvdsUpgradeStatusSummary (type)
{
"id": "NvdsUpgradeStatusSummary",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"migration_state": {
"items": {
"$ref": "NvdsUpgradeHostState
},
"readonly": true,
"required": true,
"title": "Overall state of migration across all TransportNodes",
"type": "array"
},
"precheck_id": {
"readonly": true,
"required": false,
"title": "Tracking ID of nvds upgrade precheck",
"type": "string"
},
"precheck_issue": {
"items": {
"$ref": "NvdsUpgradeConfigIssue
},
"readonly": true,
"required": true,
"title": "Config issue in pre-check",
"type": "array"
},
"precheck_status": {
"enum": [
"IN_PROGRESS",
"FAILED",
"PENDING_TOPOLOGY",
"APPLYING_TOPOLOGY",
"APPLY_TOPOLOGY_FAILED",
"READY"
],
"readonly": true,
"required": true,
"title": "Overall status of pre-check",
"type": "string"
}
},
"title": "Overall status of the upgrade readiness check",
"type": "object"
}
NvdsUpgradeSummaryParameters (type)
{
"id": "NvdsUpgradeSummaryParameters",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"cluster_id": {
"readonly": false,
"required": false,
"title": "cluster identifier",
"type": "string"
}
},
"title": "Parameters to query nvds upgrade summary",
"type": "object"
}
NvdsUpgradeTopology (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "NvdsUpgradeTopology",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_manager_topology": {
"items": {
"$ref": "ComputeManagerTopology
},
"required": true,
"title": "All resultant VDS mapping for a NVDS after the migration",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nvds_id": {
"required": true,
"title": "Identifier for a NVDS",
"type": "string"
},
"nvds_name": {
"required": true,
"title": "Name of a NVDS",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NVDS to VDS mappings for migration",
"type": "object"
}
Oauth2Credentials (type)
{
"additionalProperties": false,
"id": "Oauth2Credentials",
"module_id": "ApplianceModes",
"properties": {
"client_id": {
"description": "Client ID, that will be used for authentication in AWS environment,",
"required": true,
"title": "Client ID",
"type": "string"
},
"client_secret": {
"description": "Client secret, that will be used for authentication in AWS environment. Can be some passphrase.",
"required": true,
"sensitive": true,
"title": "Client Secret",
"type": "string"
}
},
"title": "Oauth2 Account Credentials",
"type": "object"
}
ObservabilityCounterDebugQueryResult (type)
{
"id": "ObservabilityCounterDebugQueryResult",
"module_id": "ObservabilityCounters",
"properties": {
"fast_path_lcore_usage_stats": {
"$ref": "FastPathLcoreUsageStats,
"description": "Realtime fast path lcore usage stats.",
"required": false
},
"fast_path_sys_stats": {
"$ref": "FastPathSysStats,
"description": "System stats related to fast path only.",
"required": false
},
"packet_stats": {
"$ref": "PacketDebugStats,
"description": "Realtime stats containing transmitted, received and dropped packet stats.",
"required": false
},
"platform_cpu_usage_stats": {
"$ref": "PlatformCpuUsageDebugStats,
"description": "Realtime platform cpu usage stats.",
"required": false
},
"platform_packet_stats": {
"$ref": "PlatformPacketStats,
"description": "Realtime platform packet stats for Vnics and Pnics.",
"required": false
}
},
"type": "object"
}
ObservabilityCounterMonitorQueryResult (type)
{
"id": "ObservabilityCounterMonitorQueryResult",
"module_id": "ObservabilityCounters",
"properties": {
"fast_path_lcore_usage_stats": {
"$ref": "FastPathLcoreUsageStats,
"description": "Monitoring fast path lcore usage stats.",
"required": false
},
"fast_path_sys_stats": {
"$ref": "FastPathSysStats,
"description": "System stats related to fast path only.",
"required": false
},
"packet_stats": {
"$ref": "PacketMonitorStats,
"description": "Tn monitoring stats containing transmitted, received and dropped packet stats.",
"required": false
},
"platform_cpu_usage_stats": {
"$ref": "PlatformCpuUsageMonitorStats,
"description": "Monitoring platform cpu usage stats.",
"required": false
},
"platform_packet_stats": {
"$ref": "PlatformPacketStats,
"description": "Monitoring platform packet stats for Vnics and Uplinks.",
"required": false
}
},
"type": "object"
}
OdsDynamicRunbook (type)
{
"additionalProperties": false,
"description": "Policy entity of a Dynamic Runbook. This is a read-only object created by system.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsDynamicRunbook",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_config": {
"$ref": "OdsRunbookSettingData,
"description": "Default configuration of the runbook.",
"readonly": true,
"required": true,
"title": "Default runbook configuration"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parameters": {
"description": "Parameters of runbook.",
"items": {
"$ref": "OdsRunbookParameter
},
"readonly": true,
"title": "Parameters of runbook",
"type": "array"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"supported_node_types": {
"description": "Supported node types for the runbook.",
"items": {
"$ref": "NsxOdsNodeType
},
"readonly": true,
"required": true,
"title": "Supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"$ref": "OdsRunbookVersion,
"description": "Version of runbook.",
"readonly": true,
"required": true,
"title": "Version of runbook"
}
},
"title": "Dynamic runbook",
"type": "object"
}
OdsDynamicRunbookInstance (type)
{
"additionalProperties": false,
"description": "Instance of Dynamic Online Diagnostic System Runbook.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsDynamicRunbookInstance",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_all_appliances": {
"default": false,
"description": "The knob of installing Dynamic Runbook on all appliance nodes.",
"title": "Knob of installing Dynamic Runbook on all appliance nodes",
"type": "boolean"
},
"applied_to_group_paths": {
"description": "The policy path set of groups to which the Dynamic Runbook is installed.",
"items": {
"type": "string"
},
"title": "Path(s) of group(s) to which the Dynamic Runbook is installed",
"type": "array"
},
"applied_to_nodes": {
"description": "Identifiers of appliances and transport nodes to which the Dynamic Runbook is installed.",
"items": {
"type": "string"
},
"title": "Identifiers of appliances and transport nodes to which the Dynamic Runbook is installed",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dynamic Runbook Instance",
"type": "object"
}
OdsDynamicRunbookInstanceState (type)
{
"additionalProperties": false,
"description": "Runtime state of Dynamic Runbook Instance.",
"id": "OdsDynamicRunbookInstanceState",
"module_id": "PolicyOds",
"properties": {
"install_state": {
"description": "Installation state of a Dynamic Online Diagnostic System Runbook on target nodes.",
"items": {
"$ref": "OdsDynamicRunbookNodeInstallStatus
},
"readonly": true,
"title": "Installation state of runbook on target nodes.",
"type": "array"
},
"management_state": {
"description": "Management state of a Dynamic Online Diagnostic System Runbook. NONE - No runbook is installed. INSTALLING - Runbook is being installed. INSTALL_PARTIAL_FINISHED - Runbook installation completes with error(s) on some target nodes. INSTALL_FINISHED - Runbook installation completes successfully on all the target nodes. UNINSTALLING - Runbook is being uninstalled UNINSTALL_PARTIAL_FINISHED - Runbook uninstallation does not complete successfully on some target nodes.",
"enum": [
"NONE",
"INSTALLING",
"INSTALL_PARTIAL_FINISHED",
"INSTALL_FINISHED",
"UNINSTALLING",
"UNINSTALL_PARTIAL_FINISHED"
],
"readonly": true,
"required": true,
"title": "State of Dynamic Runbook Instance",
"type": "string"
},
"runbook_name": {
"description": "The name of Dynamic Runbook.",
"readonly": true,
"title": "Name of Dynamic Runbook",
"type": "string"
}
},
"title": "Runtime state of Dynamic Runbook Instance",
"type": "object"
}
OdsDynamicRunbookListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System Dynamic Runbooks.",
"extends": {
"$ref": "ListResult
},
"id": "OdsDynamicRunbookListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System Dynamic Runbook list results.",
"items": {
"$ref": "OdsDynamicRunbook
},
"required": true,
"title": "Online Diagnostic System Dynamic Runbook list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paginated list of Dynamic Runbooks",
"type": "object"
}
OdsDynamicRunbookNodeInstallStatus (type)
{
"additionalProperties": false,
"description": "Installation status of a Dynamic Online Diagnostic System Runbook on target node.",
"id": "OdsDynamicRunbookNodeInstallStatus",
"module_id": "PolicyOds",
"properties": {
"error_detail": {
"description": "The error detail of runbook installation failure.",
"readonly": true,
"required": false,
"title": "The error detail of runbook installation",
"type": "string"
},
"node_id": {
"description": "Identifier of transport node, Edge node or appliance node.",
"readonly": true,
"required": true,
"title": "Identifier of transport node, Edge node or appliance node",
"type": "string"
},
"node_name": {
"description": "The name of transport node, Edge node or appliance node.",
"readonly": true,
"required": true,
"title": "The name of transport node, Edge node or appliance node",
"type": "string"
},
"status": {
"description": "Runbook installation state. NONE - Runbook package is not installed yet. REQUESTING - Runbook package request is being made. REQUESTED - Runbook package request has been sent to management plane. COMPATIBLE_VERSION_NOT_FOUND - Runbook package cannot be installed because no matched version is found. NODE_TYPE_UNSUPPORTED - Runbook package cannot be installed because the matched version does not support the target node type. REQUEST_TIMEOUT - Runbook package request is not made within timeout (2min). INSTALLING - Runbook package is being installed. INSTALL_TIMEOUT - Runbook package installation is not finished within timeout (3min). INSTALL_FAILED - Runbook installation fails. INSTALL_FINISHED - Runbook installation completes successfully. UNINSTALLING - Runbook uninstallation is in progress. UNINSTALL_TIMEOUT - Runbook uninstallation is not finished within timeout (the timeout of runbook plus 1min).",
"enum": [
"NONE",
"REQUESTING",
"REQUESTED",
"COMPATIBLE_VERSION_NOT_FOUND",
"NODE_TYPE_UNSUPPORTED",
"REQUEST_TIMEOUT",
"INSTALLING",
"INSTALL_TIMEOUT",
"INSTALL_FAILED",
"INSTALL_FINISHED",
"UNINSTALLING",
"UNINSTALL_TIMEOUT"
],
"readonly": true,
"required": true,
"title": "Installation status on target node",
"type": "string"
},
"version": {
"$ref": "OdsRunbookVersion,
"description": "Version of runbook.",
"readonly": true,
"required": true,
"title": "Version of runbook"
}
},
"title": "Installation status of a Dynamic Runbook on target node",
"type": "object"
}
OdsDynamicRunbookUninstallParam (type)
{
"additionalProperties": false,
"description": "Uninstall parameter for Dynamic Runbook",
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "OdsDynamicRunbookUninstallParam",
"module_id": "PolicyOds",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Uninstall param for Dynamic Runbook",
"type": "object"
}
OdsDynamicdRunbookInstanceListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System Dynamic Runbook Instances.",
"extends": {
"$ref": "ListResult
},
"id": "OdsDynamicdRunbookInstanceListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System Dynamic Runbook Instance list results.",
"items": {
"$ref": "OdsDynamicRunbookInstance
},
"required": true,
"title": "Online Diagnostic System Dynamic Runbook Instance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paginated list of Dynamic Runbook Instances",
"type": "object"
}
OdsPredefinedRunbook (type)
{
"additionalProperties": false,
"description": "Policy entity of a System Predefined runbook. This is a read-only object created by system.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsPredefinedRunbook",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_config": {
"$ref": "OdsRunbookSettingData,
"description": "Default configuration of the runbook. If a runbook setting for the certain runbook exists, the realized configuraiton will be overridden.",
"readonly": true,
"required": true,
"title": "Default runbook configuration"
},
"deprecated": {
"description": "The flag that indicates whether the runbook is deprecated.",
"readonly": true,
"title": "The flag that indicates whether the runbook is deprecated",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parameters": {
"description": "Arguments of runbook.",
"items": {
"$ref": "OdsRunbookParameter
},
"readonly": true,
"title": "Parameters of runbook",
"type": "array"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"supported_node_types": {
"description": "Supported node types for the runbook.",
"items": {
"$ref": "NsxOdsNodeType
},
"readonly": true,
"required": true,
"title": "Supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"$ref": "OdsRunbookVersion,
"description": "Version of runbook.",
"readonly": true,
"required": true,
"title": "Version of runbook"
}
},
"title": "System predefined runbook",
"type": "object"
}
OdsPredefinedRunbookListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System Predefined Runbooks.",
"extends": {
"$ref": "ListResult
},
"id": "OdsPredefinedRunbookListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System Predefined Runbook list results.",
"items": {
"$ref": "OdsPredefinedRunbook
},
"required": true,
"title": "Online Diagnostic System Predefined Runbook list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paginated list of Predefined Runbooks",
"type": "object"
}
OdsRunbookArtifactListResult (type)
{
"additionalProperties": false,
"description": "Collection of Online Diagnostic System artifact list.",
"extends": {
"$ref": "ListResult
},
"id": "OdsRunbookArtifactListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System runbook artifact list results.",
"items": {
"$ref": "OdsRunbookArtifactStatus
},
"required": true,
"title": "Online Diagnostic System artifact list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of predefined runbooks",
"type": "object"
}
OdsRunbookArtifactStatus (type)
{
"additionalProperties": false,
"description": "The status of Online Diagnostic System artifact object.",
"id": "OdsRunbookArtifactStatus",
"module_id": "PolicyOds",
"properties": {
"detail": {
"description": "Online Diagnostic System runbook invocation detail information",
"readonly": true,
"title": "Online Diagnostic System runbook artifact detail",
"type": "string"
},
"invocation": {
"description": "Online Diagnostic System runbook invocation path",
"readonly": true,
"title": "Online Diagnostic System runbook invocation path",
"type": "string"
}
},
"title": "Ods aritifact status",
"type": "object"
}
OdsRunbookCompoundParameter (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter of compound type.",
"extends": {
"$ref": "OdsRunbookParameter
},
"id": "OdsRunbookCompoundParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "COMPOUND"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
}
},
"title": "Runbook parameter of compound type",
"type": "object"
}
OdsRunbookEnumParameter (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter of enumeration type.",
"extends": {
"$ref": "OdsRunbookParameter
},
"id": "OdsRunbookEnumParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "ENUM"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"members": {
"description": "Member of enumeration for runbook parameter.",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Members of enumeration",
"type": "array"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
}
},
"title": "Runbook parameter of enumeration type",
"type": "object"
}
OdsRunbookHelpInfo (type)
{
"additionalProperties": false,
"description": "Help information for an Online Diagnostic System Runbook.",
"id": "OdsRunbookHelpInfo",
"module_id": "PolicyOds",
"properties": {
"parameter_info": {
"description": "Descriptions on parameters of an Online Diagnostic System Runbook.",
"items": {
"$ref": "OdsRunbookParameterHelpInfo
},
"readonly": true,
"title": "Descriptions on runbook parameters",
"type": "array"
},
"summary": {
"description": "Usage summary of an Online Diagnostic System Runbook.",
"readonly": true,
"required": true,
"title": "Runbook usage summary",
"type": "string"
}
},
"title": "Runbook help information",
"type": "object"
}
OdsRunbookIntegerParameter (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter of integer type.",
"extends": {
"$ref": "OdsRunbookParameter
},
"id": "OdsRunbookIntegerParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "INTEGER"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
}
},
"title": "Runbook parameter of integer type",
"type": "object"
}
OdsRunbookInvocation (type)
{
"additionalProperties": false,
"description": "Policy entity for the invocation of an Online Diagnostic System Runbook.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsRunbookInvocation",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arguments": {
"description": "List of key value pairs as the arguments for an execution of an Online Diagnostic System Runbook.",
"items": {
"$ref": "UnboundedKeyValuePair
},
"required": false,
"title": "Arguments for runbook invocation",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runbook_name": {
"description": "The property is read-only, used for querying result.",
"readonly": true,
"required": false,
"title": "Name of runbook object",
"type": "string"
},
"runbook_path": {
"description": "The policy path of runbook object.",
"required": true,
"title": "Path of runbook object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_node": {
"description": "Identifier of an appliance node or transport node where the execution of an Online Diagnostic System Runbook happens.",
"required": false,
"title": "Identifier of an appliance node or transport node",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Runbook invocation",
"type": "object"
}
OdsRunbookInvocationArtifactBatchRequest (type)
{
"additionalProperties": false,
"description": "Batched request for collecting artifacts of Online Diagnostic System invocations.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsRunbookInvocationArtifactBatchRequest",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"invocation_paths": {
"description": "This array can consist of one or more policy paths. Only policy paths of Ods invocations are allowed.",
"items": {
"type": "string"
},
"maxItems": 500,
"minItems": 1,
"required": true,
"title": "List of invocation path for artifact collection",
"type": "array"
},
"is_transient": {
"default": true,
"description": "This field indicates whether the intent is transient. If it is set to true, intent will be cleaned up after 1 hour of inactivity.",
"required": false,
"title": "Marker to indicate if the intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Batched request for collecting artifacts of runbook invocations.",
"type": "object"
}
OdsRunbookInvocationArtifactBatchResult (type)
{
"additionalProperties": false,
"description": "Result for batched request of Online Diagnostic System runbook artifact collection.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsRunbookInvocationArtifactBatchResult",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failed_invocations": {
"$ref": "OdsRunbookArtifactListResult,
"description": "List of invocations for failed artifact collection.",
"readonly": true,
"title": "List of invocations for failed artifact collection"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"invocation_paths": {
"description": "This array can consist of one or more policy paths. Only policy paths of Ods invocations are allowed.",
"items": {
"type": "string"
},
"maxItems": 500,
"minItems": 1,
"required": true,
"title": "List of invocation path for artifact collection",
"type": "array"
},
"is_transient": {
"description": "This field indicates whether the intent is transient. If it is set to true, intent will be cleaned up after 1 hour of inactivity.",
"readonly": true,
"title": "Marker to indicate if the intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"description": "State of batch process of Online Diagnostic System runbook artifact collection. IN-PROGRESS - The batch process is in process. FINISHED - The batch process is finished.",
"enum": [
"IN-PROGRESS",
"FINISHED"
],
"readonly": true,
"title": "Batch request status",
"type": "string"
},
"successful_invocations": {
"$ref": "OdsRunbookArtifactListResult,
"description": "List of invocations for successful artifact collection.",
"readonly": true,
"title": "List of invocations for successful artifact collection"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Result for batched request of runbook artifact collection",
"type": "object"
}
OdsRunbookInvocationArtifactListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System runbook invocation artifacts.",
"extends": {
"$ref": "ListResult
},
"id": "OdsRunbookInvocationArtifactListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System runbook invocation artifact list results.",
"items": {
"$ref": "OdsRunbookInvocationArtifactBatchResult
},
"required": true,
"title": "Runbook invocation artifact list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of runbook invocation artifacts",
"type": "object"
}
OdsRunbookInvocationListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System Runbook invocations.",
"extends": {
"$ref": "ListResult
},
"id": "OdsRunbookInvocationListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System Runbook invocation list results.",
"items": {
"$ref": "OdsRunbookInvocation
},
"required": true,
"title": "Runbook invocation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of runbook invocations",
"type": "object"
}
OdsRunbookInvocationReport (type)
{
"additionalProperties": false,
"description": "The report of the Invocation of an Online Diagnostic System Runbook.",
"id": "OdsRunbookInvocationReport",
"module_id": "PolicyOds",
"properties": {
"error_detail": {
"description": "The error detail of the invalid report.",
"readonly": true,
"required": false,
"title": "The report error detail",
"type": "string"
},
"invalid_reason": {
"description": "The reason why this report is invalid. TIMEOUT - The invocation is timeout. CANCELLED - The invocation is cancelled. INTERNAL_ERROR - The invocation ends up with error.",
"enum": [
"TIMEOUT",
"CANCELLED",
"INTERNAL_ERROR"
],
"readonly": true,
"required": false,
"title": "Invalid report reason",
"type": "string"
},
"invocation_id": {
"description": "The universally unique identifier for invocation of an Online Diagnostic System Runbook.",
"readonly": true,
"required": true,
"title": "UUID of Runbook Invocation",
"type": "string"
},
"recommendation_code": {
"description": "Online Diagnostic System recommendation code of the runbook invocation.",
"readonly": true,
"required": false,
"title": "Online Diagnostic System recommendation code",
"type": "integer"
},
"recommendation_message": {
"description": "Online Diagnostic System recommendation message of the runbook invocation.",
"readonly": true,
"required": false,
"title": "Online Diagnostic System recommendation message",
"type": "string"
},
"result_code": {
"description": "Online Diagnostic System result code of the runbook invocation.",
"readonly": true,
"required": false,
"title": "Online Diagnostic System result code",
"type": "integer"
},
"result_message": {
"description": "Online Diagnostic System result message of the runbook invocation.",
"readonly": true,
"required": false,
"title": "Online Diagnostic System result message",
"type": "string"
},
"status": {
"$ref": "OdsRunbookInvocationStatus,
"description": "The runtime status of the invocation of an Online Diagnostic System runbook.",
"readonly": true,
"required": false,
"title": "Status of the runbook invocation"
},
"step_details": {
"description": "Details of performed steps in the invocation of an Online Diagnostic System Runbook.",
"items": {
"$ref": "OdsRunbookInvocationStepInfo
},
"readonly": true,
"required": false,
"title": "Details of performed steps in the runbook invocation",
"type": "array"
},
"sys_info": {
"$ref": "OdsRunbookSysInfo,
"description": "System information of the target node where the Online Diagnostic System Runbook is executed.",
"readonly": true,
"required": false,
"title": "System information of the target node where the runbook is executed"
},
"target_node": {
"description": "Identifier of an appliance node or transport node where the execution of an Online Diagnostic System Runbook happens.",
"readonly": true,
"required": true,
"title": "Identifier of an appliance node or transport node",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "The timestamp when the report of an Online Diagnostic System Runbook is generated in milliseconds epoch.",
"readonly": true,
"required": false,
"title": "Timestamp of Runbook invocation report"
}
},
"title": "Report of Runbook Invocation",
"type": "object"
}
OdsRunbookInvocationStatus (type)
{
"additionalProperties": false,
"description": "The runtime status of the invocation of an Online Diagnostic System Runbook.",
"id": "OdsRunbookInvocationStatus",
"module_id": "PolicyOds",
"properties": {
"operation_state": {
"description": "Operation state of an invocation of an Online Diagnostic System Runbook on its target node. NONE - No operation state is available. RUNBOOK_NOT_FOUND - The specified runbook does not exist on the target. QUEUED - The runbook invocation is queued to be scheduled. BUSY_REJECTED - The runbook invocation is rejected because the runbook runner on the target node is busy. THROTTLED - The runbook invocation is rejected by throttling check. ARG_INVALID - The runbook invocation is rejected by argument validation. RUNNING - The runbook invocation is running. FINISHED - The runbook invocation is finished. GENERAL_ERROR - Runbook invocation fails with some internal errors. RUNBOOK_NOT_ENABLED - The specified runbook is not enabled on the target. ABORTED - The runbook invocation is cancelled.",
"enum": [
"NONE",
"RUNBOOK_NOT_FOUND",
"QUEUED",
"BUSY_REJECTED",
"THROTTLED",
"ARG_INVALID",
"RUNNING",
"FINISHED",
"GENERAL_ERROR",
"RUNBOOK_NOT_ENABLED",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Operation state of a runbook invocation on the target node",
"type": "string"
},
"request_status": {
"description": "Request status of an invocation of an Online Diagnostic System Runbook. SUCCESS - The runbook invocation request is acknowledged by the target. CONNECTION_ERROR - The runbook invocation request cannot be dispatched to the target because the messaging channel is broken. TIMEOUT - The runbook invocation request was acknowledged by the target, but it did not report operational state of the terminating class to NSX in time.",
"enum": [
"SUCCESS",
"CONNECTION_ERROR",
"TIMEOUT"
],
"readonly": true,
"required": true,
"title": "Request status of a runbook invocation",
"type": "string"
}
},
"title": "Status of runbook invocation",
"type": "object"
}
OdsRunbookInvocationStepInfo (type)
{
"additionalProperties": false,
"description": "Information on a performed step in the invocation of an Online Diagnostic System Runbook.",
"id": "OdsRunbookInvocationStepInfo",
"module_id": "PolicyOds",
"properties": {
"action_result": {
"description": "The description of results of performed actions in the step.",
"readonly": true,
"required": true,
"title": "Results of performed actions in the step",
"type": "string"
},
"action_summary": {
"description": "Summary of performed actions in the step.",
"readonly": true,
"required": true,
"title": "Summary of performed actions in the step",
"type": "string"
},
"artifacts": {
"description": "The collection of associated artifact list.",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Artifacts collection",
"type": "array"
},
"step_id": {
"description": "The sequence number of a step in the invocation of an Online Diagnostic System Runbook.",
"readonly": true,
"required": true,
"title": "Number of the step",
"type": "int"
}
},
"title": "Information on a performed step in runbook invocation",
"type": "object"
}
OdsRunbookParameter (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Base type for Online Diagnostic System Runbook parameter.",
"id": "OdsRunbookParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "parameter_type"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
}
},
"title": "Base type for runbook parameter",
"type": "object"
}
OdsRunbookParameterHelpInfo (type)
{
"additionalProperties": false,
"description": "Help information of Online Diagnostic System runbook parameter.",
"id": "OdsRunbookParameterHelpInfo",
"module_id": "PolicyOds",
"properties": {
"parameter": {
"$ref": "OdsRunbookParameter,
"description": "Online Diagnostic System Runbook parameter.",
"readonly": true,
"required": true,
"title": "Runbook parameter"
},
"summary": {
"description": "Description on semantics and value constraints of an Online Diagnostic System Runbook parameter.",
"readonly": true,
"required": true,
"title": "Summary of a runbook parameter",
"type": "string"
}
},
"title": "Help information of a runbook parameter",
"type": "object"
}
OdsRunbookParameterRange (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter range",
"id": "OdsRunbookParameterRange",
"module_id": "PolicyOds",
"properties": {
"max_value": {
"description": "The max value of the parameter.",
"readonly": true,
"required": false,
"title": "The max value of the parameter",
"type": "integer"
},
"min_value": {
"description": "The min value of the parameter.",
"readonly": true,
"required": false,
"title": "The min value of the parameter",
"type": "integer"
}
},
"title": "Runbook parameter range",
"type": "object"
}
OdsRunbookPatternParameter (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter of pattern type.",
"extends": {
"$ref": "OdsRunbookParameter
},
"id": "OdsRunbookPatternParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "PATTERN"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
},
"pattern": {
"description": "Regular expression of pattern for runbook parameter. If the parameter does not match this pattern, API call will be rejected.",
"pattern": "^\\^.+\\$$",
"readonly": true,
"required": true,
"title": "Regular expression of pattern",
"type": "string"
}
},
"title": "Runbook parameter of pattern type",
"type": "object"
}
OdsRunbookSetting (type)
{
"additionalProperties": false,
"description": "Setting for Online Diagnostic System runbook.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OdsRunbookSetting",
"module_id": "PolicyOds",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_all_appliances": {
"description": "The on-off switch of runbook on all UA appliance nodes. If applied to specific UA appliances, please use the applied_to_appliance_ids instead. The fields applied_to_all_appliances and applied_to_appliance_ids are exclusive to each other.",
"title": "Profile Enablement Flag on all UA appliance nodes",
"type": "boolean"
},
"applied_to_appliance_ids": {
"description": "Identifier(s) of UA appliance(s) to which the profile is applied. If this field is specified, then it should be a non-empty array. The appliance id list can be obtained from API api/v1/cluster/nodes. The valid id is the external id of appliance with manager role. If applied to all UA appliances, please use the applied_to_all_appliance instead.",
"items": {
"type": "string"
},
"title": "Identifier(s) of UA appliance(s) to which the profile is applied",
"type": "array"
},
"applied_to_group_path": {
"description": "The policy path of group to which the profile is applied.",
"title": "Path of group to which the profile is applied",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "OdsRunbookSettingData,
"description": "Configuration for Online Diagnostic System Runbook.",
"required": true,
"title": "Configuration for runbook"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runbook_path": {
"description": "The policy path of runbook object.",
"required": true,
"title": "Path of runbook object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Runbook setting",
"type": "object"
}
OdsRunbookSettingData (type)
{
"additionalProperties": false,
"description": "Configuration items for an Online Diagnostic System Runbook.",
"id": "OdsRunbookSettingData",
"module_id": "PolicyOds",
"properties": {
"enabled": {
"default": true,
"description": "The flag that indicates whether the runbook is enabled.",
"required": false,
"title": "The flag that indicates whether the runbook is enabled",
"type": "boolean"
},
"threshold_number": {
"description": "Maximum number of runbook executions allowed in a throttling cycle. Runbook execution will be throttled once the threshold is reached. This option does not take effect when the throttling is disabled.",
"maximum": 10000,
"minimum": 1,
"required": false,
"title": "Threshold for runbook execution in a throttling cycle",
"type": "integer"
},
"threshold_number_range": {
"$ref": "OdsRunbookParameterRange,
"description": "Threshold range for runbook execution in a throttling cycle.",
"readonly": true,
"required": false,
"title": "Threshold range for runbook execution in a throttling cycle"
},
"throttle_cycle": {
"description": "Duration of throttling cycle for runbook execution in minutes. It controls the minimum time between execution of a runbook and avoids executing a runbook too frequently in a short time. If the throttling cycle is set to 0, throttling is disabled.",
"maximum": 1440,
"minimum": 0,
"required": false,
"title": "Cycle of throttling runbook execution in minutes",
"type": "integer"
},
"throttle_cycle_range": {
"$ref": "OdsRunbookParameterRange,
"description": "Cycle range of throttling runbook execution in minutes.",
"readonly": true,
"required": false,
"title": "Cycle range of throttling runbook execution in minutes"
},
"timeout": {
"description": "Timeout of runbook execution in seconds.",
"maximum": 86400,
"minimum": 1,
"required": false,
"title": "Timeout of runbook execution in seconds",
"type": "integer"
},
"timeout_range": {
"$ref": "OdsRunbookParameterRange,
"description": "The timeout range of runbook execution in seconds.",
"readonly": true,
"required": false,
"title": "The timeout range of runbook execution in seconds"
}
},
"title": "Setting data of runbook",
"type": "object"
}
OdsRunbookSettingListResult (type)
{
"additionalProperties": false,
"description": "Paged list of Online Diagnostic System Runbook settings.",
"extends": {
"$ref": "ListResult
},
"id": "OdsRunbookSettingListResult",
"module_id": "PolicyOds",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Online Diagnostic System Runbook setting list results.",
"items": {
"$ref": "OdsRunbookSetting
},
"required": true,
"title": "Runbook setting list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of runbook settings",
"type": "object"
}
OdsRunbookStringParameter (type)
{
"additionalProperties": false,
"description": "Online Diagnostic System Runbook parameter of string type.",
"extends": {
"$ref": "OdsRunbookParameter
},
"id": "OdsRunbookStringParameter",
"module_id": "PolicyOds",
"polymorphic-type-descriptor": {
"type-identifier": "STRING"
},
"properties": {
"default_value": {
"description": "Runbook argument will be set to this value if not provided.",
"readonly": true,
"required": false,
"title": "Runbook argument default value",
"type": "string"
},
"max": {
"description": "Runbook argument is not allowed to set value bigger than this.",
"readonly": true,
"required": false,
"title": "Runbook argument max value",
"type": "string"
},
"min": {
"description": "Runbook argument is not allowed to set value smaller than this.",
"readonly": true,
"required": false,
"title": "Runbook argument min value",
"type": "string"
},
"name": {
"description": "Runbook argument name.",
"readonly": true,
"required": true,
"title": "Runbook argument name",
"type": "string"
},
"optional": {
"default": false,
"description": "The flag that indicates whether the argument is optional.",
"readonly": true,
"required": false,
"title": "The flag that indicates whether the argument is optional",
"type": "boolean"
},
"parameter_type": {
"description": "Runbook parameter type. INTEGER - integer STRING - string ENUM - enumeration PATTERN - string that matches certain regular expression COMPOUND - string that is accepted by the validation of runbook BOOLEAN - boolean FLOAT - float",
"enum": [
"INTEGER",
"STRING",
"ENUM",
"PATTERN",
"COMPOUND",
"BOOLEAN",
"FLOAT"
],
"readonly": true,
"required": true,
"title": "Runbook parameter type",
"type": "string"
}
},
"title": "Runbook parameter of string type",
"type": "object"
}
OdsRunbookSysInfo (type)
{
"additionalProperties": false,
"description": "System information of the node where an Online Diagnostic System Runbook is executed.",
"id": "OdsRunbookSysInfo",
"module_id": "PolicyOds",
"properties": {
"host_name": {
"description": "Host name or IP address.",
"readonly": true,
"required": true,
"title": "Host name",
"type": "string"
},
"os_name": {
"description": "Operating system name.",
"readonly": true,
"required": true,
"title": "Operating system name",
"type": "string"
},
"os_version": {
"description": "Operating system version.",
"readonly": true,
"required": true,
"title": "Operating system version",
"type": "string"
}
},
"title": "System information of the node where runbook is executed",
"type": "object"
}
OdsRunbookVersion (type)
{
"additionalProperties": false,
"description": "Version of Online Diagnostic System Runbook.",
"id": "OdsRunbookVersion",
"module_id": "PolicyOds",
"properties": {
"major": {
"description": "Major revision of runbook.",
"readonly": true,
"required": true,
"title": "Major revision",
"type": "integer"
},
"minor": {
"description": "Minor revision of runbook.",
"readonly": true,
"required": true,
"title": "Minor revision",
"type": "integer"
}
},
"title": "Runbook version",
"type": "object"
}
OidcEndPoint (type)
{
"additionalProperties": false,
"description": "OpenID Connect end-point specifying where to fetch the JWKS document used to validate JWT tokens for TokenBasedPrincipalIdentities.",
"extends": {
"$ref": "ManagedResource
},
"id": "OidcEndPoint",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authorization_endpoint": {
"description": "The URL of the OpenID provider's authorization endpoint.",
"readonly": true,
"required": false,
"title": "Authorization endpoint",
"type": "string"
},
"claim_map": {
"description": "Configuration for mapping claims in OIDC ID tokens to NSX roles.",
"items": {
"$ref": "ClaimMap
},
"nsx_feature": "OIDC",
"title": "Map from ID token claims to NSX roles",
"type": "array"
},
"claims_supported": {
"description": "The list of claims that the OpenID provider supports.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Claims supported",
"type": "array"
},
"client_id": {
"description": "The client ID for NSX to use when authenticating via this OIDC provider. This is required when oidc_type is \"ws_one\" or \"csp\".",
"nsx_feature": "OIDC",
"readonly": false,
"required": false,
"title": "OIDC Client ID",
"type": "string"
},
"client_secret": {
"description": "The client secret for NSX to use when authenticating via this OIDC provider. This is required when oidc_type is \"ws_one\".",
"nsx_feature": "OIDC",
"readonly": false,
"required": false,
"sensitive": true,
"title": "OIDC Client Secret",
"type": "secure_string"
},
"csp_config": {
"$ref": "CspConfig,
"description": "Extra configuration specific to CSP endpoints. This property is ignored unless the oidc_type is \"csp\".",
"required": false,
"title": "CSP-specific configuration"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"end_session_endpoint_uri": {
"description": "URI of the OpenID session logout end-point.",
"maxLength": 255,
"nsx_feature": "OIDC",
"readonly": true,
"title": "OpenID session logout URI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"issuer": {
"description": "Issuer of the JWT tokens for the given type. This field is fetched from the meta-data located at the oidc_uri.",
"readonly": true,
"required": false,
"title": "JWT token issuer",
"type": "string"
},
"jwks_uri": {
"description": "The URI where the JWKS document is located that has the key used to validate the JWT signature.",
"readonly": true,
"required": false,
"title": "URI of JWKS document",
"type": "string"
},
"name": {
"description": "A short, unique name for this OpenID Connect end-point. OIDC endpoint names may not contain spaces. If not provided, defaults to the ID of the OidcEndPoint.",
"required": false,
"title": "Unique name for this OpenID Connect end-point",
"type": "string"
},
"oidc_type": {
"default": "vcenter",
"description": "Type used to distinguish the OIDC end-points by IDP.",
"enum": [
"vcenter",
"ws_one",
"csp"
],
"maxLength": 255,
"readonly": false,
"required": false,
"title": "OIDC Type",
"type": "string"
},
"oidc_uri": {
"description": "URI of the OpenID Connect end-point.",
"maxLength": 255,
"readonly": false,
"required": true,
"title": "OpenID Connect URI",
"type": "string"
},
"override_roles": {
"description": "When specified this role or roles are used instead of the nsx-role in the JWT",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Roles used instead of token roles",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"restrict_scim_search": {
"default": false,
"description": "If set to true, then it is only possible to perform a SCIM search against the OIDC provider used to authenticate. If OIDC was not used to authenticate (for example, if authenticated as a local user), then this restriction does not apply.",
"nsx_feature": "OIDC",
"required": false,
"title": "SCIM search restriction indicator",
"type": "boolean"
},
"scim_endpoints": {
"description": "The SCIM (System for Cross-domain Identity Management) endpoint URLs to use when enumerating users and groups. All endpoints will be queried to obtain user and group information.",
"items": {
"type": "string"
},
"nsx_feature": "OIDC",
"readonly": true,
"title": "SCIM endpoints",
"type": "array"
},
"serviced_domains": {
"description": "When a login to NSX using a principal name of the form user@domain is attempted, the list of OIDC providers will be scanned to find one with a matching domain. If a match is found, that OIDC provider is used to authenticate the user. Each domain must be unique across all OIDC providers. If a duplicate domain is provided when adding or updating and OIDC provider, the request will be rejected.",
"items": {
"maxItems": 32,
"type": "string",
"uniqueItems": true
},
"nsx_feature": "OIDC",
"title": "List of domains serviced by this OIDC provider",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Thumbprint in SHA-256 format used to verify the server certificate at the URI.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Thumbprint",
"type": "string"
},
"token_endpoint": {
"description": "The URL of the OpenID provider's token endpoint.",
"readonly": true,
"required": false,
"title": "Token endpoint",
"type": "string"
},
"userinfo_endpoint": {
"description": "The URL of the OpenID provider's userinfo endpoint.",
"readonly": true,
"required": false,
"title": "Userinfo endpoint",
"type": "string"
}
},
"title": "OpenID Connect end-point",
"type": "object"
}
OidcEndPointHealthStatus (type)
{
"addtionalProperties": false,
"description": "The health status of the OIDC End Point",
"id": "OidcEndPointHealthStatus",
"module_id": "CertificateManager",
"properties": {
"errors": {
"description": "Details about errors encountered while checking the health of the OIDC endpoint.",
"items": {
"$ref": "OidcHealthCheckError
},
"title": "Problems with OIDC endpoint health",
"type": "array"
},
"result": {
"description": "Overall result of the health check. If the check was completely successful, the status will be SUCCESS. If one or more problems were found, the status will be FAILURE and the errors property will contain more information about the failure(s).",
"enum": [
"SUCCESS",
"FAILURE"
],
"readonly": true,
"title": "Overall result",
"type": "string"
}
},
"title": "OIDC End Point Health Status",
"type": "object"
}
OidcEndPointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters for filtering lists of OIDC endpoints",
"id": "OidcEndPointListRequestParameters",
"module_id": "CertificateManager",
"properties": {
"oidc_type": {
"description": "Selects the type of OIDC endpoint to return in list results.",
"enum": [
"vcenter",
"ws_one",
"csp"
],
"title": "Type of OIDC endpoint to return",
"type": "string"
}
},
"title": "OIDC endpoint list request parameters",
"type": "object"
}
OidcEndPointListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "OidcEndPointListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "OidcEndPoint list.",
"items": {
"$ref": "OidcEndPoint
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OidcEndPoint query result",
"type": "object"
}
OidcHealthCheckError (type)
{
"description": "Details about an error encountered while checking OIDC End Point health status.",
"id": "OidcHealthCheckError",
"module_id": "CertificateManager",
"properties": {
"error_detail": {
"description": "Additional details about the cause of the error, if any could be determined.",
"title": "Additional error details",
"type": "string"
},
"error_type": {
"description": "A problem discovered when checking the health of the OIDC End Point. DISCOVERY_URI_FETCH_FAIL: The OIDC discovery endpoint could not be retrieved. TOKEN_RETRIEVE_FAIL: NSX was unable to retrieve a token from the OIDC End Point. Authentication to NSX using OIDC will not be possible. SCIM_SEARCH_FAIL: NSX was unable to perform a user/group search of the SCIM (System for Cross-domain Identity Management) endpoint. User and group searches will not function correctly. GENERAL_ERROR: Some general error occurred while verifying the OIDC endpoint.",
"enum": [
"JWKS_URI_FETCH_FAIL",
"TOKEN_RETRIEVE_FAIL",
"SCIM_SEARCH_FAIL"
],
"title": "The type of error encountered",
"type": "string"
}
},
"title": "Error detail about OIDC health issue",
"type": "object"
}
OidcRefreshParameter (type)
{
"additionalProperties": false,
"id": "OidcRefreshParameter",
"module_id": "CertificateManager",
"properties": {
"refresh": {
"default": false,
"description": "Whether to fetch and update the OIDC meta-data.",
"required": false,
"title": "Refresh meta-data",
"type": "boolean"
}
},
"type": "object"
}
OpenLdapIdentitySource (type)
{
"description": "An identity source service that runs OpenLDAP. The service allows selected user accounts defined in OpenLDAP to log into and access NSX-T.",
"extends": {
"$ref": "LdapIdentitySource
},
"id": "OpenLdapIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"type-identifier": "OpenLdapIdentitySource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An OpenLDAP identity source service",
"type": "object"
}
OperationCollector (type)
{
"description": "The operation collector is defined to receive stats from hosts. (eg. vRNI-collector collects all the system metrics)",
"id": "OperationCollector",
"module_id": "GlobalConfigs",
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the operation collector.",
"required": true,
"title": "IP address for the operation collector"
},
"collector_port": {
"description": "Port for the operation collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the operation collector",
"type": "int"
},
"collector_type": {
"default": "VRNI",
"description": "Define the operation collector type.",
"enum": [
"VRNI",
"WAVE_FRONT"
],
"title": "The operation collector type",
"type": "string"
},
"tracing_port": {
"description": "Port for the Wavefront tracing.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port for the Wavefront tracing",
"type": "int"
}
},
"type": "object"
}
OperationCollectorGlobalConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GlobalConfigs
},
"id": "OperationCollectorGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "OperationCollectorGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"collectors": {
"description": "Operation Collector Config.",
"items": {
"$ref": "OperationCollector
},
"required": false,
"title": "Operation Collector Config",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"report_interval": {
"default": 30,
"description": "Report interval for operation data in seconds.",
"maximum": 1800,
"minimum": 1,
"title": "Report interval for operation data in seconds",
"type": "int"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for operation collector",
"type": "object"
}
OperationVerticalConfig (type)
{
"additionalProperties": false,
"description": "The details of deactivated operation verticals",
"id": "OperationVerticalConfig",
"module_id": "Policy",
"properties": {
"latency_stat_disabled": {
"description": "When this flag is set to true, the latency stat feature is deactivated. It is due to the SmartNIC backed DVS existing in Policy Manager. The latency has special GENEVE option to carry Latency information. But the hardware doesn't support it.",
"readonly": true,
"title": "A flag to indicate whether the latency stat feature is deactivated.",
"type": "boolean"
},
"live_trace_disabled": {
"description": "When this flag is set to true, the live trace feature is deactivated. It is due to the SmartNIC backed DVS existing in Policy Manager. The live trace has a special Geneve option in the header. But the hardware doesn't support it.",
"readonly": true,
"title": "A flag to indicate whether the live trace feature is deactivated.",
"type": "boolean"
}
},
"title": "Operation Vertical Config",
"type": "object"
}
OpsGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global Operations configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OpsGlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"in_band_network_telementry": {
"$ref": "DscpIndicator,
"description": "Specify the In-band network telemetry (INT) configuration config in a NSX domain. Set(resp. Unset) this configuration to activate(resp. deactivate) traceflow on VLAN logical network.",
"required": false,
"title": "The details of INT global configurations"
},
"is_inherited": {
"description": "if True, meaning that this is a copy version of GM if False, meaning that this is a local version on LM",
"required": false,
"title": "This field indicates whether this is a copy version of GM/NSX+ or not",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"operation_collectors": {
"description": "The operation collector is defined to receive stats from hosts. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.",
"items": {
"$ref": "GlobalCollectorConfig
},
"required": false,
"title": "Operation global collector config",
"type": "array"
},
"operation_feature_disabled": {
"$ref": "OperationVerticalConfig,
"description": "Specify the deactivated operation verticals. The True status indicates the certain operation vertical is not supported. And the detail reason is exposed on the corresponding API side.",
"required": false,
"title": "The details of deactivated operation verticals"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_infos": {
"description": "Information related to sites applicable for given config.",
"items": {
"$ref": "SiteInfo
},
"maxItems": 16,
"required": false,
"title": "Collection of Site information",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Operations configuration",
"type": "object"
}
Org (type)
{
"additionalProperties": false,
"description": "Org is created by infra provider.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Org",
"module_id": "PolicyOrg",
"policy_hierarchical_children": [
"ChildProject"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"short_id": {
"description": "Defaults to id if id is less than equal to 8 characters or defaults to random generated id if not set.",
"maxLength": 8,
"title": "Identifier to use when displaying org context in logs",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Org",
"type": "object"
}
OrgInfo (type)
{
"additionalProperties": false,
"description": "Organization ID and role, predefined for a particular type of VMware support.",
"id": "OrgInfo",
"module_id": "ApplianceModes",
"properties": {
"org_id": {
"description": "Organization ID, connected to a predefined role of a VMware support.",
"required": true,
"title": "Org ID",
"type": "string"
},
"org_role": {
"description": "Predefined role of a VMware support.",
"required": true,
"title": "Org role",
"type": "string"
}
},
"title": "Organization ID and role",
"type": "object"
}
OrgListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "OrgListRequestParameters",
"module_id": "PolicyOrg",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Org list request parameters",
"type": "object"
}
OrgListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "OrgListResult",
"module_id": "PolicyOrg",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Org
},
"required": true,
"title": "Org list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Org",
"type": "object"
}
OrgRoot (type)
{
"additionalProperties": false,
"description": "OrgRoot space related policy multi tenancy.",
"extends": {
"$ref": "AbstractSpace
},
"id": "OrgRoot",
"module_id": "PolicyOrgRoot",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelisting with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "OrgRoot",
"type": "object"
}
OspfAreaConfig (type)
{
"additionalProperties": false,
"description": "Contains OSPF Area configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OspfAreaConfig",
"module_id": "PolicyOspf",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"area_id": {
"description": "OSPF area-id either in decimal or dotted format.",
"required": true,
"title": "OSPF area id",
"type": "string"
},
"area_type": {
"default": "NORMAL",
"description": "Configures OSPF area with defined area type. If area_type field not specified, default is NSSA.",
"enum": [
"NORMAL",
"NSSA"
],
"required": false,
"title": "OSPF area type",
"type": "string"
},
"authentication": {
"$ref": "OspfAuthenticationConfig,
"description": "Activates/deactivates authentication for an OSPF area.",
"title": "OSPF area authentication configuration"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "OSPF Area config",
"type": "object"
}
OspfAreaConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "OspfAreaConfigListRequestParameters",
"module_id": "PolicyOspf",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Ospf area configuration list request parameters",
"type": "object"
}
OspfAreaConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of OSPF area configuration.",
"extends": {
"$ref": "ListResult
},
"id": "OspfAreaConfigListResult",
"module_id": "PolicyOspf",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "OSPF area configuration list results",
"items": {
"$ref": "OspfAreaConfig
},
"required": true,
"title": "OSPF area configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of OSPF area configuration",
"type": "object"
}
OspfAuthenticationConfig (type)
{
"additionalProperties": false,
"description": "Enables OSPF authentication with specified mode and password.",
"id": "OspfAuthenticationConfig",
"module_id": "PolicyOspf",
"properties": {
"key_id": {
"description": "Authentication secret key id is mandatory for type md5 with min value of 1 and max value 255.",
"maximum": 255,
"minimum": 1,
"required": false,
"sensitive": true,
"title": "Authentication secret key id",
"type": "integer"
},
"mode": {
"default": "NONE",
"description": "If mode is MD5 or PASSWORD, Authentication secret key is mandatory if mode is NONE, then authentication is deactivated.",
"enum": [
"NONE",
"PASSWORD",
"MD5"
],
"required": false,
"title": "Authentication mode",
"type": "string"
},
"secret_key": {
"description": "Authentication secret is mandatory for type password and md5 with min length of 1 and max length 8.",
"required": false,
"sensitive": true,
"title": "Authentication secret key",
"type": "secure_string"
}
},
"title": "OSPF Authentication Configuration",
"type": "object"
}
OspfDabtabaseCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "OspfDabtabaseCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"results": {
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
OspfDatabaseListResultInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "OspfDatabaseListResultInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "OspfDabtabaseCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
OspfDatabaseRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "OspfDatabaseRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"area_id": {
"description": "OSPF area identifier either in decimal or dotted format.",
"required": false,
"title": "OSPF area identifier",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge to retrieve neighbors.",
"required": false,
"title": "Policy path of edge",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OSPF Database list request parameters",
"type": "object"
}
OspfDatabaseStatus (type)
{
"additionalProperties": false,
"id": "OspfDatabaseStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"area_id": {
"description": "OSPF area id to filter the the OSPF database.",
"required": false,
"title": "OSPF area id filter parameter",
"type": "string"
},
"asbr_summary_link_states": {
"items": {
"$ref": "MpOspfSummaryLinkStates
},
"readonly": true,
"required": true,
"title": "array of ASBR summary link state of OSPF database",
"type": "array"
},
"edge_path": {
"description": "Policy path to edge node.",
"readonly": true,
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"external_link_states": {
"items": {
"$ref": "MpOspfExternalLinkState
},
"readonly": true,
"required": true,
"title": "array of external link of OSPF database",
"type": "array"
},
"net_link_states": {
"items": {
"$ref": "MpOspfNetworkLinkStates
},
"readonly": true,
"required": true,
"title": "array of network link state of OSPF database",
"type": "array"
},
"nssa_external_link_states": {
"items": {
"$ref": "MpOspfExternalLinkState
},
"readonly": true,
"required": true,
"title": "array of nssa external link of OSPF database",
"type": "array"
},
"router_link_states": {
"items": {
"$ref": "MpOspfRouterLinkStates
},
"readonly": true,
"required": true,
"title": "array of link state of OSPF database",
"type": "array"
},
"summary_link_states": {
"items": {
"$ref": "MpOspfSummaryLinkStates
},
"readonly": true,
"required": true,
"title": "array of summary link state of OSPF database",
"type": "array"
}
},
"type": "object"
}
OspfNeighbor (type)
{
"additionalProperties": false,
"description": "OSPF Neighbor Per Edge.",
"id": "OspfNeighbor",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_display_name": {
"description": "Display name to edge node.",
"title": "Display name for edge node",
"type": "string"
},
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"neighbors": {
"items": {
"$ref": "OspfNeighborStatus
},
"required": false,
"type": "array"
}
},
"title": "OSPF Neighbor Per Edge",
"type": "object"
}
OspfNeighborStatus (type)
{
"additionalProperties": false,
"description": "OSPF Neighbor Status.",
"id": "OspfNeighborStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"neighbor_address": {
"$ref": "IPAddress,
"description": "OSPF neighbor address.",
"readonly": true,
"required": true,
"title": "OSPF neighbor address"
},
"neighbor_status_info": {
"items": {
"$ref": "OspfStatusInfo
},
"required": false,
"type": "array"
}
},
"title": "OSPF Neighbor Status",
"type": "object"
}
OspfNeighborStatusRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "OspfNeighborStatusRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge to retrieve neighbors.",
"required": false,
"title": "Policy path of edge",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "OSPF neighbor ip address.",
"required": false,
"title": "OSPF neighbor ip address"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OSPF Neighbor Status list request parameters",
"type": "object"
}
OspfNeighborsStatusListResult (type)
{
"additionalProperties": false,
"description": "OSPF Neighbors.",
"extends": {
"$ref": "ListResult
},
"id": "OspfNeighborsStatusListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 gateway.",
"required": true,
"title": "Policy path to Tier0 gateway",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "OspfNeighbor
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OSPF Neighbor",
"type": "object"
}
OspfRoute (type)
{
"id": "OspfRoute",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"area": {
"description": "OSPF area.",
"readonly": true,
"required": true,
"title": "OSPF area",
"type": "string"
},
"cost": {
"description": "Cost of the route.",
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "integer"
},
"next_hops": {
"description": "request counter.",
"items": {
"$ref": "OspfRouteNextHopResult
},
"readonly": true,
"required": true,
"title": "request counter",
"type": "array"
},
"route_prefix": {
"description": "Learned route prefix.",
"readonly": true,
"required": true,
"title": "Learned route prefix",
"type": "string"
},
"route_type": {
"description": "Type of route.",
"readonly": true,
"required": true,
"title": "Type of route",
"type": "string"
},
"router_type": {
"description": "Type of router.",
"readonly": true,
"required": true,
"title": "Type of router",
"type": "string"
},
"type_to_cost": {
"description": "Type to cost of the route.",
"readonly": true,
"required": true,
"title": "Type to cost of the route",
"type": "integer"
}
},
"type": "object"
}
OspfRouteDetailsInCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "OspfRouteDetailsInCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"area": {
"description": "OSPF area.",
"readonly": true,
"required": true,
"title": "OSPF area",
"type": "string"
},
"cost": {
"description": "Cost of the route.",
"readonly": true,
"required": true,
"title": "Cost of the route",
"type": "integer"
},
"edge_path": {
"description": "Policy edge path.",
"readonly": true,
"required": true,
"title": "Policy edge path",
"type": "string"
},
"next_hop_directly_attached": {
"description": "Check whether OSPF route is directly connected.",
"readonly": true,
"required": true,
"title": "Check whether OSPF route is directly connected",
"type": "boolean"
},
"next_hop_interface_name": {
"description": "OSPF policy interface name.",
"readonly": true,
"required": true,
"title": "OSPF policy interface name",
"type": "string"
},
"next_hop_neighbor_address": {
"$ref": "IPAddress,
"description": "route next hop result.",
"readonly": true,
"required": true,
"title": "route next hop result"
},
"route_prefix": {
"description": "Learned route prefix.",
"readonly": true,
"required": true,
"title": "Learned route prefix",
"type": "string"
},
"route_type": {
"description": "Type of route.",
"readonly": true,
"required": true,
"title": "Type of route",
"type": "string"
},
"router_type": {
"description": "Type of router.",
"readonly": true,
"required": true,
"title": "Type of router",
"type": "string"
},
"type_to_cost": {
"description": "Type to cost of the route.",
"readonly": true,
"required": true,
"title": "Type to cost of the route",
"type": "integer"
}
},
"type": "object"
}
OspfRouteNextHopResult (type)
{
"additionalProperties": false,
"description": "OSPF route next hop result.",
"id": "OspfRouteNextHopResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"directly_attached": {
"description": "Check whether OSPF route is directly connected.",
"readonly": true,
"required": true,
"title": "Check whether OSPF route is directly connected",
"type": "boolean"
},
"interface_name": {
"description": "OSPF policy interface name.",
"readonly": true,
"required": true,
"title": "OSPF policy interface name",
"type": "string"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "next-hop address.",
"readonly": true,
"required": true,
"title": "next-hop address"
}
},
"title": "OSPF route next hop result",
"type": "object"
}
OspfRoutes (type)
{
"additionalProperties": false,
"description": "OSPF Routes Per Edge.",
"id": "OspfRoutes",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_display_name": {
"description": "Display name to edge node.",
"title": "Display name for edge node",
"type": "string"
},
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"route_details": {
"items": {
"$ref": "OspfRoute
},
"required": false,
"type": "array"
}
},
"title": "OSPF Routes Per Edge",
"type": "object"
}
OspfRoutesListResult (type)
{
"additionalProperties": false,
"description": "OSPF Routes.",
"extends": {
"$ref": "ListResult
},
"id": "OspfRoutesListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 gateway.",
"required": true,
"title": "Policy path to Tier0 gateway",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "OspfRoutes
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OSPF Routes",
"type": "object"
}
OspfRoutesListResultInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "OspfRoutesListResultInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "OspfRouteDetailsInCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
OspfRoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "OspfRoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge to retrieve routes.",
"required": false,
"title": "Policy path of edge",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point.",
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_prefix": {
"description": "CIDR network address.",
"required": false,
"title": "CIDR network address",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OSPF Routes list request parameters",
"type": "object"
}
OspfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Contains OSPF routing configurations.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OspfRoutingConfig",
"module_id": "PolicyOspf",
"policy_hierarchical_children": [
"ChildOspfAreaConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_originate": {
"default": false,
"description": "Flag to activate/deactivate advertisement of default route into OSPF domain. The default route should be present in the edge only then it redistributes the same into OSPF domain only if this flag is set to TRUE.",
"required": false,
"title": "Flag to activate/deactivate advertisement of default route",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ecmp": {
"default": true,
"description": "Flag to enable ECMP.",
"required": false,
"title": "Flag to enable ECMP",
"type": "boolean"
},
"enabled": {
"default": false,
"description": "Flag to enable OSPF routing protocol. Disabling will stop feature and OSPF peering.",
"required": false,
"title": "Flag to enable OSPF routing protocol",
"type": "boolean"
},
"graceful_restart_mode": {
"default": "HELPER_ONLY",
"description": "Configuration field to hold OSPF Restart mode .",
"enum": [
"DISABLE",
"HELPER_ONLY"
],
"title": "OSPF Graceful Restart Mode Configuration",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"summary_addresses": {
"description": "List of summary address configruation to summarize or filter external routes based on the setting of advertise flag in each OspfSummaryAddressConfig",
"items": {
"$ref": "OspfSummaryAddressConfig
},
"maxItems": 1000,
"required": false,
"title": "List of OSPF summary address configuration to summarize external routes",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "OSPF routing config",
"type": "object"
}
OspfStatusInfo (type)
{
"id": "OspfStatusInfo",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"database_summary_counter": {
"description": "Database summary counter.",
"readonly": true,
"required": true,
"title": "Database summary counter",
"type": "integer"
},
"dead_time": {
"description": "Time remaining in before considering OSPF neighbor dead.",
"readonly": true,
"required": true,
"title": "Time remaining before considering OSPF neighbor dead",
"type": "string"
},
"interface_name": {
"description": "Tier0 interface name.",
"readonly": true,
"required": true,
"title": "Tier0 interface name",
"type": "string"
},
"last_state_change": {
"description": "Time since last change in state.",
"readonly": true,
"required": true,
"title": "Time since last change in state",
"type": "string"
},
"priority": {
"description": "Priority of the neighbor.",
"readonly": true,
"required": true,
"title": "Priority of the neighbor",
"type": "integer"
},
"request_counter": {
"description": "request counter.",
"readonly": true,
"required": true,
"title": "request counter",
"type": "integer"
},
"retransmit_counter": {
"description": "Retransmit request counter.",
"readonly": true,
"required": true,
"title": "Retransmit request counter",
"type": "integer"
},
"source_address": {
"$ref": "IPAddress,
"description": "Multicast source address.",
"readonly": true,
"required": true,
"title": "Multicast source address"
},
"state": {
"description": "OSPF neighbor state.",
"readonly": true,
"required": true,
"title": "OSPF neighbor state",
"type": "string"
}
},
"type": "object"
}
OspfSummaryAddressConfig (type)
{
"additionalProperties": false,
"description": "OSPF summary address configuration to summarize external routes",
"id": "OspfSummaryAddressConfig",
"module_id": "PolicyOspf",
"properties": {
"advertise": {
"default": true,
"description": "Used to filter the advertisement of external routes into the OSPF domain. Setting this field to \"TRUE\" will enable the summarization of external routes that are covered by ip_prefix configuration. Setting this field to \"FALSE\" will filter the advertisement of external routes that are covered by ip_prefix configuration.",
"required": false,
"title": "Flag to activate/deactivate summarization of external routes",
"type": "boolean"
},
"prefix": {
"format": "ip-cidr-block",
"required": true,
"title": "OSPF Summary address in CIDR format",
"type": "string"
}
},
"title": "OSPF Summary Address Configuration",
"type": "object"
}
OverlayDataPathL2 (type)
{
"id": "OverlayDataPathL2",
"module_id": "ObservabilityCounters",
"properties": {
"arp_proxy_req_fail_drops": {
"description": "Count of ARPs failed to send on uplinks for CCP unaware bindings.",
"required": false,
"type": "integer"
},
"arp_proxy_resp_drops": {
"description": "Count of ARP response failed for each ARP suppressed packets.",
"required": false,
"type": "integer"
},
"arp_proxy_resp_unknown": {
"description": "Count of unknown IP-MAC binding message from CCP for ARP suppression.",
"required": false,
"type": "integer"
},
"leaf_rx_drops": {
"description": "Total drops at VDL2LeafInput IOChain of a switchport.",
"required": false,
"type": "integer"
},
"leaf_rx_ref_port_not_found_drops": {
"description": "VDL2LeafInput drops as trunk port is not in logical switch.",
"required": false,
"type": "integer"
},
"leaf_rx_system_err_drops": {
"description": "VDL2LeafInput drops on an LS due to system errors.",
"required": false,
"type": "integer"
},
"leaf_tx_drops": {
"description": "Total drops at VDL2LeafOutput IOChain of a switchport.",
"required": false,
"type": "integer"
},
"mac_tbl_lookup_flood": {
"description": "Count of unicast packets flooded onto remote VTEPs due to MAC table full.",
"required": false,
"type": "integer"
},
"mac_tbl_lookup_full": {
"description": "Number of VM MAC query to CCP failure due to MAC table full.",
"required": false,
"type": "integer"
},
"mac_tbl_update_full": {
"description": "Number of packet's SMAC learning failed at uplink due to MAC table full.",
"required": false,
"type": "integer"
},
"mcast_proxy_rx_drops": {
"description": "Count of BUM replicated packets dropped at MTEP TN at uplink input IOChain.",
"required": false,
"type": "integer"
},
"mcast_proxy_tx_drops": {
"description": "Count of BUM packets dropped at uplink output IOChain.",
"required": false,
"type": "integer"
},
"nd_proxy_req_fail_drops": {
"description": "Count of ND packets failed to send on uplinks for CCP unaware bindings.",
"required": false,
"type": "integer"
},
"nd_proxy_resp_drops": {
"description": "Count of ND response failed for each ND suppressed packets.",
"required": false,
"type": "integer"
},
"nd_proxy_resp_unknown": {
"description": "Count of unknown IP-MAC binding message from CCP for ND suppression.",
"required": false,
"type": "integer"
},
"nested_tn_mcast_proxy_diff_vlan_tx_drops": {
"description": "Count of BUM replicated packet drops destined to nested TN.",
"required": false,
"type": "integer"
},
"nested_tn_mcast_proxy_same_vlan_tx_drops": {
"description": "Count of BUM replicated packet drops destined to nested TN.",
"required": false,
"type": "integer"
},
"uplink_rx_drops": {
"description": "Count of packets from underlay that are dropped at uplink input IOChain.",
"required": false,
"type": "integer"
},
"uplink_rx_guest_vlan_drops": {
"description": "Drop at uplink input IOChain due to failure to remove guest VLAN tag.",
"required": false,
"type": "integer"
},
"uplink_rx_invalid_encap_drops": {
"description": "Count of packets dropped at uplink input IOChain due to incorrect Encap.",
"required": false,
"type": "integer"
},
"uplink_rx_mcast_invalid_druplink_drops": {
"description": "Count of IP multicast packets dropped at unexpected DR uplink.",
"required": false,
"type": "integer"
},
"uplink_rx_skip_mac_learn": {
"description": "Count of packets for which MAC learn was skipped at uplink input IOChain.",
"required": false,
"type": "integer"
},
"uplink_rx_system_err_drops": {
"description": "Drop at uplink input IOChain due to system errors.",
"required": false,
"type": "integer"
},
"uplink_rx_wrong_dest_drops": {
"description": "Drop at uplink port input IOChain due to incorrect destination VTEP IP.",
"required": false,
"type": "integer"
},
"uplink_tx_drops": {
"description": "Total DVS sent packet drops at uplink output IOChain.",
"required": false,
"type": "integer"
},
"uplink_tx_invalid_frame_drops": {
"description": "Count of invalid packets dropped at uplink IOChain.",
"required": false,
"type": "integer"
},
"uplink_tx_invalid_state_drops": {
"description": "Packet drops at uplink IOChain due to incorrect uplink VLAN configuration.",
"required": false,
"type": "integer"
},
"uplink_tx_nested_tn_repl_drops": {
"description": "Count of packets to nested TN dropped at uplink output IOChain.",
"required": false,
"type": "integer"
},
"uplink_tx_teaming_drops": {
"description": "Count of packets dropped at uplink IOChain due to uplink teaming failure.",
"required": false,
"type": "integer"
},
"uplink_tx_ucast_flood": {
"description": "Count of unknown unicast packets at uplink output IOChain.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
OverriddenSignature (type)
{
"additionalProperties": false,
"id": "OverriddenSignature",
"module_id": "PolicyIDSCustomSignature",
"properties": {
"action": {
"description": "It denotes the global action of a IDS custom Signature. This will take precedence over IDS custom signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Activate/Deactivate a Signature at Global Level.",
"title": "Flag to Activate/Deactivate a IDS Signature globally.",
"type": "boolean"
}
},
"title": "Overridden IDS custom signature",
"type": "object"
}
OverrideDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "OverrideDeleteRequestParameters",
"module_id": "Policy",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
},
"override": {
"default": false,
"description": "If true, the overridden object can be deleted locally. This will restore the global resource as the intended configuration for this site.",
"required": false,
"title": "Delete the locally overridden global object",
"type": "boolean"
}
},
"title": "Override delete request parameters",
"type": "object"
}
OverrideRequestParameters (type)
{
"additionalProperties": false,
"id": "OverrideRequestParameters",
"module_id": "Policy",
"properties": {
"override": {
"default": false,
"description": "If true, the global resource can be over written locally. This means that there will be a local only resource in place of the global resource that can reflect local specific settings and values. The global object will continue to exist but will not be used for any configuration until this local object is removed. When the object is overridden the Global resource continues to exist unmodified, while the overridden object is created with all of the user specified values. The Global resource may be updated in the background, however, the overridden object may only be updated by the user. Once the user removes the overridden copy, the Global resource will then resume being used in the configuration.",
"required": false,
"title": "Locally override the global object",
"type": "boolean"
}
},
"title": "Override request parameters",
"type": "object"
}
Oversubscription (type)
{
"enum": [
"BYPASSED",
"DROPPED",
"INHERIT_GLOBAL"
],
"id": "Oversubscription",
"module_id": "PolicyIDS",
"type": "string"
}
OvfInfo (type)
{
"additionalProperties": false,
"description": "Information related to OVF file.",
"id": "OvfInfo",
"module_id": "FileUploadFramework",
"properties": {
"ovf_name": {
"description": "Name of OVF file.",
"readonly": true,
"required": false,
"title": "OVF file name",
"type": "string"
},
"version": {
"description": "Version of the OVF.",
"readonly": true,
"required": false,
"title": "OVF version",
"type": "string"
}
},
"title": "OVF Information",
"type": "object"
}
OwnerResourceLink (type)
{
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"extends": {
"$ref": "ResourceLink
},
"id": "OwnerResourceLink",
"module_id": "Common",
"properties": {
"action": {
"readonly": true,
"title": "Optional action",
"type": "string"
},
"href": {
"readonly": true,
"required": true,
"title": "Link to resource",
"type": "string"
},
"rel": {
"description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)",
"readonly": true,
"required": true,
"title": "Link relation type",
"type": "string"
}
},
"title": "Link to this resource",
"type": "object"
}
PIServiceType (type)
{
"enum": [
"LOCAL_MANAGER",
"GLOBAL_MANAGER"
],
"id": "PIServiceType",
"module_id": "CertificateManager",
"title": "Service type supported for Principal Identities",
"type": "string"
}
PackageLoggingLevels (type)
{
"additionalProperties": false,
"id": "PackageLoggingLevels",
"properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"title": "Logging levels per package",
"type": "string"
},
"package_name": {
"title": "Package name",
"type": "string"
}
},
"type": "object"
}
PacketAddressClassifier (type) (Deprecated)
{
"deprecated": true,
"description": "A packet is classified to have an address binding, if its address configuration matches with all user specified properties.",
"id": "PacketAddressClassifier",
"module_id": "Switching",
"properties": {
"ip_address": {
"$ref": "IPElement,
"required": false,
"title": "A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y"
},
"mac_address": {
"$ref": "MACAddress,
"required": false,
"title": "A single MAC address"
},
"vlan": {
"$ref": "VlanID,
"required": false
}
},
"title": "Address classifications for a packet",
"type": "object"
}
PacketCaptureOption (type)
{
"additionalProperties": false,
"description": "The option is used to filter data on given node.",
"id": "PacketCaptureOption",
"module_id": "PacketCapture",
"properties": {
"name": {
"description": "The avaiable option names in the enum can be used to filter the capture data.",
"enum": [
"ETHTYPE",
"MAC",
"SRCMAC",
"DSTMAC",
"VLAN",
"IP",
"SRCIP",
"DSTIP",
"IPPROTO",
"PORT",
"SRCPORT",
"DSTPORT",
"VNI",
"IPPROTO6",
"IP6",
"SRCIP6",
"DSTIP6"
],
"title": "Packet capture option name",
"type": "string"
},
"value": {
"description": "Define the capture value according to the given capture option.",
"title": "Packet capture option value",
"type": "string"
}
},
"title": "Packet capture option",
"type": "object"
}
PacketCaptureOptionList (type)
{
"additionalProperties": false,
"description": "List of packet capture options to filter data in capture process.",
"extends": {
"$ref": "ListResult
},
"id": "PacketCaptureOptionList",
"module_id": "PacketCapture",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"values": {
"description": "Packet capture option collection",
"items": {
"$ref": "PacketCaptureOption
},
"title": "Packet capture option collection",
"type": "array"
}
},
"title": "List of packet capture options",
"type": "object"
}
PacketCaptureRequest (type)
{
"description": "This type is used to create packet request on give node. Need to specify related parameters according to the capture point.",
"id": "PacketCaptureRequest",
"module_id": "PacketCapture",
"properties": {
"capamount": {
"description": "Define the packet capture amount size.",
"title": "Packet capture amount",
"type": "int"
},
"capcore": {
"description": "The CPU core id on Edge node.",
"title": "The CPU core id on Edge node",
"type": "int"
},
"capduration": {
"description": "Define the packet capture duration time. After the capture duration time, the capture process will stop working.",
"title": "Packet capture duration time in seconds",
"type": "int"
},
"capfilesize": {
"description": "Define the packet capture file size limit.",
"title": "Packet capture file size limit",
"type": "int"
},
"capmode": {
"description": "Define the capture streaming mode. The STREAM mode will send the data to given stream address and port. And the STANDALONE mode will save the capture file in local folder.",
"enum": [
"STANDALONE",
"STREAM"
],
"title": "Packet Capture streaming mode",
"type": "string"
},
"cappoint": {
"description": "Define the point to capture data.",
"enum": [
"VNIC",
"VMKNIC",
"VMNIC",
"VDRPORT",
"DVFILTER",
"LOGICALPORT",
"FCPORT",
"VIF",
"PNIC"
],
"required": true,
"title": "Packet capture point",
"type": "string"
},
"caprate": {
"description": "Define the rate of packet capture process.",
"title": "Packet capture rate",
"type": "int"
},
"capsnaplen": {
"description": "Limit the number of bytes captured from each packet.",
"title": "Packet capture snapshot length",
"type": "int"
},
"capsource": {
"description": "This type is used to differenite the incoming request from CLI/UI.",
"enum": [
"CLI",
"UI"
],
"required": true,
"title": "Packet capture source type",
"type": "string"
},
"capvalue": {
"description": "Define the capture value of given capture point.",
"title": "Packet capture point value",
"type": "string"
},
"direction": {
"description": "Define the capture direction. Support three types INPUT/OUTPUT/DUAL.",
"enum": [
"INPUT",
"OUTPUT",
"DUAL"
],
"title": "Packet capture direction type",
"type": "string"
},
"filtertype": {
"description": "Define the capture filter type. Support PRE/POST mode.",
"enum": [
"PRE",
"POST"
],
"title": "Packet capture dvfilter stage type",
"type": "string"
},
"node": {
"description": "Define the transport node to capture data.",
"title": "Packet capture node id",
"type": "string"
},
"node_ip": {
"$ref": "IPAddress,
"description": "Define the transport node to capture data.",
"title": "Packet capture node ip"
},
"options": {
"$ref": "PacketCaptureOptionList,
"description": "Define the packet capture additional options to filter the capture data.",
"title": "Packet capture options"
},
"streamaddress": {
"description": "Set the stream address to receive the capture packet.",
"title": "Packet capture Streaming address",
"type": "string"
},
"streamport": {
"description": "Set the stream port to receive the capture packet. The STREAM mode is based on GRE-in-UDP Encapsulation(RFC8086). Packets are sent to UDP port 4754.",
"title": "Packet capture Streaming port",
"type": "int"
}
},
"title": "Packet capture request information",
"type": "object"
}
PacketCaptureSession (type)
{
"additionalProperties": false,
"description": "Packet capture session information.",
"extends": {
"$ref": "ManagedResource
},
"id": "PacketCaptureSession",
"module_id": "PacketCapture",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endtime": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when session was stopped in epoch millisecond.",
"title": "End time in epoch millisecond"
},
"errormsg": {
"description": "Error messasge in capture.",
"title": "Error messasge in capture",
"type": "string"
},
"filelocation": {
"description": "Packet capture file location.",
"title": "Packet capture file location",
"type": "string"
},
"filesize": {
"description": "Packet capture file Size in bytes.",
"title": "Packet capture file Size in bytes",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"request": {
"$ref": "PacketCaptureRequest,
"description": "Packet capture request information.",
"required": true,
"title": "Packet capture request"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sessionid": {
"description": "Packet capture session id.",
"required": true,
"title": "Packet capture session id",
"type": "string"
},
"sessionname": {
"description": "Packet capture session name.",
"title": "Packet capture session name",
"type": "string"
},
"sessionstatus": {
"description": "Packet capture session status.",
"enum": [
"CREATED",
"STARTED",
"STOPPED",
"FINISHED",
"ERROR"
],
"required": true,
"title": "Packet capture session status",
"type": "string"
},
"starttime": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when session was created in epoch millisecond.",
"title": "Start time in epoch millisecond"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Packet capture response information",
"type": "object"
}
PacketCaptureSessionList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PacketCaptureSessionList",
"module_id": "PacketCapture",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total capture session count",
"type": "integer"
},
"results": {
"items": {
"$ref": "PacketCaptureSession
},
"title": "Packet capture list for all sessoins",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PacketData (type)
{
"abstract": true,
"id": "PacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"description": "When this flag is set, traceflow packet will have its destination overwritten as the gateway address of the logical router to which the source logical switch is connected. More specifically: - For ARP request, the target IP will be overwritten as gateway IP if the target IP is not in the same subnet of gateway. - For ARP response, the target IP and destination MAC will be overwritten as gateway IP/MAC respectively, if the target IP is not in the same subnet of gateway. - For IP packet, the destination MAC will be overwritten as gateway MAC. However, this flag will not be effective when injecting the traceflow packet to a VLAN backed port. This is because the gateway in this case is a physical gateway that is outside the scope of NSX. Therefore, users need to manually populate the gateway MAC address. If the user still sets this flag in this case, a validation error will be thrown. The scenario where a user injects a packet with a VLAN tag into a parent port is referred to as the traceflow container case. Please note that the value of `routed` depends on the connected network of the child segment rather than the connected network of segment of the parent port in this case. Here is the explanation: The parent port in this context is the port on a segment which is referred to by a SegmentConnectionBindingMap. The bound segment of the SegmentConnectionBindingMap is the child segment. The user-crafted traceflow packet will be directly forwarded to the corresponding child segment of the parent port without interacting with any layer 2 forwarding/layer 3 routing in this scenario. The crafted packet will follow the forwarding/routing polices of the child segment's connected network. For example, if a user injects a crafted packet to port_p, and the segment (seg_p) of port_p is referred to by the binding map m1, where m1 is bound to segment seg_c, and the destination port (port_d) of the packet is the VM vNIC connected to seg_p. Although port_p and port_d are on the same segment, the 'routed' value should be set to true if the user expects the crafted packet to be correctly delivered to the destination. This is because the child segments seg_c and seg_d are on different segments and require router interaction to communicate.",
"required": false,
"title": "Awareness of logical routing",
"type": "boolean"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "Transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
PacketDebugStats (type)
{
"id": "PacketDebugStats",
"module_id": "ObservabilityCounters",
"properties": {
"datapath_l3": {
"$ref": "DataPathL3,
"description": "Datapath L3 module.",
"required": false
},
"distributed_firewall": {
"$ref": "DistributedFirewall,
"description": "Distributed firewall module.",
"required": false
},
"fastpath": {
"$ref": "Fastpath,
"description": "Fastpath module.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
},
"overlay_datapath_l2": {
"$ref": "OverlayDataPathL2,
"description": "Overlay datapath L2 module.",
"required": false
},
"switch_security": {
"$ref": "SwitchSecurity,
"description": "Switch security module.",
"required": false
},
"virtual_switch": {
"$ref": "VirtualSwitchCounter,
"description": "Virtual switch module.",
"required": false
}
},
"type": "object"
}
PacketMonitorStats (type)
{
"id": "PacketMonitorStats",
"module_id": "ObservabilityCounters",
"properties": {
"datapath_packet_drops": {
"$ref": "DatapathPacketDrops,
"description": "Datapath packet drops.",
"required": false
},
"datapath_system_error_packet_drops": {
"description": "Packet dropeed due to datapth system error drops.",
"required": false,
"type": "integer"
},
"datapath_total_packet_drops_pps": {
"description": "Datapath total packet drop rate.",
"required": false,
"type": "number"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
},
"local_workloads_transmitted_received_broadcast_packets": {
"$ref": "LocalWorkloadsTransmittedReceivedBroadcastPackets,
"description": "Transmitted and received broadcast packets for local workloads.",
"required": false
},
"local_workloads_transmitted_received_multicast_packets": {
"$ref": "LocalWorkloadsTransmittedReceivedMulticastPackets,
"description": "Transmitted and received multicast packets for local workloads.",
"required": false
},
"local_workloads_transmitted_received_packets": {
"$ref": "LocalWorkloadsTransmittedReceivedPackets,
"description": "Transmitted and received packets for local workloads.",
"required": false
},
"number_of_pnics": {
"description": "Number of PNICs in the host.",
"required": false,
"type": "integer"
},
"number_of_vnics": {
"description": "Number of VNICs in the host.",
"required": false,
"type": "integer"
},
"packet_processing_efficiency_watch": {
"$ref": "PacketProcessingEfficiencyWatch,
"description": "Stats indicating packet processing efficiency.",
"required": false
},
"pnics_transmitted_received_packets": {
"$ref": "PnicsTransmittedReceivedPackets,
"description": "Transmitted and received packets for Pnics.",
"required": false
},
"unicast_packet_flooding": {
"$ref": "UnicastPacketFlooding,
"description": "Unicast packet flooding.",
"required": false
}
},
"type": "object"
}
PacketNumberSampling (type)
{
"extends": {
"$ref": "SamplingArgument
},
"id": "PacketNumberSampling",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "PacketNumberSampling"
},
"properties": {
"sampling_rate": {
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "1 out of how many packets is sampled",
"type": "integer"
},
"sampling_type": {
"enum": [
"FirstNSampling",
"PacketNumberSampling",
"IntervalSampling"
],
"required": true,
"title": "Sampling type",
"type": "string"
}
},
"type": "object"
}
PacketProcessingEfficiencyWatch (type)
{
"id": "PacketProcessingEfficiencyWatch",
"module_id": "ObservabilityCounters",
"properties": {
"fastpath_flow_hit_pps": {
"description": "Rate of flow hits.",
"required": false,
"type": "number"
},
"fastpath_flow_miss_pps": {
"description": "Rate at which packets are processed by slowpath because of a flow miss. This has no overlap with slowpath packets..",
"required": false,
"type": "number"
},
"fastpath_slowpath_only_pps": {
"description": "Packet rate for packets that are always targeted to be processed by slowpath such as broadcast packets.",
"required": false,
"type": "number"
},
"overlay_unsuccessful_control_plane_assisted_neighbor_resolution_rxpps": {
"description": "Unsuccessful CCP assisted overlay neighbor resolution on RX.",
"required": false,
"type": "number"
},
"overlay_unsuccessful_mac_learning_due_to_table_full_rxpps": {
"description": "Unsuccessful mac learning on RX side due to table full.",
"required": false,
"type": "number"
},
"overlay_unsuccessful_mac_learning_due_to_unknown_tunnel_endpoint_rxpps": {
"description": "Unsuccessful mac learning on RX side due to unknown tunnel endpoint.",
"required": false,
"type": "number"
}
},
"type": "object"
}
PacketTypeAndCounter (type)
{
"id": "PacketTypeAndCounter",
"module_id": "AggSvcL2Types",
"properties": {
"counter": {
"required": true,
"title": "The number of packets.",
"type": "integer"
},
"packet_type": {
"required": true,
"title": "The type of the packets",
"type": "string"
}
},
"type": "object"
}
PacketsDroppedBySecurity (type)
{
"id": "PacketsDroppedBySecurity",
"module_id": "AggSvcL2Types",
"properties": {
"bpdu_filter_dropped": {
"required": false,
"title": "The number of packets dropped by \"BPDU filter\".",
"type": "integer"
},
"dhcp_client_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_client_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"spoof_guard_dropped": {
"items": {
"$ref": "PacketTypeAndCounter
},
"required": false,
"title": "The packets dropped by \"Spoof Guard\"; supported packet types are IPv4, IPv6, ARP, ND, non-IP.",
"type": "array"
}
},
"type": "object"
}
PartialPatchConfig (type)
{
"additionalProperties": false,
"description": "Basic Concept: Partial Patch is a specialized feature in NSX that allows you to update only a specific part of an object's properties, instead of updating the entire object. This is particularly useful for making incremental changes to an object. Enabling Partial Patch: By default, Partial Patch is disabled. You need to explicitly enable this feature to use it. When enabled, you can update a subset of an object's fields, merging your new data with the existing object's data. Usage in API Operations: When Partial Patch is disabled, complete object data is required for both PUT and PATCH operations in /policy APIs. Once enabled, you can provide only the necessary subset of data for these operations. Important Considerations:In a partial patch, array properties are entirely replaced, not merged. If a PATCH operation targets a non-existing object, NSX will create a new object after performing all required validations. Be aware of fields that depend on each other (like username and password, or IP address and thumbprint). In such cases, either all or none of these inter-dependent fields should be provided in a Partial Patch request. Partial Patch does not support certain objects, such as 'Infra'. Objects like Labels, Security Policies, and Services have specific attributes that are treated differently in PATCH requests. This special handling won't change with Partial Patch. For example, in Security Policies, adding 'rules' through PATCH merges them with existing rules, while a PUT operation replaces them entirely. Partial Patch won't work if the new value for a property is of a different polymorphic type than the existing value.",
"id": "PartialPatchConfig",
"module_id": "PolicySystemConfig",
"properties": {
"enable_partial_patch": {
"description": "boolean value used to activate/deactivate partial patch",
"required": true,
"title": "This object will contain the partial patch configuration.",
"type": "boolean"
}
},
"title": "Contains configuration for Partial patch.",
"type": "object"
}
PasswordAuthenticationScheme (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AuthenticationScheme
},
"id": "PasswordAuthenticationScheme",
"properties": {
"identity_file": {
"sensitive": true,
"title": "SSH private key file name",
"type": "string"
},
"password": {
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"password",
"key"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^.+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
PasswordComplexityProperties (type)
{
"additionalProperties": {},
"description": "Configurable properties of password complexity requirement for the NSX node.",
"extends": {
"$ref": "Resource
},
"id": "PasswordComplexityProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_retry_prompt": {
"default": 3,
"readonly": true,
"title": "Prompt user at most N times before returning with error.",
"type": "integer"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"digits": {
"default": -1,
"description": "Number of digits (0..9) expected in user password. <p>N < 0, to set minimum credit for having digits in the new password, i.e. this is the minimum number of digits that must be met for a new password.</p> <p>N > 0, to set maximum credit for having digits in the new password, i.e. per occurrence of digit in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> digits.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 digit is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of digits in password",
"type": "integer"
},
"hash_algorithm": {
"default": "sha512",
"description": "Sets hash/cryptographic algorithm type for new passwords.",
"enum": [
"sha512",
"sha256"
],
"title": "Hash algorithm",
"type": "string"
},
"lower_chars": {
"default": -1,
"description": "Number of lower case characters (a..z) expected in user password. <p>N < 0, to set minimum credit for having lower case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having lower case characters in the new password, i.e. per occurrence of lower case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> lower case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 lower case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of lower-case characters in password",
"type": "integer"
},
"max_repeats": {
"default": 0,
"description": "Reject passwords which contain more than N same consecutive characters, like aaa or 7777. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of same consecutive characters",
"type": "integer"
},
"max_sequence": {
"default": 0,
"description": "Reject passwords which contain more than N monotonic character sequences. Monotonic sequences can be '12345' or 'fedcb'. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Length of permissible monotonic sequence in password substring",
"type": "integer"
},
"maximum_password_length": {
"default": 128,
"description": "Maximum number of characters allowed in password; user can not set their password of length greater than this parameter. By default maximum length of password is 128 characters.",
"maximum": 128,
"minimum": 8,
"title": "Maximum password length",
"type": "integer"
},
"minimum_password_length": {
"default": 12,
"description": "Minimum number of characters expected in password; user can not set their password of length less than this parameter.<br /> NOTE, for existing users upgrading to NSX-T datacenter version 4.0 or above - <p>if existing appliance is configured with <code>minimum_password_length</code> less than current default value, then upgraded appliance will reset the configured setting back to recommended default; which can be explicitly modified back to original value or any other integer greater than or equal to supported minimum value.</p> <p>VMware recommends to set strong passwords for systems and appliances, further suggests to maintain strong <code>minimum_password_length</code> value. NSX resets this value to default and recommends to maintain upgraded default value or above for password complexity requirement.</p> <p>If any existing user passwords are set with length of less than newly configured <code>minimum_password_length</code>, then its recommended to reset the user passwords as per newly configured password complexity compliance.</p> <p>If existing <code>minimum_password_length</code> is greater than or equal to default value, which shall be retained as it is in newly upgraded appliance.</p> By default minimum length of password is 12 characters and passwords less than 8 characters are never allowed.",
"maximum": 128,
"minimum": 8,
"title": "Minimum password length",
"type": "integer"
},
"minimum_unique_chars": {
"default": 0,
"description": "Number of character changes in the new password that differentiate it from the old password. To disable the check, value should be set to 0.",
"maximum": 128,
"minimum": 0,
"title": "Number of unique characters from old password",
"type": "integer"
},
"password_remembrance": {
"default": 0,
"description": "Limit using a password that was used in past; users can not set the same password within the N generations. To disable the check, value should be set to 0.",
"minimum": 0,
"title": "Password remembrance from previous generations",
"type": "integer"
},
"special_chars": {
"default": -1,
"description": "Number of special characters (!@#$&*..) expected in user password. <p>N < 0, to set minimum credit for having special characters in the new password, i.e. this is the minimum number of special characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having special characters in the new password, i.e. per occurrence of special case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> special case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 special character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of special characters in password",
"type": "integer"
},
"upper_chars": {
"default": -1,
"description": "Number of upper case characters (A..Z) expected in user password. <p>N < 0, to set minimum credit for having upper case characters in the new password, i.e. this is the minimum number of lower case characters that must be met for a new password.</p> <p>N > 0, to set maximum credit for having upper case characters in the new password, i.e. per occurrence of upper case character in password will attribute additional credit of +1 towards meeting the current <b>minimum_password_length</b> value upto <b>N</b> upper case characters.</p> <p>N = 0, policy will be not applicable.</p> By default minimum 1 upper case character is required for a new password.",
"maximum": 128,
"minimum": -128,
"title": "Number of upper-case characters in password",
"type": "integer"
}
},
"title": "Configurable properties of password complexity requirement for the NSX node",
"type": "object"
}
PatchResources (type)
{
"additionalProperties": false,
"description": "Patch Resources is an action to create/patch resources in response to an event.",
"extends": {
"$ref": "Action
},
"id": "PatchResources",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "PatchResources"
},
"properties": {
"body": {
"description": "Patch body representing a Hierarchical Patch payload. The resources included in the body are patched replacing the injections' keys with their actual values.",
"required": true,
"title": "Body",
"type": "object"
},
"injections": {
"description": "Injections holding keys (variables) and their corresponding values.",
"items": {
"$ref": "Injection
},
"minItems": 1,
"title": "Injections",
"type": "array"
},
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Patch Resources",
"type": "object"
}
PathExpression (type)
{
"additionalProperties": false,
"description": "Represents policy path expressions in the form of an array, to support addition of objects like groups, segments and policy logical ports in a group.",
"extends": {
"$ref": "Expression
},
"id": "PathExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "PathExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"paths": {
"description": "This array can consist of one or more policy paths. Only policy paths of groups, segments and policy logical ports are allowed.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Array of policy paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Group"
],
"relationshipType": "NESTED_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_SEGMENTPORT_RELATIONSHIP",
"rightType": [
"SegmentPort"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_VPC_SUBNET_RELATIONSHIP",
"rightType": [
"VpcSubnet"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_VPC_SUBNET_PORT_RELATIONSHIP",
"rightType": [
"VpcSubnetPort"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Path expression node",
"type": "object"
}
PathPrefixListRequestParameter (type)
{
"additionalProperties": false,
"description": "List of path-prefix values for which the quota-status is required.",
"id": "PathPrefixListRequestParameter",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"path_prefixes": {
"description": "The array contains path-prefix",
"items": {
"type": "string"
},
"maxItems": 60,
"minItems": 1,
"required": true,
"title": "Array of path-prefix",
"type": "array"
}
},
"title": "List of path-prefix values.",
"type": "object"
}
PbVpnMode (type)
{
"additionalProperties": false,
"deprecated": false,
"description": "The type indicates how the rule applies to Policy-Based VPN traffic. It's supported only for NAT rule action type DNAT and NO_DNAT. BYPASS is default VPN mode. It indicates that NAT rule is applied to the traffic received on Routed-Based VPN tunnel. EXCLUSIVE indicates that NAT rule is applied to the inbound traffic received on Policy-Based VPN tunnel only.",
"enum": [
"BYPASS",
"EXCLUSIVE"
],
"id": "PbVpnMode",
"module_id": "Nat",
"title": "The rule how the NAT applies to Policy-Based VPN traffic",
"type": "string"
}
PeerCertificateChain (type)
{
"additionalProperties": false,
"description": "The certificate chain presented by a remote TLS service.",
"id": "PeerCertificateChain",
"module_id": "CertificateManager",
"properties": {
"details": {
"description": "List of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "A peer's certificate chain",
"type": "object"
}
PemFile (type)
{
"additionalProperties": false,
"id": "PemFile",
"module_id": "CertificateManager",
"properties": {
"file": {
"required": true,
"title": "file data",
"type": "multipart_file"
}
},
"type": "object"
}
PendingChange (type)
{
"id": "PendingChange",
"module_id": "Firewall",
"properties": {
"request_id": {
"description": "Request identifier of the API which modified the entity.",
"title": "Request_id of the API change",
"type": "string"
}
},
"type": "object"
}
PendingChangesInfoNsxT (type)
{
"additionalProperties": false,
"description": "Information about recent changes, if any, that are not reflected in the Enforced Realized Status.",
"id": "PendingChangesInfoNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"pending_changes_flag": {
"description": "Flag describing whether there are any pending changes that are not reflected in the status.",
"readonly": true,
"title": "Pending Changes Flag",
"type": "boolean"
}
},
"title": "NSX-T Pending Change Info",
"type": "object"
}
PerForwarderStatistics (type) (Deprecated)
{
"deprecated": true,
"description": "Query statistics counters of a forwarder identified by domain names.",
"id": "PerForwarderStatistics",
"module_id": "AggSvcDnsForwarder",
"properties": {
"domain_names": {
"description": "Domain names configured for the forwarder. Empty if this is the default forwarder.",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 0,
"readonly": true,
"title": "Domain names configured for the forwarder",
"type": "array"
},
"upstream_statistics": {
"items": {
"$ref": "PerUpstreamServerStatistics
},
"maxItems": 3,
"minItems": 0,
"readonly": true,
"required": false,
"title": "Statistics per upstream server.",
"type": "array"
}
},
"title": "Per-forwarder query statistics counters",
"type": "object"
}
PerNodeDnsFailedQueries (type)
{
"additionalProperties": false,
"description": "The list of the failed DNS queries with entry count and timestamp. The entry count is for per active/standby transport node.",
"extends": {
"$ref": "ListResult
},
"id": "PerNodeDnsFailedQueries",
"module_id": "DnsForwarder",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"node_id": {
"description": "The Uuid of active/standby transport node.",
"readonly": true,
"required": true,
"title": "Uuid of active/standby transport node",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "The list of failed DNS queries.",
"items": {
"$ref": "DnsFailedQuery
},
"readonly": true,
"required": false,
"title": "List of failed DNS queries",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.",
"readonly": true,
"required": true,
"title": "Timestamp of the request",
"type": "string"
}
},
"title": "The list of failed DNS queries per transport node",
"type": "object"
}
PerNodeShaPluginStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PerNodeShaPluginStatusListResult",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PluginStatusEntry
},
"required": true,
"title": "Sha plugin status list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of Sha plugin status list.",
"type": "object"
}
PerNodeUsedCacheStatistics (type) (Deprecated)
{
"deprecated": true,
"description": "Query statistics counters of used cache from node",
"id": "PerNodeUsedCacheStatistics",
"module_id": "AggSvcDnsForwarder",
"properties": {
"cached_entries": {
"readonly": true,
"title": "The total number of cached entries",
"type": "integer"
},
"node_id": {
"readonly": true,
"title": "Uuid of active/standby transport node",
"type": "string"
},
"used_cache_size": {
"readonly": true,
"title": "The memory size used in cache, in kb",
"type": "integer"
}
},
"title": "Per-node used cache query statistics counters",
"type": "object"
}
PerStepRestoreStatus (type)
{
"id": "PerStepRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "A description of the restore status",
"type": "string"
},
"value": {
"enum": [
"INITIAL",
"RUNNING",
"SUSPENDED_BY_USER",
"SUSPENDED_FOR_USER_ACTION",
"FAILED",
"SUCCESS"
],
"readonly": true,
"required": true,
"title": "Per step restore status value",
"type": "string"
}
},
"title": "Restore step status",
"type": "object"
}
PerUpstreamServerStatistics (type) (Deprecated)
{
"deprecated": true,
"description": "Query statistics counters to an upstream server including successfully forwarded queries and failed queries.",
"id": "PerUpstreamServerStatistics",
"module_id": "AggSvcDnsForwarder",
"properties": {
"queries_failed": {
"readonly": true,
"title": "Queries failed to forward.",
"type": "integer"
},
"queries_succeeded": {
"readonly": true,
"title": "Queries forwarded successfully",
"type": "integer"
},
"upstream_server": {
"$ref": "IPAddress,
"readonly": true,
"title": "Upstream server ip"
}
},
"title": "Per-upstream server query statistics counters",
"type": "object"
}
PersistenceProfileType (type)
{
"additionalProperties": false,
"description": "Source-ip persistence ensures all connections from a client (identified by IP address) are sent to the same backend server for a specified period. Cookie persistence allows related client connections, identified by the same cookie in HTTP requests, to be redirected to the same server. Generic persistence profile cannot be attached to virtual servers directly. It can only be consumed by load balancer rule actions: LbVariablePersistenceOnAction and LbVariablePersistenceLearnAction. LbCookiePersistenceProfile and LbGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LbCookiePersistenceProfile",
"LbSourceIpPersistenceProfile",
"LbGenericPersistenceProfile"
],
"id": "PersistenceProfileType",
"module_id": "LoadBalancer",
"title": "persistence profile type",
"type": "string"
}
PhonehomeCoordinatorServiceProperties (type)
{
"additionalProperties": false,
"id": "PhonehomeCoordinatorServiceProperties",
"properties": {
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
}
},
"title": "Phonehome Coordinator service properties",
"type": "object"
}
PhysicalPortQueueStats (type)
{
"additionalProperties": false,
"id": "PhysicalPortQueueStats",
"properties": {
"id": {
"readonly": true,
"title": "Queue ID",
"type": "integer"
},
"rx_bytes": {
"readonly": true,
"title": "Number of received bytes",
"type": "integer"
},
"rx_errors": {
"readonly": true,
"title": "Number of receive errors",
"type": "integer"
},
"rx_packets": {
"readonly": true,
"title": "Number of received packets",
"type": "integer"
},
"tx_bytes": {
"readonly": true,
"title": "Number of transmitted bytes",
"type": "integer"
},
"tx_drops": {
"readonly": true,
"title": "Number of transmit drops",
"type": "integer"
},
"tx_packets": {
"readonly": true,
"title": "Number of transmitted packets",
"type": "integer"
}
},
"title": "Physical port queue statistics",
"type": "object"
}
PhysicalPortStats (type)
{
"additionalProperties": false,
"id": "PhysicalPortStats",
"properties": {
"name": {
"readonly": true,
"title": "Name",
"type": "string"
},
"queues": {
"items": {
"$ref": "PhysicalPortQueueStats
},
"title": "List of statistics per queue",
"type": "array"
},
"rx_bytes": {
"readonly": true,
"title": "Number of received bytes",
"type": "integer"
},
"rx_errors": {
"readonly": true,
"title": "Number of receive errors",
"type": "integer"
},
"rx_misses": {
"readonly": true,
"title": "Number of receive misses",
"type": "integer"
},
"rx_nombufs": {
"readonly": true,
"title": "Number of received packets dropped due to lack of mbufs",
"type": "integer"
},
"rx_packets": {
"readonly": true,
"title": "Number of received packets",
"type": "integer"
},
"tx_bytes": {
"readonly": true,
"title": "Number of transmitted bytes",
"type": "integer"
},
"tx_drops": {
"readonly": true,
"title": "Number of transmit drops",
"type": "integer"
},
"tx_errors": {
"readonly": true,
"title": "Number of transmit errors",
"type": "integer"
},
"tx_packets": {
"readonly": true,
"title": "Number of transmitted packets",
"type": "integer"
}
},
"title": "Physical port statistics",
"type": "object"
}
PhysicalServer (type)
{
"additionalProperties": false,
"description": "Details of physical/bare metal server. PhysicalServer is an abstraction for TransportNode with os_type RHELSERVER, UBUNTUSERVER, CENTOSSERVER, SLESSERVER, OELSERVER or WINDOWSSERVER. This entity will be used in grouping to provide micro-segmentation to physical servers. To add any new physical servers/perform any changes, use create/update TransportNode API.",
"extends": {
"$ref": "ManagedResource
},
"id": "PhysicalServer",
"module_id": "PhysicalServer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP addresses of the physical server specified by the admin while registering as Transport node in nsx.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "IP Addresses of the physical server, version 4 or 6",
"type": "array"
},
"os_type": {
"description": "OS type of the physical server.",
"enum": [
"RHELSERVER",
"UBUNTUSERVER",
"CENTOSSERVER",
"SLESSERVER",
"WINDOWSSERVER",
"OELSERVER"
],
"readonly": true,
"required": false,
"title": "OS type of the physical server",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Physical server",
"type": "object"
}
PhysicalServerListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to get list of physical server.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "PhysicalServerListRequestParameters",
"module_id": "PhysicalServer",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "Display Name of physical server.",
"required": false,
"title": "Display Name of the physical server",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"os_type": {
"description": "OS type of the physical server.",
"enum": [
"RHELSERVER",
"UBUNTUSERVER",
"CENTOSSERVER",
"SLESSERVER",
"WINDOWSSERVER",
"OELSERVER"
],
"required": false,
"title": "OS type of the physical server",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PhysicalServerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PhysicalServerListResult",
"module_id": "PhysicalServer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of physical servers.",
"items": {
"$ref": "PhysicalServer
},
"required": true,
"title": "List of physical servers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PimRpMapping (type)
{
"additionalProperties": false,
"description": "PIM (Protocol Independent Multicast) RP (Randezvous Point) mapping details.",
"id": "PimRpMapping",
"module_id": "AggSvcLogicalRouter",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"is_rp": {
"description": "Value of this field will be true if this edge transport node acts as rendezvous point, otherwise false.",
"readonly": true,
"required": false,
"title": "Is acts as Rendezvous Point",
"type": "boolean"
},
"outgoing_interface": {
"description": "Outgoing/Egress interface for multicast traffic.",
"readonly": true,
"required": true,
"title": "Outgoing interface",
"type": "string"
},
"rp_address": {
"$ref": "IPAddress,
"description": "RP (Randezvous Point) address.",
"readonly": true,
"required": true,
"title": "RP address"
},
"source": {
"description": "Source of learning RP information. Either Static RP configured or RP learned via BSR (Bootstrap Router).",
"readonly": true,
"required": true,
"title": "Multicast source",
"type": "string"
}
},
"title": "PIM RP mapping details",
"type": "object"
}
PimRpMappingCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "PimRpMappingCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"group": {
"$ref": "IPAddress,
"description": "Multicast group address.",
"readonly": true,
"required": true,
"title": "Multicast group address"
},
"is_rp": {
"description": "Value of this field will be true if this edge transport node acts as rendezvous point, otherwise false.",
"readonly": true,
"required": false,
"title": "Is acts as Rendezvous Point",
"type": "boolean"
},
"outgoing_interface": {
"description": "Outgoing/Egress interface for multicast traffic.",
"readonly": true,
"required": true,
"title": "Outgoing interface",
"type": "string"
},
"rp_address": {
"$ref": "IPAddress,
"description": "RP (Randezvous Point) address.",
"readonly": true,
"required": true,
"title": "RP address"
},
"source": {
"description": "Source of learning RP information. Either Static RP configured or RP learned via BSR (Bootstrap Router).",
"readonly": true,
"required": true,
"title": "Multicast source",
"type": "string"
},
"transport_node": {
"description": "Transport node uuid or policy path.",
"readonly": true,
"required": true,
"title": "Transport node uuid or policy path",
"type": "string"
}
},
"type": "object"
}
PimRpMappings (type)
{
"additionalProperties": false,
"description": "PIM Rendezvous Point Mappings.",
"extends": {
"$ref": "ListResult
},
"id": "PimRpMappings",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 gateway.",
"required": true,
"title": "Policy path to Tier0 gateway",
"type": "string"
},
"pim_rp_mappings_per_edge": {
"items": {
"$ref": "PimRpMappingsPerEdge
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PIM Rendezvous Point Mappings",
"type": "object"
}
PimRpMappingsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "PimRpMappingsInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "PimRpMappingCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
PimRpMappingsPerEdge (type)
{
"additionalProperties": false,
"description": "PIM Rendezvous Point Mappings Per Edge.",
"id": "PimRpMappingsPerEdge",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Policy path to edge node.",
"required": true,
"title": "Policy path to edge node",
"type": "string"
},
"pim_rp_mappings": {
"items": {
"$ref": "PimRpMapping
},
"required": false,
"type": "array"
}
},
"title": "PIM Rendezvous Point Mappings Per Edge",
"type": "object"
}
PktCapResource (type)
{
"description": "The resource of packet capture per port, such as the downloading URL of packet capture file.",
"extends": {
"$ref": "BasePktCapResource
},
"id": "PktCapResource",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "PktCapResource"
},
"properties": {
"pktcap_file_download_url": {
"readonly": true,
"required": true,
"title": "Packet capture file download URL",
"type": "string"
},
"port_id": {
"readonly": true,
"required": true,
"title": "The ID of logical port where packet capture action is performed",
"type": "string"
},
"resource_type": {
"required": true,
"title": "Type of packet capture resource",
"type": "string"
}
},
"type": "object"
}
PktCapResult (type)
{
"description": "The packet capture result for transport nodes",
"id": "PktCapResult",
"module_id": "LiveTrace",
"properties": {
"pktcap_resource_list": {
"description": "The packet capture resource info for ports where packet capture action is performed",
"items": {
"$ref": "PktCapResource
},
"readonly": true,
"required": true,
"title": "Packet capture results on the given transport node",
"type": "array"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "The ID of transport node where packet capture action is deployed",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": true,
"title": "Type of the transport node"
}
},
"type": "object"
}
PktCaptureOption (type)
{
"additionalProperties": false,
"description": "The option is used to filter data on a given node.",
"id": "PktCaptureOption",
"module_id": "PolicyPacketCapture",
"properties": {
"name": {
"description": "The available option names in the enum can be used to filter the capture data.",
"enum": [
"ETHTYPE",
"MAC",
"SRCMAC",
"DSTMAC",
"VLAN",
"IP",
"SRCIP",
"DSTIP",
"IPPROTO",
"PORT",
"SRCPORT",
"DSTPORT",
"VNI",
"IPPROTO6",
"IP6",
"SRCIP6",
"DSTIP6"
],
"title": "Packet capture option name",
"type": "string"
},
"value": {
"description": "Define the capture value according to the given capture option.",
"title": "Packet capture option value",
"type": "string"
}
},
"title": "Packet capture option",
"type": "object"
}
PktCaptureOptionList (type)
{
"additionalProperties": false,
"description": "List of packet capture options to filter data in capture process.",
"extends": {
"$ref": "ListResult
},
"id": "PktCaptureOptionList",
"module_id": "PolicyPacketCapture",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"values": {
"description": "Packet capture option collection",
"items": {
"$ref": "PktCaptureOption
},
"title": "Packet capture option collection",
"type": "array"
}
},
"title": "List of packet capture options",
"type": "object"
}
PktCaptureRequest (type)
{
"description": "This type is used to create packet request on a give node. Need to specify related parameters according to the capture point.",
"id": "PktCaptureRequest",
"module_id": "PolicyPacketCapture",
"properties": {
"capamount": {
"description": "Define the packet capture amount size.",
"title": "Packet capture amount",
"type": "int"
},
"capcore": {
"description": "The CPU core id on Edge node.",
"title": "The CPU core id on Edge node",
"type": "int"
},
"capduration": {
"description": "Define the packet capture duration time. After the capture duration time, the capture process will stop working.",
"title": "Packet capture duration time in seconds",
"type": "int"
},
"capfilesize": {
"description": "Define the packet capture file size limit.",
"title": "Packet capture file size limit",
"type": "int"
},
"capmode": {
"description": "Define the capture streaming mode. The STREAM mode will send the data to given stream address and port. And the STANDALONE mode will save the capture file in local folder.",
"enum": [
"STANDALONE",
"STREAM"
],
"title": "Packet Capture streaming mode",
"type": "string"
},
"cappoint": {
"description": "Define the point to capture data.",
"enum": [
"VNIC",
"VMKNIC",
"VMNIC",
"VDRPORT",
"DVFILTER",
"SEGMENTPORT",
"FCPORT",
"VIF",
"PNIC"
],
"required": true,
"title": "Packet capture point",
"type": "string"
},
"caprate": {
"description": "Define the rate of packet capture process.",
"title": "Packet capture rate",
"type": "int"
},
"capsnaplen": {
"description": "Limit the number of bytes captured from each packet.",
"title": "Packet capture snapshot length",
"type": "int"
},
"capsource": {
"description": "This type is used to differ the incoming request from CLI/UI.",
"enum": [
"CLI",
"UI"
],
"required": true,
"title": "Packet capture source type",
"type": "string"
},
"capvalue": {
"description": "Define the capture value of given capture point.",
"title": "Packet capture point value",
"type": "string"
},
"direction": {
"description": "Define the capture direction. Support three types INPUT/OUTPUT/DUAL.",
"enum": [
"INPUT",
"OUTPUT",
"DUAL"
],
"title": "Packet capture direction type",
"type": "string"
},
"filtertype": {
"description": "Define the capture filter type. Support PRE/POST mode.",
"enum": [
"PRE",
"POST"
],
"title": "Packet capture dvfilter stage type",
"type": "string"
},
"node": {
"description": "Define the transport node to capture data.",
"title": "Packet capture node id",
"type": "string"
},
"node_ip": {
"$ref": "IPAddress,
"description": "Define the transport node to capture data.",
"title": "Packet capture node ip"
},
"options": {
"$ref": "PktCaptureOptionList,
"description": "Define the packet capture additional options to filter the capture data.",
"title": "Packet capture options"
},
"streamaddress": {
"description": "Set the stream address to receive the capture packet.",
"title": "Packet capture Streaming address",
"type": "string"
},
"streamport": {
"description": "Set the stream port to receive the capture packet. The STREAM mode is based on GRE-in-UDP Encapsulation(RFC8086). Packets are sent to UDP port 4754.",
"title": "Packet capture Streaming port",
"type": "int"
}
},
"title": "Packet capture request information",
"type": "object"
}
PktCaptureSession (type)
{
"additionalProperties": false,
"description": "Packet capture session information.",
"extends": {
"$ref": "ManagedResource
},
"id": "PktCaptureSession",
"module_id": "PolicyPacketCapture",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endtime": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when session was stopped in epoch millisecond.",
"title": "End time in epoch millisecond"
},
"errormsg": {
"description": "Error messasge in capture.",
"title": "Error messasge in capture",
"type": "string"
},
"filelocation": {
"description": "Packet capture file location.",
"title": "Packet capture file location",
"type": "string"
},
"filesize": {
"description": "Packet capture file Size in bytes.",
"title": "Packet capture file Size in bytes",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"request": {
"$ref": "PktCaptureRequest,
"description": "Packet capture request information.",
"required": true,
"title": "Packet capture request"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sessionid": {
"description": "Packet capture session id.",
"required": true,
"title": "Packet capture session id",
"type": "string"
},
"sessionname": {
"description": "Packet capture session name.",
"title": "Packet capture session name",
"type": "string"
},
"sessionstatus": {
"description": "Packet capture session status.",
"enum": [
"CREATED",
"STARTED",
"STOPPED",
"FINISHED",
"ERROR"
],
"required": true,
"title": "Packet capture session status",
"type": "string"
},
"starttime": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when session was created in epoch millisecond.",
"title": "Start time in epoch millisecond"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Packet capture response information",
"type": "object"
}
PktCaptureSessionList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PktCaptureSessionList",
"module_id": "PolicyPacketCapture",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total capture session count",
"type": "integer"
},
"results": {
"items": {
"$ref": "PktCaptureSession
},
"title": "Packet capture list for all sessoins",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PktcapActionArgument (type)
{
"id": "PktcapActionArgument",
"module_id": "LiveTrace",
"properties": {
"dest_lport": {
"description": "It is required only when the type of packet capture is bidirectional. Please keep this aligned with the destination logical port of count action and trace action config when the type of count action trace action is bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional packet capture",
"type": "string"
},
"pktcap_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"readonly": true,
"required": true,
"title": "Type of packet capture",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "It takes effect only when the type of packet capture is bidirectional. Please keep this aligned with the packet filter of reverse direction of count action and trace action config when the type of count action and trace action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
}
},
"type": "object"
}
PktcapActionConfig (type)
{
"id": "PktcapActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "PktcapActionArgument,
"readonly": true,
"required": true,
"title": "Action argument for packet capture"
},
"sampling_argument": {
"$ref": "SamplingArgument,
"description": "Only first-N sampling is supported and the maximum sampling number is 500.",
"readonly": true,
"required": true,
"title": "Sample argument for packet capture"
}
},
"type": "object"
}
PlainFilterData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LiveTraceFilterData
},
"id": "PlainFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "PlainFilterData"
},
"properties": {
"basic_filter": {
"required": false,
"title": "Basic RCF rule for packet filter",
"type": "string"
},
"extend_filter": {
"required": false,
"title": "Extended RCF rule for packet filter",
"type": "string"
},
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
}
},
"type": "object"
}
PlatformCpuStats (type)
{
"id": "PlatformCpuStats",
"module_id": "ObservabilityCounters",
"properties": {
"hist_0_pct": {
"description": "Number of (V)CPUs with utilization between 0% and 50%.",
"required": false,
"type": "int"
},
"hist_50_pct": {
"description": "Number of (V)CPUs with utilization between 50% and 75%.",
"required": false,
"type": "int"
},
"hist_75_pct": {
"description": "Number of (V)CPUs with utilization between 75% and 85%.",
"required": false,
"type": "int"
},
"hist_85_pct": {
"description": "Number of (V)CPUs with utilization between 85% and 90%.",
"required": false,
"type": "int"
},
"hist_90_pct": {
"description": "Number of (V)CPUs with utilization between 90% and 95%.",
"required": false,
"type": "int"
},
"hist_95_pct": {
"description": "Number of (V)CPUs with utilization > 95%.",
"required": false,
"type": "int"
},
"total_cpu": {
"description": "Sum of utilization of all (V)CPUs on the host.",
"required": false,
"type": "number"
}
},
"type": "object"
}
PlatformCpuUsageDebugStats (type)
{
"id": "PlatformCpuUsageDebugStats",
"module_id": "ObservabilityCounters",
"properties": {
"host_net_thread_nioc": {
"$ref": "PlatformNetworkThreadCpuStats,
"description": "NIOC platform network thread and cpu stats.",
"required": false
},
"host_net_thread_rx": {
"$ref": "PlatformNetworkThreadCpuStats,
"description": "Received platform network thread and cpu stats.",
"required": false
},
"host_net_thread_tx": {
"$ref": "PlatformNetworkThreadCpuStats,
"description": "Transmitted platform network thread and cpu stats.",
"required": false
},
"host_pcpu": {
"$ref": "PlatformCpuStats,
"description": "Platform physical cpu stats.",
"required": false
},
"host_vcpu": {
"$ref": "PlatformCpuStats,
"description": "Platform virtual cpu stats.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
}
},
"type": "object"
}
PlatformCpuUsageMonitorStats (type)
{
"id": "PlatformCpuUsageMonitorStats",
"module_id": "ObservabilityCounters",
"properties": {
"host_net_thread_all": {
"$ref": "PlatformNetworkThreadCpuStats,
"description": "Aggregated platform network thread and cpu stats.",
"required": false
},
"host_pcpu": {
"$ref": "PlatformCpuStats,
"description": "Platform physical cpu stats.",
"required": false
},
"host_vcpu": {
"$ref": "PlatformCpuStats,
"description": "Platform virtual cpu stats.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
}
},
"type": "object"
}
PlatformDeploymentChecksAction (type)
{
"additionalProperties": false,
"description": "Pre/post deployment checks.",
"extends": {
"$ref": "DeploymentChecksAction
},
"id": "PlatformDeploymentChecksAction",
"module_id": "PolicyCloudNativePlatform",
"properties": {
"action": {
"description": "Run pre/post deployment checks. PRE_CHECKS - Run pre-check before deployment. POST_CHECKS - Run post-check after deployment. ABORT_CHECKS - Abort running pre/post deployement checks.",
"enum": [
"PRE_CHECKS",
"POST_CHECKS",
"ABORT_CHECKS"
],
"required": true,
"title": "Pre/post deployment checks",
"type": "string"
},
"deployment_config": {
"$ref": "PlatformDeploymentConfig,
"required": false
}
},
"title": "Deployment checks",
"type": "object"
}
PlatformDeploymentConfig (type)
{
"additionalProperties": false,
"description": "Configuration for NSX Application Platform deployment.",
"extends": {
"$ref": "CloudNativeDeploymentConfig
},
"id": "PlatformDeploymentConfig",
"module_id": "PolicyCloudNativePlatform",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_id": {
"description": "Unique id to identify kubernetes guest cluster.",
"required": false,
"title": "Kubernetes cluster id",
"type": "string"
},
"deployment_action": {
"$ref": "CloudNativeDeploymentAction,
"title": "Deployment action"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"form_factor": {
"$ref": "FormFactorType,
"description": "From factor is use for deployment.",
"title": "Deployment form factor"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"kubeconf_info": {
"$ref": "KubeconfigInfo,
"description": "Information about kubeconfig file.",
"title": "Kubeconfig info"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_config": {
"$ref": "AdvanceServiceConfig,
"required": false
},
"storage_class": {
"description": "Kubernetes cluster storage class",
"title": "Storage class",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Deployment version in use.",
"title": "Deployment version",
"type": "string"
}
},
"title": "Deployment configuration",
"type": "object"
}
PlatformFormFactors (type)
{
"additionalProperties": false,
"description": "Available platform form factors.",
"id": "PlatformFormFactors",
"module_id": "PolicyCloudNative",
"properties": {
"available_form_factors": {
"$ref": "FormFactors,
"description": "Availiable form factors for a NSX Application Platform version.",
"title": "Available form factors"
}
},
"title": "Deployment version",
"type": "object"
}
PlatformNetworkThreadCpuStats (type)
{
"id": "PlatformNetworkThreadCpuStats",
"module_id": "ObservabilityCounters",
"properties": {
"hist_0_pct": {
"description": "Number of network threads in the group with CPU utilization between 0% and 25%.",
"required": false,
"type": "int"
},
"hist_25_pct": {
"description": "Number of network threads in the group with CPU utilization between 25% and 50%.",
"required": false,
"type": "int"
},
"hist_50_pct": {
"description": "Number of network threads in the group with CPU utilization between 50% and 70%.",
"required": false,
"type": "int"
},
"hist_70_pct": {
"description": "Number of network threads in the group with CPU utilization between 70% and 80%.",
"required": false,
"type": "int"
},
"hist_80_pct": {
"description": "Number of network threads in the group with CPU utilization between 80% and 85%.",
"required": false,
"type": "int"
},
"hist_85_pct": {
"description": "Number of network threads in the group with CPU utilization between 85% and 90%.",
"required": false,
"type": "int"
},
"hist_90_pct": {
"description": "Number of network threads in the group with CPU utilization between 90% and 95%.",
"required": false,
"type": "int"
},
"hist_95_pct": {
"description": "Number of network threads in the group with CPU utilization between 95% and 97%.",
"required": false,
"type": "int"
},
"hist_97_pct": {
"description": "Number of network threads in the group with CPU utilization between 97% and 99%.",
"required": false,
"type": "int"
},
"hist_99_pct": {
"description": "Number of network threads in the group with CPU utilization > 99%.",
"required": false,
"type": "int"
},
"max_cpu": {
"description": "Maximum CPU utilization of network threads in the group.",
"required": false,
"type": "number"
},
"min_cpu": {
"description": "Minimum CPU utilization of network threads in the group.",
"required": false,
"type": "number"
},
"num_threads": {
"description": "Number of network threads in the group.",
"required": false,
"type": "int"
},
"total_cpu": {
"description": "Sum of CPU utilization of network threads in the group.",
"required": false,
"type": "number"
}
},
"type": "object"
}
PlatformPacketStats (type)
{
"id": "PlatformPacketStats",
"module_id": "ObservabilityCounters",
"properties": {
"host_uplink": {
"$ref": "HostUplink,
"description": "Platform uplink packet stats.",
"required": false
},
"host_vnic": {
"$ref": "HostVnic,
"description": "Platform vnic packet stats.",
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true,
"required": false
}
},
"type": "object"
}
PluginFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "PluginFileProperties",
"module_id": "SystemHealthPlugin",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"file_name": {
"display": {
"order": 2
},
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"plugin_id": {
"display": {
"order": 1
},
"required": true,
"title": "Plugin id",
"type": "string"
},
"status": {
"display": {
"order": 3
},
"required": true,
"title": "Upload status",
"type": "string"
}
},
"title": "Plugin file properties",
"type": "object"
}
PluginStatus (type)
{
"description": "Describes plugin status on node",
"id": "PluginStatus",
"module_id": "SystemHealthPlugin",
"properties": {
"detail": {
"description": "Detail information of plugin.",
"readonly": true,
"title": "Detail information of plugin",
"type": "string"
},
"id": {
"description": "Plugin id.",
"readonly": true,
"title": "Plugin id",
"type": "string"
},
"name": {
"description": "Plugin name.",
"readonly": true,
"title": "Plugin name",
"type": "string"
},
"node_id": {
"description": "Display the node id.",
"readonly": true,
"title": "Node id",
"type": "string"
},
"profile": {
"description": "Display the plugin profile content.",
"readonly": true,
"title": "Plugin profile",
"type": "string"
},
"status": {
"description": "Plugin status.",
"enum": [
"UNKNOWN",
"ENABLED",
"DISABLED"
],
"readonly": true,
"type": "string"
}
},
"title": "System Health Plugin status",
"type": "object"
}
PluginStatusEntry (type)
{
"description": "Describes plugin status",
"id": "PluginStatusEntry",
"module_id": "PolicySha",
"properties": {
"detail": {
"description": "Detail information of plugin.",
"readonly": true,
"title": "Detail information of plugin",
"type": "string"
},
"node_path": {
"description": "Show the report node path of the plugin.",
"readonly": true,
"title": "Show the report node path of plugin.",
"type": "string"
},
"plugin_name": {
"description": "Plugin name.",
"readonly": true,
"title": "Plugin name",
"type": "string"
},
"plugin_path": {
"description": "Plugin id.",
"readonly": true,
"title": "Plugin id",
"type": "string"
},
"profile": {
"description": "Display the plugin config content.",
"readonly": true,
"title": "Plugin config",
"type": "string"
},
"status": {
"description": "Plugin status.",
"enum": [
"UNKNOWN",
"ENABLED",
"DISABLED"
],
"readonly": true,
"type": "string"
}
},
"title": "System Health Plugin status",
"type": "object"
}
PluginStatusList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PluginStatusList",
"module_id": "SystemHealthPlugin",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total plugin count",
"type": "integer"
},
"results": {
"items": {
"$ref": "PluginStatus
},
"title": "System Health plugin status list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
Pnic (type) (Deprecated)
{
"deprecated": true,
"id": "Pnic",
"module_id": "TransportNode",
"properties": {
"device_name": {
"readonly": false,
"required": true,
"title": "device name or key",
"type": "string"
},
"uplink_name": {
"readonly": false,
"required": true,
"title": "Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations.",
"type": "string"
}
},
"title": "Physical NIC specification",
"type": "object"
}
PnicBondFilter (type)
{
"additionalProperties": false,
"description": "pNIC/bond statuses",
"id": "PnicBondFilter",
"module_id": "Heatmap",
"properties": {
"status": {
"description": "Status of pNIC/bond",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "pNic/bond status",
"type": "string"
}
},
"title": "pNIC/bond status",
"type": "object"
}
PnicBondStatus (type)
{
"additionalProperties": false,
"description": "pNIC/bond statuses",
"id": "PnicBondStatus",
"module_id": "Heatmap",
"properties": {
"bond_pnics": {
"description": "The list of Pnics when type is Bond",
"items": {
"$ref": "BondPnicStatus
},
"title": "Bond pnics",
"type": "array"
},
"name": {
"description": "Name of the pNIC/bond",
"title": "pNIC/bond name",
"type": "string"
},
"nsx_type": {
"description": "Whether to be used by nsx",
"enum": [
"UNKNOWN_NSX_TYPE",
"NSX",
"NONNSX"
],
"title": "Nsx type",
"type": "string"
},
"status": {
"description": "Status of pNIC/bond",
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "pNic/bond status",
"type": "string"
},
"type": {
"description": "type, whether the object is a pNIC or a bond",
"enum": [
"UNKNOWN_TYPE",
"PNIC",
"BOND"
],
"title": "Object type",
"type": "string"
}
},
"title": "pNIC/bond status",
"type": "object"
}
PnicBondStatusListResult (type)
{
"additionalProperties": false,
"description": "This object contains reference to list of pNIC/bond statuses",
"extends": {
"$ref": "ListResult
},
"id": "PnicBondStatusListResult",
"module_id": "Heatmap",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of pNIC statuses belonging to the transport node",
"items": {
"$ref": "PnicBondStatus
},
"title": "List of pNIC/bond statuses",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "pNIC status list container",
"type": "object"
}
PnicDetail (type)
{
"additionalProperties": false,
"id": "PnicDetail",
"module_id": "InventoryCmInvComm",
"properties": {
"device": {
"description": "name of PNIC",
"readonly": false,
"required": true,
"title": "name of PNIC",
"type": "string"
},
"dpu_id": {
"description": "dpu id",
"readonly": false,
"required": false,
"title": "dpu id",
"type": "string"
}
},
"type": "object"
}
PnicMirrorDestination (type)
{
"extends": {
"$ref": "MirrorDestination
},
"id": "PnicMirrorDestination",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "PnicMirrorDestination"
},
"properties": {
"dest_pnics": {
"items": {
"type": "string"
},
"maxItems": 3,
"minItems": 1,
"required": true,
"title": "Physical NIC device names to which to send the mirrored packets",
"type": "array"
},
"node_id": {
"required": true,
"title": "Transport node to which to send the mirrored packets",
"type": "string"
},
"resource_type": {
"$ref": "MirrorDestinationResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorDestination'",
"required": true
}
},
"type": "object"
}
PnicMirrorSource (type)
{
"extends": {
"$ref": "MirrorSource
},
"id": "PnicMirrorSource",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "PnicMirrorSource"
},
"properties": {
"encapsulated": {
"default": false,
"required": true,
"title": "Whether to filter encapsulated packet.",
"type": "boolean"
},
"node_id": {
"required": true,
"title": "Transport node identifier for the pnic located.",
"type": "string"
},
"resource_type": {
"$ref": "MirrorSourceResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'",
"required": true
},
"source_pnics": {
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Source physical NIC device names",
"type": "array"
}
},
"type": "object"
}
PnicsTransmittedReceivedPackets (type)
{
"id": "PnicsTransmittedReceivedPackets",
"module_id": "ObservabilityCounters",
"properties": {
"pnic_rxeps": {
"description": "RX drop rate (including errors).",
"required": false,
"type": "number"
},
"pnic_rxmbps": {
"description": "RX throughput.",
"required": false,
"type": "number"
},
"pnic_rxpps": {
"description": "RX packet rate.",
"required": false,
"type": "number"
},
"pnic_txeps": {
"description": "TX drop rate (including errors).",
"required": false,
"type": "number"
},
"pnic_txmbps": {
"description": "TX throughput.",
"required": false,
"type": "number"
},
"pnic_txpps": {
"description": "TX packet rate.",
"required": false,
"type": "number"
}
},
"type": "object"
}
PointDefinition (type)
{
"additionalProperties": false,
"description": "Defines the point of a graph.",
"id": "PointDefinition",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "An expression that represents the points of the graph",
"required": true,
"title": "Expression for points of the graph",
"type": "string"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the point of a graph.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
},
"x_value": {
"description": "Represents the variable for the X value of points that are plotted on the graph.",
"required": true,
"title": "Variable chosen for X value of the point of the graph",
"type": "string"
},
"y_value": {
"description": "Represents the variable for the Y value of points that are plotted on the graph.",
"required": true,
"title": "Variable chosen for Y value of the point of the graph",
"type": "string"
}
},
"title": "Definition of a point of graph",
"type": "object"
}
Policy (type)
{
"additionalProperties": false,
"description": "Ordered list of Rules. This object is created by default along with the Domain.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Policy",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules",
"type": "object"
}
PolicyAdvertisedNetwork (type)
{
"additionalProperties": false,
"id": "PolicyAdvertisedNetwork",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"network": {
"description": "Advertised network address.",
"readonly": true,
"required": true,
"title": "Advertised Network",
"type": "string"
},
"rule_filter_type": {
"description": "Advertised rule filter type",
"readonly": true,
"required": false,
"title": "Advertised rule filter type",
"type": "string"
},
"status": {
"description": "advertisement status of network to connected gateway SUCCESS - network route successfully plumbed on target gateway DENIED_BY_TARGET_GATEWAY - network denied by target gateway because of in filter rules or missing inter vrf config",
"readonly": true,
"required": false,
"title": "Advertisement status of network",
"type": "string"
}
},
"type": "object"
}
PolicyAdvertisedNetworkInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyAdvertisedNetworkInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "AdvertisedNetworkCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyAdvertisedNetworksListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyAdvertisedNetworksListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of networks which advertised to connected gateway",
"items": {
"$ref": "PolicyAdvertisedNetwork
},
"readonly": true,
"required": false,
"title": "List of advertised networks",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyAlarmResource (type)
{
"description": "Alarm base class of realized policy object",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyAlarmResource",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyAlarmResource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_details": {
"$ref": "PolicyApiError,
"required": false,
"title": "Detailed information about errors from an API call made to the\nenforcement point, if any.\n"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"message": {
"required": false,
"title": "error message to describe the issue",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_reference": {
"required": false,
"title": "path of the object on which alarm is created",
"type": "string"
},
"source_site_id": {
"description": "This field will refer to the source site on which the alarm is generated. This field is populated by GM, when it receives corresponding notification from LM.",
"readonly": true,
"required": false,
"title": "source site(LM) id.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Alarm base class of realized policy object",
"type": "object"
}
PolicyAlarmResourceListRequestParameters (type)
{
"additionalProperties": false,
"description": "PolicyAlarmResource list request parameters",
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyAlarmResourceListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyAlarmResource list request parameters",
"type": "object"
}
PolicyAlarmResourceListResult (type)
{
"additionalProperties": false,
"description": "PolicyAlarmResource list result",
"extends": {
"$ref": "ListResult
},
"id": "PolicyAlarmResourceListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of alarm resources",
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Paged Collection of PolicyAlarmResources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyAlarmResource list result",
"type": "object"
}
PolicyAntreaEgress (type)
{
"additionalProperties": false,
"description": "Antrea egress member details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyAntreaEgress",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"egress_ip": {
"readonly": true,
"required": true,
"title": "The Antrea egress ip of antrea egress resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
}
},
"title": "Antrea egress member details",
"type": "object"
}
PolicyAntreaIPPool (type)
{
"additionalProperties": false,
"description": "Antrea IPPool member details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyAntreaIPPool",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"ip_ranges": {
"items": {
"$ref": "PolicyAntreaIPPoolIPRange
},
"required": true,
"title": "The ip_ranges of antrea ippool resource",
"type": "array"
}
},
"title": "Antrea IPPool member details",
"type": "object"
}
PolicyAntreaIPPoolIPRange (type)
{
"additionalProperties": false,
"description": "IP range of antrea ip pool resource",
"id": "PolicyAntreaIPPoolIPRange",
"module_id": "PolicyGroupRealization",
"properties": {
"cidr": {
"readonly": true,
"title": "The cidr representation of ip address of antrea ippool resource",
"type": "string"
},
"end": {
"readonly": true,
"title": "The end ip address of antrea ippool resource",
"type": "string"
},
"gateway": {
"readonly": true,
"title": "The gateway ipaddress of antrea ippool resource",
"type": "string"
},
"prefix_length": {
"readonly": true,
"title": "The prefix length of antrea ippool resource",
"type": "integer"
},
"start": {
"readonly": true,
"title": "The start ip address of antrea ippool resource",
"type": "string"
},
"vlan": {
"readonly": true,
"title": "The vlan of antrea ippool resource",
"type": "integer"
}
},
"title": "IP range of antrea ip pool resource",
"type": "object"
}
PolicyApiError (type)
{
"extends": {
"$ref": "PolicyRelatedApiError
},
"id": "PolicyApiError",
"module_id": "PolicyRealizedState",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
},
"related_errors": {
"items": {
"$ref": "PolicyRelatedApiError
},
"title": "Other errors related to this error",
"type": "array"
}
},
"title": "Detailed information about an API Error",
"type": "object"
}
PolicyArpProxyEntry (type)
{
"additionalProperties": false,
"id": "PolicyArpProxyEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"arp_proxy_ip": {
"description": "ARP proxy information for a service with ip.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Array of ARP proxy service address",
"type": "array"
},
"service_id": {
"description": "Identifier of connected service on port.",
"readonly": true,
"required": false,
"title": "Service type id",
"type": "string"
}
},
"type": "object"
}
PolicyArpProxyTableCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyArpProxyTableCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "InterfaceArpProxyCsvEntry
},
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyArpProxyTableListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyArpProxyTableListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "InterfaceArpProxy
},
"readonly": true,
"required": false,
"title": "Paginated list of Gateway interface ARP proxy tables",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyAttributes (type)
{
"additionalProperties": false,
"id": "PolicyAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"attribute_source": {
"default": "SYSTEM",
"enum": [
"SYSTEM",
"CUSTOM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"custom_url_partial_match": {
"description": "True value for this flag will be treated as a partial match for custom url",
"required": false,
"title": "true value would be treated as a partial match for custom url",
"type": "boolean"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"isALGType": {
"description": "Describes whether the APP_ID value is ALG type or not.",
"required": false,
"title": "Is the value ALG type",
"type": "boolean"
},
"key": {
"description": "Policy Attribute Key",
"enum": [
"APP_ID",
"DOMAIN_NAME",
"URL_CATEGORY",
"URL_REPUTATION",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For URL CATEGORY key , it specified super category for url category value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Attributes data holder",
"type": "object"
}
PolicyBaseHostSwitchProfile (type)
{
"abstract": true,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyBaseHostSwitchProfile",
"module_id": "PolicyBaseHostSwitchProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
PolicyBasedIPSecVPNSession (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.",
"extends": {
"$ref": "IPSecVPNSession
},
"id": "PolicyBasedIPSecVPNSession",
"module_id": "IPSecVPN",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyBasedIPSecVPNSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "Identifier of VPN Service linked with local endpoint.",
"readonly": true,
"title": "IPSec VPN service identifier",
"type": "string"
},
"local_endpoint_id": {
"description": "Local endpoint identifier.",
"required": true,
"title": "Local endpoint identifier",
"type": "string"
},
"peer_endpoint_id": {
"description": "Peer endpoint identifier.",
"required": true,
"title": "Peer endpoint identifier",
"type": "string"
},
"policy_rules": {
"items": {
"$ref": "IPSecVPNPolicyRule
},
"required": true,
"title": "Policy rules",
"type": "array"
},
"resource_type": {
"$ref": "IPSecVPNSessionResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMssClamping,
"required": false
}
},
"search_dsl_name": [
"policy based ip sec vpn session (manager)"
],
"title": "Policy based VPN session",
"type": "object"
}
PolicyBasedIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.",
"extends": {
"$ref": "IPSecVpnSession
},
"id": "PolicyBasedIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyBasedIPSecVpnSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"$ref": "IPAddress,
"description": "Public IPV4 or IPV6 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. Please note that configuring peer_address as IPv6 address is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"required": false,
"title": "IPV4 or IPV6 address of peer endpoint on remote site"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"rules": {
"items": {
"$ref": "IPSecVpnRule
},
"minItems": 1,
"required": true,
"title": "Rules",
"type": "array"
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy based VPN session",
"type": "object"
}
PolicyBasedL3VpnSession (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is referenced in a policy whose action is set as tunnel.",
"extends": {
"$ref": "L3VpnSession
},
"id": "PolicyBasedL3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyBasedL3VpnSession"
},
"properties": {
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
},
"rules": {
"description": "L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action are supported.",
"items": {
"$ref": "L3VpnRule
},
"title": "L3Vpn Rules",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy based L3Vpn Session",
"type": "object"
}
PolicyBgpNeighborStatus (type)
{
"id": "PolicyBgpNeighborStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"address_families": {
"description": "Address families of BGP neighbor",
"items": {
"$ref": "BgpAddressFamily
},
"readonly": true,
"required": false,
"title": "Address families of BGP neighbor",
"type": "array"
},
"announced_capabilities": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities sent to BGP neighbor.",
"type": "array"
},
"connection_drop_count": {
"readonly": true,
"required": false,
"title": "Count of connection drop",
"type": "integer"
},
"connection_state": {
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current state of the BGP session.",
"type": "string"
},
"edge_path": {
"required": false,
"title": "Transport node policy path",
"type": "string"
},
"established_connection_count": {
"readonly": true,
"required": false,
"title": "Count of connections established",
"type": "integer"
},
"graceful_restart_mode": {
"description": "Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled",
"readonly": true,
"required": false,
"title": "Graceful restart mode",
"type": "string"
},
"hold_time": {
"description": "If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down.",
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO from BGP peer.",
"type": "integer"
},
"keep_alive_interval": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO packet from BGP peer",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"local_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of Local BGP connection",
"type": "integer"
},
"messages_received": {
"readonly": true,
"required": false,
"title": "Count of messages received from the neighbor",
"type": "integer"
},
"messages_sent": {
"readonly": true,
"required": false,
"title": "Count of messages sent to the neighbor",
"type": "integer"
},
"negotiated_capability": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities negotiated with BGP neighbor.",
"type": "array"
},
"neighbor_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The IP of the BGP neighbor"
},
"neighbor_edge_node": {
"readonly": true,
"required": false,
"title": "Inter-Sr neighbor edge node policy path",
"type": "string"
},
"neighbor_router_id": {
"readonly": true,
"required": false,
"title": "Router ID of the BGP neighbor.",
"type": "string"
},
"remote_as_number": {
"readonly": true,
"required": false,
"title": "AS number of the BGP neighbor",
"type": "string"
},
"remote_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of remote BGP Connection",
"type": "integer"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The Ip address of logical port"
},
"tier0_path": {
"readonly": true,
"required": true,
"title": "Policy path to Tier0",
"type": "string"
},
"time_since_established": {
"readonly": true,
"required": false,
"title": "Time(in seconds) since connection was established.",
"type": "integer"
},
"total_in_prefix_count": {
"description": "Sum of in prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"total_out_prefix_count": {
"description": "Sum of out prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"type": {
"description": "BGP neighbor type",
"enum": [
"INTER_SR",
"USER"
],
"readonly": true,
"title": "BGP neighbor type",
"type": "string"
}
},
"type": "object"
}
PolicyBgpNeighborsStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyBgpNeighborsStatusListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"required": false,
"title": "Status of BGP neighbors of the Tier0",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyCapacityDashboardUsage (type)
{
"id": "PolicyCapacityDashboardUsage",
"module_id": "PolicyCapacityDashboard",
"properties": {
"current_usage_count": {
"description": "Indicate the current usage count of object type.",
"required": true,
"title": "Current usage count of object type",
"type": "integer"
},
"current_usage_percentage": {
"description": "Current usage percentage for object type",
"required": true,
"title": "Current usage percentage",
"type": "number"
},
"display_name": {
"description": "Display name for NSX object type.",
"required": true,
"title": "User friendly name for object type",
"type": "string"
},
"max_supported_count": {
"description": "This is the maximum supported count for object type in consideration.",
"required": true,
"title": "Maximum supported count for object type",
"type": "integer"
},
"usage_type": {
"description": "Indicate the object type for which usage is calculated.",
"enum": [
"NUMBER_OF_VSPHERE_CLUSTERS",
"NUMBER_OF_PREPARED_HOSTS",
"NUMBER_OF_GROUPS",
"NUMBER_OF_SEGMENT",
"NUMBER_OF_SEGMENT_PORT",
"NUMBER_OF_FIREWALL_RULES",
"NUMBER_OF_FIREWALL_SECTIONS",
"NUMBER_OF_SECURITY_POLICY_RULES",
"NUMBER_OF_SECURITY_POLICY",
"NUMBER_OF_PROTECTION_ENABLED_HOST",
"NUMBER_OF_PROTECTION_ENABLED_VIRTUAL_MACHINES",
"NUMBER_OF_EDGE_CLUSTERS",
"NUMBER_OF_EDGE_NODES",
"NUMBER_OF_TIER0_ROUTERS",
"NUMBER_OF_TIER1_ROUTERS",
"NUMBER_OF_PREFIX_LIST",
"NUMBER_OF_NAT_RULES",
"NUMBER_OF_DHCP_IP_POOLS",
"NUMBER_OF_TIER1_WITH_NAT_RULE"
],
"required": true,
"title": "Object type for which usage is fetched",
"type": "string"
}
},
"type": "object"
}
PolicyCapacityUsageRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyCapacityUsageRequestParameters",
"module_id": "PolicyCapacityDashboard",
"properties": {
"category": {
"description": "Category of attributes for which capacity details need to be fetched. Supported categories are security, inventory and networking. User can provide comma separated list of categories. In order to fetch the whole list of attributes one can leave the category value blank.",
"required": false,
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Parameter for capacity calculation.",
"type": "object"
}
PolicyCapacityUsageResponse (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "PolicyCapacityUsageResponse",
"module_id": "PolicyCapacityDashboard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"capacity_usage": {
"items": {
"$ref": "PolicyCapacityDashboardUsage
},
"required": true,
"title": "List of capacity usage for NSX Objects",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
PolicyComplianceStatus (type)
{
"id": "PolicyComplianceStatus",
"module_id": "PolicyCompliance",
"properties": {
"last_updated_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp of last update"
},
"non_compliant_configs": {
"items": {
"$ref": "PolicyNonCompliantConfig
},
"readonly": true,
"title": "List of non compliant configuration and impacted services",
"type": "array"
}
},
"type": "object"
}
PolicyConfigResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an object on the desired state.",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyConfigResource",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an object on the desired state",
"type": "object"
}
PolicyContainerGroupMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "PolicyContainerGroupMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster": {
"items": {
"$ref": "ClusterMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
PolicyContainerGroupMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of pods belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyContainerGroupMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyContainerGroupMemberDetails
},
"required": true,
"title": "Paged Collection of pods that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group members list result",
"type": "object"
}
PolicyContextProfile (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes and sub-attributes of various network services (eg. L7 services, domain name, encryption algorithm) The entity will be consumed in firewall rules and can be added in new tuple called profile in firewall rules. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyContextProfile",
"module_id": "PolicyContextProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "Property containing attributes/sub-attributes for Policy Context Profile.",
"items": {
"$ref": "PolicyAttributes
},
"required": true,
"title": "Array of Policy Context Profile attributes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Context Profile entity",
"type": "object"
}
PolicyContextProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyContextProfileListRequestParameters",
"module_id": "PolicyContextProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Context Profile list request parameters",
"type": "object"
}
PolicyContextProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyContextProfileListResult",
"module_id": "PolicyContextProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyContextProfile
},
"readonly": true,
"title": "Paged collection of PolicyContextProfiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of PolicyContextProfiles",
"type": "object"
}
PolicyCountObservation (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseCountObservation
},
"id": "PolicyCountObservation",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyCountObservation"
},
"properties": {
"checkpoints": {
"$ref": "CheckpointCounterResult,
"description": "The count result from checkpoints associated with this port",
"readonly": true,
"required": false,
"title": "Count result from checkpoints associated with this port"
},
"logical_port_path": {
"readonly": true,
"required": false,
"title": "The path of segment port or router port where the counter observation is populated",
"type": "string"
},
"port_id": {
"description": "The port identifier in UUID format. This field won't appear together with port_name.",
"readonly": true,
"required": false,
"title": "Port ID",
"type": "string"
},
"port_name": {
"description": "The port name for a port. It applies to ports like the uplink port. This field won't appear together with port_id.",
"readonly": true,
"required": false,
"title": "Port Name",
"type": "string"
},
"resource_type": {
"required": true,
"title": "Type of count observation",
"type": "string"
},
"transport_node_id": {
"description": "This field tells which transport node the checkpoints are reported from.",
"readonly": true,
"required": false,
"title": "Transport node ID",
"type": "string"
}
},
"type": "object"
}
PolicyCustomAttributes (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyCustomAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attribute_source": {
"default": "CUSTOM",
"enum": [
"CUSTOM",
"SYSTEM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"description": "Policy Custom Attribute Key",
"enum": [
"DOMAIN_NAME",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For Custom URL key , it specified url type for url value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Custom Attributes data holder",
"type": "object"
}
PolicyDHGroup (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16"
],
"id": "PolicyDHGroup",
"module_id": "PolicyL3Vpn",
"title": "Diffie-Hellman groups",
"type": "string"
}
PolicyDnsAnswerPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder nslookup answer per enforcement point.",
"id": "PolicyDnsAnswerPerEnforcementPoint",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DNS forwarder nslookup answer.",
"enum": [
"NsxTDnsAnswer"
],
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "NSLookup answer per enforcement point",
"type": "object"
}
PolicyDnsForwarder (type)
{
"additionalProperties": false,
"description": "Used to configure DNS Forwarder",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDnsForwarder",
"module_id": "PolicyDnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cache_size": {
"default": 1024,
"description": "Cache size in KB.",
"maximum": 16777216,
"minimum": 0,
"title": "Cache size in KB",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"conditional_forwarder_zone_paths": {
"description": "Max of 5 DNS servers can be configured",
"items": {
"type": "string"
},
"maxItems": 5,
"required": false,
"title": "Path of conditional DNS zones",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyDnsForwarder"
],
"relationshipType": "CONDITIONAL_DNS_FORWARDER_ZONE_RELATIONSHIP",
"rightType": [
"PolicyDnsForwarderZone"
]
}
]
},
"default_forwarder_zone_path": {
"description": "This is the zone to which DNS requests are forwarded by default",
"required": true,
"title": "Path of the default DNS zone.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyDnsForwarder"
],
"relationshipType": "DEFAULT_DNS_FORWARDER_ZONE_RELATIONSHIP",
"rightType": [
"PolicyDnsForwarderZone"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The flag, which suggests whether the DNS forwarder is enabled or disabled. The default is True.",
"title": "DNS forwarder enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"listener_ip": {
"$ref": "IPv4Address,
"description": "This is the IP on which the DNS Forwarder listens.",
"required": true,
"title": "IP on which the DNS Forwarder listens."
},
"log_level": {
"default": "INFO",
"description": "Set log_level to DISABLED will stop dumping fowarder log.",
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"FATAL"
],
"required": false,
"title": "Log level of the dns forwarder",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DNS Forwarder",
"type": "object"
}
PolicyDnsForwarderZone (type)
{
"additionalProperties": false,
"description": "Used to configure zones on DNS Forwarder",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDnsForwarderZone",
"module_id": "PolicyDnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_domain_names": {
"description": "List of domain names on which conditional forwarding is based. This field is required if the DNS Zone is being used for a conditional forwarder. This field will also be used for conditional reverse lookup. Example 1, if for one of the zones, one of the entries in the fqdn is example.com, all the DNS requests under the domain example.com will be served by the corresponding upstream DNS server. Example 2, if for one of the zones, one of the entries in the fqdn list is \"13.12.30.in-addr.arpa\", reverse lookup for 30.12.13.0/24 will go to the corresponding DNS server.",
"items": {
"type": "string"
},
"required": false,
"title": "List of domain names",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_ip": {
"$ref": "IPv4Address,
"description": "The source IP used by the DNS Forwarder zone.",
"required": false,
"title": "Source IP used by DNS Forwarder zone"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"upstream_servers": {
"description": "Max of 3 DNS servers can be configured",
"items": {
"$ref": "IPv4Address
},
"maxItems": 3,
"required": true,
"title": "DNS servers to which the DNS request needs to be forwarded",
"type": "array"
}
},
"title": "DNS Forwarder Zone",
"type": "object"
}
PolicyDnsForwarderZoneListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyDnsForwarderZoneListRequestParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DNS Forwarder Zone list request parameters",
"type": "object"
}
PolicyDnsForwarderZoneListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyDnsForwarderZoneListResult",
"module_id": "PolicyDnsForwarder",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyDnsForwarderZone
},
"required": true,
"title": "Dns Forwarder Zone list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of DNS Forwarder Zones",
"type": "object"
}
PolicyDraft (type)
{
"additionalProperties": false,
"description": "A draft which stores the system generated as well as user intended changes in a hierarchical body format.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDraft",
"module_id": "PolicyDraft",
"policy_hierarchical_children": [
"ChildInfra"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_auto_draft": {
"default": false,
"description": "Flag to indicate whether draft is auto created. True indicates that the draft is an auto draft. False indicates that the draft is a manual draft.",
"readonly": true,
"title": "Auto draft flag",
"type": "boolean"
},
"lock_comments": {
"description": "Comments for a policy draft lock/unlock.",
"readonly": false,
"required": false,
"title": "Policy draft lock/unlock comments",
"type": "string"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for a policy draft.",
"readonly": true,
"required": false,
"title": "User who locked a policy draft",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "Policy draft locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Policy draft locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a draft should be locked. If the draft is locked by an user, then no other user would be able to modify or publish this draft. Once the user releases the lock, other users can then modify or publish this draft.",
"required": false,
"title": "Lock a policy draft",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"ref_draft_path": {
"description": "When specified, a manual draft will be created w.r.t. the specified draft. If not specified, manual draft will be created w.r.t. the current published configuration. For an auto draft, this will always be null.",
"title": "Path of an existing draft for reference",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"system_area": {
"$ref": "Infra,
"description": "Configuration changes against the current configuration, tracked by the system. The value is stored in a hierarchical body format.",
"readonly": true,
"title": "Configuration changes tracked by the system"
},
"system_area_store_id": {
"description": "In case of a large draft, wherein the size of system_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store.",
"readonly": true,
"title": "ID of the data store where system_area has stored",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"user_area": {
"$ref": "Infra,
"description": "These are user defined configuration changes, which are applicable only in case of manual drafts. During the publish of a draft, system_area changes gets applied first, and then these changes. The value must be in a hierarchical body format.",
"title": "User defined configuration changes"
},
"user_area_store_id": {
"description": "In case of a large draft, wherein the size of user_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store.",
"readonly": true,
"title": "ID of the data store where user_area has stored",
"type": "string"
}
},
"title": "Policy draft",
"type": "object"
}
PolicyDraftListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to be passed while listing policy drafts.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyDraftListRequestParameters",
"module_id": "PolicyDraft",
"properties": {
"auto_drafts": {
"description": "If set to true, then only auto drafts will be get fetched. If set to false, then only manual drafts will be get fetched. If not set, then all drafts will be get fetched.",
"title": "Fetch list of draft based on is_auto_draft flag",
"type": "boolean"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy draft list request parameters",
"type": "object"
}
PolicyDraftListResult (type)
{
"additionalProperties": false,
"description": "This holds the list of policy drafts.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyDraftListResult",
"module_id": "PolicyDraft",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paginated list of policy drafts.",
"items": {
"$ref": "PolicyDraft
},
"readonly": true,
"title": "Policy drafts list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of policy drafts",
"type": "object"
}
PolicyDraftModifications (type)
{
"description": "Counts of modified, deleted and created security policies/rules derived from aggregated configuration",
"id": "PolicyDraftModifications",
"module_id": "PolicyDraft",
"properties": {
"created": {
"readonly": true,
"title": "Count of total created security policies/rules",
"type": "integer"
},
"deleted": {
"readonly": true,
"title": "Count of total deleted security policies/rules",
"type": "integer"
},
"modified": {
"readonly": true,
"title": "Count of total modified security policies/rules",
"type": "integer"
},
"modified_security_policies": {
"description": "Paginated list of policy drafts.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Array of modified security policies paths.",
"type": "array"
}
},
"title": "Policy draft modifications",
"type": "object"
}
PolicyDraftPaginatedAggregatedConfigurationRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get the paginated aggregated configuration for a draft.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "PolicyDraftPaginatedAggregatedConfigurationRequestParameters",
"module_id": "PolicyDraft",
"properties": {
"request_id": {
"description": "If the initial call to get paginated aggregated configuration for a draft, returns a paginated response, then the response will contain a request_id. This identifier needs to be passed with subsequent API calls to get detailed aggregated configuration for the draft.",
"required": false,
"title": "Request identifier to track subsequent API calls",
"type": "string"
},
"root_path": {
"description": "Policy path of the security policy. If specified with the subsequent API calls after initial call to get paginated aggregated configuration for a draft, the response will return the subtree of this security policy having all its children. If not specified, then the subsequent API calls will return all the security policies without their children, from pre-calculated aggregated configuration of a draft. This is not required for an initial call to get paginated aggregated configuration for a draft.",
"required": false,
"title": "Path of the root object of subtree",
"type": "string"
}
},
"title": "Parameters to get the paginated aggregated configuration for a draft",
"type": "object"
}
PolicyDraftPaginatedAggregatedConfigurationResult (type)
{
"additionalProperties": false,
"description": "Paginated result of aggregated configuration of a policy draft",
"id": "PolicyDraftPaginatedAggregatedConfigurationResult",
"module_id": "PolicyDraft",
"properties": {
"modifications": {
"$ref": "PolicyDraftModifications,
"description": "Total count of modified, deleted and created security policies/rules. List of modified security policies to be exposed to UI",
"title": "Total modification in aggregated configuration of a draft"
},
"request_id": {
"description": "Request identifier to keep track of calculated aggregated configuration a draft during subsequent API calls after initial API call. This identifier can be use to fetch the detailed aggregated configuration at security policy level. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination.",
"readonly": true,
"title": "Request identifier to keep track of result",
"type": "string"
},
"result": {
"$ref": "Infra,
"description": "Paginated aggregated configuration of a given draft. For an initial API call, if request_id is present in response, then this is a paginated aggregated configuration of a given draft. To get more granular aggregated configuration, request_id need to be passed to subsequent API calls. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination.",
"readonly": true,
"title": "Aggregated configuration of a draft"
}
},
"title": "Paginated result of aggregated configuration of a policy draft",
"type": "object"
}
PolicyEdgeCluster (type)
{
"additionalProperties": false,
"description": "Edge Cluster.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyEdgeCluster",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildPolicyEdgeNode"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_site_forwarding_enabled": {
"description": "Flag to indicate status of inter site l2 and l3 forwarding in federation.",
"readonly": true,
"title": "Inter site forwarding is enabled if true",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_node_type": {
"$ref": "EdgeClusterNodeType,
"description": "Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes.",
"readonly": true,
"required": false,
"title": "Node type of the cluster members"
},
"nsx_id": {
"description": "UUID of Edge Cluster on NSX-T enforcement point.",
"readonly": true,
"title": "Edge Cluster UUID on NSX-T Enforcement Point",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rtep_ips": {
"description": "List of remote tunnel endpoint ipaddress configured on edge cluster.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote tunnel endpoint IP addresses.",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_exclude": true,
"title": "Edge Cluster",
"type": "object"
}
PolicyEdgeClusterInterSiteBgpSummary (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeClusterInterSiteBgpSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_cluster_path": {
"description": "Edge cluster path whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge node path",
"type": "string"
},
"edge_nodes": {
"description": "Status of all edge nodes within cluster.",
"items": {
"$ref": "PolicyEdgeNodeInterSiteBgpSummary
},
"readonly": true,
"title": "Individual edge nodes status",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyEdgeClusterInterSiteStatus (type)
{
"additionalProperties": false,
"id": "PolicyEdgeClusterInterSiteStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_cluster_name": {
"description": "Name of the edge cluster whose status is being reported.",
"readonly": true,
"title": "Edge cluster name",
"type": "string"
},
"edge_cluster_path": {
"description": "Policy path of the edge cluster whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge cluster path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the edge cluster inter-site status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"description": "Per edge node inter-site status.",
"items": {
"$ref": "PolicyEdgeClusterMemberInterSiteStatus
},
"readonly": true,
"title": "Per edge node inter-site status",
"type": "array"
},
"overall_status": {
"description": "Overall status of all edge nodes IBGP status in the edge cluster.",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Overall IBGP status in the edge cluster",
"type": "string"
}
},
"type": "object"
}
PolicyEdgeClusterListRequestParameters (type)
{
"additionalProperties": false,
"description": "Policy Edge Cluster list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyEdgeClusterListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Edge Cluster List Request Parameters",
"type": "object"
}
PolicyEdgeClusterListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Edge Cluster",
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeClusterListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Edge Cluster list result.",
"items": {
"$ref": "PolicyEdgeCluster
},
"required": true,
"title": "Edge Cluster List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Edge Cluster",
"type": "object"
}
PolicyEdgeClusterMemberInterSiteStatus (type)
{
"additionalProperties": false,
"id": "PolicyEdgeClusterMemberInterSiteStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_path": {
"$ref": "ResourceReference,
"description": "Edge node details from where the status is being retrived.",
"readonly": true,
"required": true,
"title": "Edge node path"
},
"established_bgp_sessions": {
"description": "Total number of current established inter-site IBGP sessions.",
"readonly": true,
"title": "Established inter-site IBGP sessions",
"type": "integer"
},
"neighbor_status": {
"description": "Inter-site BGP neighbor status.",
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"title": "BGP neighbor status",
"type": "array"
},
"status": {
"description": "Edge node IBGP status",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Edge node IBGP status",
"type": "string"
},
"total_bgp_sessions": {
"description": "Total number of inter-site IBGP sessions.",
"readonly": true,
"title": "Total inter-site IBGP sessions",
"type": "integer"
}
},
"type": "object"
}
PolicyEdgeNode (type)
{
"additionalProperties": false,
"description": "This object serves as a representation of the edge cluster index to which the edge node connects. It should not be mistaken for the edge / transport node itself. Consuming services can refer to the nsx_id property to fetch the UUID of the edge / transport node that is attached to this index.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyEdgeNode",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_index": {
"description": "The numerical value of the member index in the edge cluster that this object represents and to which the edge node connects.",
"readonly": true,
"title": "Member Index",
"type": "integer"
},
"nsx_id": {
"description": "UUID of edge node on NSX-T enforcement point.",
"readonly": true,
"title": "Edge Node UUID on NSX-T Enforcement Point",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_exclude": true,
"title": "Policy Edge Node",
"type": "object"
}
PolicyEdgeNodeInterSiteBgpSummary (type)
{
"id": "PolicyEdgeNodeInterSiteBgpSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_path": {
"description": "Edge node path whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge node path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the inter-site IBGP neighbors status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"neighbor_status": {
"description": "Status of all inter-site IBGP neighbors.",
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"title": "Inter-site IBGP neighbors status",
"type": "array"
}
},
"type": "object"
}
PolicyEdgeNodeListRequestParameters (type)
{
"additionalProperties": false,
"description": "Edge Node list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyEdgeNodeListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Edge Node List Request Parameters",
"type": "object"
}
PolicyEdgeNodeListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Edge Node",
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeNodeListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Edge Node list result.",
"items": {
"$ref": "PolicyEdgeNode
},
"required": true,
"title": "Edge Node List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Edge Node",
"type": "object"
}
PolicyExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyExcludeList",
"module_id": "PolicyFirewallConfiguration",
"policy_hierarchical_children": [
"ChildPolicyExcludeList"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of the members in the exclude list",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "ExcludeList member list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyExcludeList"
],
"relationshipType": "FIREWALL_EXCLUDE_LIST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
PolicyExcludeListFilterRequestParams (type)
{
"additionalProperties": false,
"description": "Parameters for filtering the exclude list.",
"id": "PolicyExcludeListFilterRequestParams",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"deep_check": {
"default": false,
"description": "Deep check all parents of requested intent object, if any of them is in exclude list. If found, makes requested object as excluded.",
"required": false,
"title": "Check all parents",
"type": "boolean"
},
"enforcement_point_path": {
"description": "Path of the enforcement point from where the result need to be fetched. If not provided, available enforcement point will be considered.",
"required": false,
"title": "Path of the enforcement point",
"type": "string"
},
"intent_path": {
"description": "Path of the intent object to be searched in the exclude list.",
"required": true,
"title": "Path of the intent object to be searched in the exclude list",
"type": "string"
}
},
"title": "Parameters for filtering the exclude list",
"type": "object"
}
PolicyExtraConfig (type)
{
"description": "Extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on logical switch, logical port or HostSwitch. If it was set on logical switch, it will be inherited automatically by logical ports in it. Also logical port setting will override logical switch setting if specific key was dual set on both logical switch and logical port.",
"id": "PolicyExtraConfig",
"module_id": "PolicyExtraConfigHostSwitchProfile",
"properties": {
"config_pair": {
"$ref": "UnboundedKeyValuePair,
"required": true,
"title": "Key value pair in string for the configuration"
}
},
"title": "Vendor specific configuration on HostSwitch, logical switch or logical port",
"type": "object"
}
PolicyExtraConfigHostSwitchProfile (type)
{
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyExtraConfigHostSwitchProfile",
"module_id": "PolicyExtraConfigHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyExtraConfigHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"items": {
"$ref": "PolicyExtraConfig
},
"required": false,
"title": "list of extra configs",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Profile for extra configs in host switch",
"type": "object"
}
PolicyFineTuningResourceInfo (type)
{
"additionalProperties": false,
"description": "It represent the resource with details of name and fields it owns.",
"id": "PolicyFineTuningResourceInfo",
"module_id": "PolicyFineTuning",
"properties": {
"fields": {
"items": {
"$ref": "PolicyFineTuningResourceInfoDetail
},
"required": true,
"title": "List of all field of any resource",
"type": "array"
},
"resource_name": {
"description": "It will represent resource with name and fields.",
"required": true,
"title": "Resource name",
"type": "string"
}
},
"title": "Contains the detail of resources with name and fields",
"type": "object"
}
PolicyFineTuningResourceInfoDetail (type)
{
"additionalProperties": false,
"description": "Contains the details of resource field",
"id": "PolicyFineTuningResourceInfoDetail",
"module_id": "PolicyFineTuning",
"properties": {
"field_name": {
"description": "It will represent resource with name and fields.",
"required": true,
"title": "Resource name",
"type": "string"
},
"sub_type": {
"$ref": "PolicyFineTuningResourceInfo,
"required": true,
"title": "List of all field of any resource"
}
},
"title": "Contains the details resources with field type and name",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between CPU Memory Thresholds Profile and Transport Node. Using this entity, user can specify intent for applying Firewall CPU Memory Thresholds Profile to particular transport nodes.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMap",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to": {
"description": "The list of targets where the profile is intended to get applied. Valid targets are group paths.",
"items": {
"type": "string"
},
"required": false,
"title": "The list of targets where the profile is intended to get applied.",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"FirewallCPUMemoryThresholdsProfileBindingMap"
],
"relationshipType": "FW_CPU_MEM_THRESHOLD_BINDING_MAP_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single node. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"maximum": 4294967295,
"minimum": 0,
"required": true,
"title": "Sequence number of this profile binding map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_nodes": {
"description": "References of transport nodes on which the profile intended to be applied.",
"items": {
"$ref": "PolicyResourceReference
},
"title": "References of transport nodes",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW CPU Memory Thresholds Profile binding map",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall CPU Memory Thresholds Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMapListResult",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallCPUMemThresholdsProfileBindingMap
},
"required": true,
"title": "Firewall CPU Memory Thresholds Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall CPU Memory Thresholds Profile Binding Maps",
"type": "object"
}
PolicyFirewallCpuMemThresholdsProfile (type)
{
"additionalProperties": false,
"description": "A profile holding CPU and memory thresholds configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallCpuMemThresholdsProfile",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cpu_threshold_percentage": {
"default": 90,
"description": "CPU utilization thresholds percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"required": true,
"title": "CPU utilization thresholds percentage",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mem_threshold_percentage": {
"default": 90,
"description": "Heap memory thresholds percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"required": true,
"title": "Heap memory thresholds utilization percentage",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Firewall CPU and memory thresholds profile",
"type": "object"
}
PolicyFirewallCpuMemThresholdsProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallCpuMemThresholdsProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallCpuMemThresholdsProfile
},
"required": true,
"title": "PolicyFirewallCpuMemThresholdsProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of PolicyFirewallCpuMemThresholdsProfile",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Firewall Flood Protection profile and Group. Using this entity, user can specify intent for applying Firewall Flood Protection profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "PolicyFirewallFloodProtectionProfileBindingMap",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"required": true,
"title": "Sequence number of this profile binding map.",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW Flood Protection Profile binding map",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Flood Protection Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallFloodProtectionProfileBindingMapListResult",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallFloodProtectionProfileBindingMap
},
"required": true,
"title": "Firewall Flood Protection Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall Flood Protection Profile Binding Maps",
"type": "object"
}
PolicyFirewallIpReputationConfig (type)
{
"additionalProperties": false,
"description": "The type used to activate/deactivate IP reputation feed download.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallIpReputationConfig",
"module_id": "PolicyFirewallIpReputation",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"download_frequency_in_mins": {
"description": "The frequency at which IP Reputation feed will be downloaded. This is a readonly field showing the current time interval in minutes. The current value is set 720 mins (12 hrs).",
"readonly": true,
"title": "IP Reputation feed update frequency",
"type": "int"
},
"download_status": {
"description": "Indicates the download status of IP reputation feed.",
"enum": [
"IN_PROGRESS",
"COMPLETE",
"FAILED"
],
"readonly": true,
"title": "Feed download status",
"type": "string"
},
"enable_auto_download": {
"description": "Property which indicates whether auto-download of IP Reputation feed is activated or deactivated.",
"required": true,
"title": "IP reputation feed auto-download flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_feed_download": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of the most recent successful feed download.",
"readonly": true,
"title": "Feed download time"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP Reputation entity",
"type": "object"
}
PolicyFirewallScheduler (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes to schedule firewall rules to be active to allow or block traffic for a specific period of time. Note that at least one property out of \"days\", \"start_time\", \"end_time\", \"start_date\", \"end_date\" is required.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallScheduler",
"module_id": "PolicyFirewallScheduler",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"days": {
"description": "Days of week on which rules will be enforced. If property is omitted, then days of the week will not considered while calculating the firewall schedule. It should not be present when the recurring flag is false.",
"items": {
"$ref": "PolicyFirewallSchedulerDays
},
"required": false,
"title": "Days of the week",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"end_date": {
"description": "End date on which schedule to end. Example, 12/22/2019.",
"required": true,
"title": "End date in MM/DD/YYYY",
"type": "string"
},
"end_time": {
"description": "If recurring field is set false, then this field must be present. The schedule will be enforced till the end time of the specified end date. If recurring field is set true, then this field should not be present.",
"required": false,
"title": "End time",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"recurring": {
"default": true,
"description": "Flag to indicate whether firewall schedule recurs or not. The default value is true and it should be set to false when the firewall schedule does not recur and is a one time time interval.",
"required": true,
"title": "Firewall schedule recurring flag",
"type": "boolean"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start_date": {
"description": "Start date on which schedule to start. Example, 02/22/2019.",
"required": true,
"title": "Start date in MM/DD/YYYY",
"type": "string"
},
"start_time": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 9:00. If recurring field is set false, then this field must be present. The schedule will start getting enforced from the start time of the specified start date. If recurring field is set true, then this field should not be present.",
"required": false,
"title": "Start time",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_interval": {
"description": "The recurring time interval in a day during which the schedule will be applicable. It should not be present when the recurring flag is false.",
"items": {
"$ref": "PolicyTimeIntervalValue
},
"maxItems": 1,
"required": false,
"title": "Recurring time interval",
"type": "array"
},
"timezone": {
"description": "Host Timezone to be used to enforce firewall rules.",
"enum": [
"UTC",
"LOCAL"
],
"required": true,
"title": "Host timezone",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Firewall Scheduler entity",
"type": "object"
}
PolicyFirewallSchedulerDays (type)
{
"additionalProperties": false,
"enum": [
"SUNDAY",
"MONDAY",
"TUESDAY",
"WEDNESDAY",
"THURSDAY",
"FRIDAY",
"SATURDAY"
],
"id": "PolicyFirewallSchedulerDays",
"module_id": "PolicyFirewallScheduler",
"title": "Day on which scheduled firewall rule will be enforced",
"type": "string"
}
PolicyFirewallSchedulerDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "PolicyFirewallSchedulerDeleteRequestParameters",
"module_id": "PolicyFirewallScheduler",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Policy Firewall Scheduler delete request parameters",
"type": "object"
}
PolicyFirewallSchedulerListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallSchedulerListRequestParameters",
"module_id": "PolicyFirewallScheduler",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Scheduler list request parameters",
"type": "object"
}
PolicyFirewallSchedulerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallSchedulerListResult",
"module_id": "PolicyFirewallScheduler",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallScheduler
},
"readonly": true,
"title": "Paged collection of PolicyFirewallSchedulers",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of PolicyFirewallSchedulers",
"type": "object"
}
PolicyFirewallSessionTimerProfile (type)
{
"description": "A profile holding TCP, UDP and ICMP session timeout configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallSessionTimerProfile",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_error_reply": {
"default": 10,
"description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after ICMP error",
"type": "integer"
},
"icmp_first_packet": {
"default": 20,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "First packet connection timeout",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_closed": {
"default": 20,
"description": "The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after RST",
"type": "integer"
},
"tcp_closing": {
"default": 120,
"description": "The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after first TN",
"type": "integer"
},
"tcp_established": {
"default": 43200,
"description": "The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway,or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 120,
"readonly": false,
"required": true,
"title": "Connection timeout",
"type": "integer"
},
"tcp_finwait": {
"default": 45,
"description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after FINs exchanged",
"type": "integer"
},
"tcp_first_packet": {
"default": 120,
"description": "The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"tcp_opening": {
"default": 30,
"description": "The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after second packet",
"type": "integer"
},
"udp_first_packet": {
"default": 60,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"udp_multiple": {
"default": 60,
"description": "The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after hosts sent packet",
"type": "integer"
},
"udp_single": {
"default": 30,
"description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timeout for destination",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Firewall Session timeout profile",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Firewall Timer session profile and Group. Using this entity, user can specify intent for applying Firewall Timer session profile to particular Group.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallSessionTimerProfileBindingMap",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"firewall_session_timer_profile_path": {
"description": "PolicyPath of associated Firewall Timer Session Profile",
"required": true,
"title": "Firewall Session Timer Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyFirewallSessionTimerProfileBindingMap"
],
"relationshipType": "DFW_SESSION_TIMER_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"required": false,
"title": "Sequence number of this profile binding map.",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW Timer Session Profile binding map",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallSessionTimerProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Session Timer Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallSessionTimerProfileBindingMapListResult",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallSessionTimerProfileBindingMap
},
"required": true,
"title": "Firewall Session Timer Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall Session Timer Profile Binding Maps",
"type": "object"
}
PolicyFirewallSessionTimerProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallSessionTimerProfileListRequestParameters",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Session timeout profile list request parameters",
"type": "object"
}
PolicyFirewallSessionTimerProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallSessionTimerProfileListResult",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallSessionTimerProfile
},
"required": true,
"title": "Policy Firewall Session timeout profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy Firewall Session timeout profiles",
"type": "object"
}
PolicyFullSyncActionParameters (type)
{
"additionalProperties": false,
"description": "Full sync action request parameters to initiate full sync for the given LM, stop ongoing full sync or purge the histoic full sync events.",
"id": "PolicyFullSyncActionParameters",
"module_id": "PolicyFullSync",
"properties": {
"action": {
"enum": [
"request_full_sync",
"request_notifications_full_sync",
"abort_current_sync",
"purge_history"
],
"required": true,
"type": "string"
},
"site": {
"description": "site id to perform full sync on NSX+, like site1, siteId is required for full sync api on NSX+ only.",
"required": false,
"title": "site id",
"type": "string"
},
"sync_type": {
"description": "If not specified, the value is defaulted to gm_to_lm_full_sync.",
"enum": [
"gm_to_lm_full_sync"
],
"required": false,
"title": "Type of full sync being requested",
"type": "string"
}
},
"title": "Full sync action request parameters",
"type": "object"
}
PolicyGroupAntreaEgressCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupAntreaEgressCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"antrea_egresses": {
"items": {
"$ref": "PolicyAntreaEgress
},
"required": true,
"type": "array"
},
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupAntreaEgressList (type)
{
"additionalProperties": false,
"description": "Details of the antrea egresses belonging to a policy Group",
"id": "PolicyGroupAntreaEgressList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupAntreaEgressCluster
},
"required": true,
"type": "array"
}
},
"title": "List of antrea egress members",
"type": "object"
}
PolicyGroupAntreaEgressListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of antrea egresses belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupAntreaEgressListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupAntreaEgressList
},
"required": true,
"title": "Paged Collection of antrea egresses that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Antrea egress members",
"type": "object"
}
PolicyGroupAntreaIPPoolCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupAntreaIPPoolCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"antrea_ip_pools": {
"items": {
"$ref": "PolicyAntreaIPPool
},
"required": true,
"type": "array"
},
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupAntreaIPPoolList (type)
{
"additionalProperties": false,
"description": "Details of the antrea ippools belonging to a policy Group",
"id": "PolicyGroupAntreaIPPoolList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupAntreaIPPoolCluster
},
"required": true,
"type": "array"
}
},
"title": "List of antrea ip pool members",
"type": "object"
}
PolicyGroupAntreaIPPoolListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of antrea ip pools belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupAntreaIPPoolListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupAntreaIPPoolList
},
"required": true,
"title": "Paged Collection of antrea ip pools that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of antrea ip pool members",
"type": "object"
}
PolicyGroupAssociatedKubernetesCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster member belonging to a Group",
"id": "PolicyGroupAssociatedKubernetesCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupAssociatedKubernetesClusterList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes clusters belonging to a policy Group",
"id": "PolicyGroupAssociatedKubernetesClusterList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupAssociatedKubernetesCluster
},
"required": true,
"type": "array"
}
},
"title": "List of clusters associated to a Group",
"type": "object"
}
PolicyGroupAssociatedKubernetesClusterListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes clusters associated to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupAssociatedKubernetesClusterListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupAssociatedKubernetesClusterList
},
"required": true,
"title": "Paged Collection of kubernetes resources that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of clusters associated to a Group",
"type": "object"
}
PolicyGroupIPMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of IP members belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupIPMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPElement
},
"required": true,
"title": "Paged Collection of IP addresses that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group IP members list result",
"type": "object"
}
PolicyGroupKubernetesGatewayCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupKubernetesGatewayCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "PolicyGroupKubernetesGatewayNamespace
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupKubernetesGatewayList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes gateways belonging to a policy Group",
"id": "PolicyGroupKubernetesGatewayList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupKubernetesGatewayCluster
},
"required": true,
"type": "array"
}
},
"title": "List of kubernetes gateway members",
"type": "object"
}
PolicyGroupKubernetesGatewayListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes gateways belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupKubernetesGatewayListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupKubernetesGatewayList
},
"required": true,
"title": "Paged Collection of kubernetes gateways that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of kubernetes gateway members",
"type": "object"
}
PolicyGroupKubernetesGatewayNamespace (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes namespace members belonging to a Group",
"id": "PolicyGroupKubernetesGatewayNamespace",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes namespace",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes namespace",
"type": "string"
},
"kubernetes_gateways": {
"items": {
"$ref": "PolicyKubernetesGateway
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes namespace member details",
"type": "object"
}
PolicyGroupKubernetesIngressCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupKubernetesIngressCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "PolicyGroupKubernetesIngressNamespace
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupKubernetesIngressList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes ingress policies belonging to a policy Group",
"id": "PolicyGroupKubernetesIngressList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupKubernetesIngressCluster
},
"required": true,
"type": "array"
}
},
"title": "List of kubernetes ingress mmebers",
"type": "object"
}
PolicyGroupKubernetesIngressListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes ingress policies belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupKubernetesIngressListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupKubernetesIngressList
},
"required": true,
"title": "Paged Collection of kubernetes ingress policies that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of kubernetes ingress mmebers",
"type": "object"
}
PolicyGroupKubernetesIngressNamespace (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes namespace members belonging to a Group",
"id": "PolicyGroupKubernetesIngressNamespace",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes namespace",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes namespace",
"type": "string"
},
"kubernetes_ingresses": {
"items": {
"$ref": "PolicyKubernetesIngress
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes namespace member details",
"type": "object"
}
PolicyGroupKubernetesNodeCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupKubernetesNodeCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
},
"kubernetes_nodes": {
"items": {
"$ref": "PolicyKubernetesNode
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupKubernetesNodeList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes nodes belonging to a policy Group",
"id": "PolicyGroupKubernetesNodeList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupKubernetesNodeCluster
},
"required": true,
"type": "array"
}
},
"title": "List of kubernetes node members",
"type": "object"
}
PolicyGroupKubernetesNodeListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes nodes belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupKubernetesNodeListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupKubernetesNodeList
},
"required": true,
"title": "Paged Collection of kubernetes nodes that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of kubernetes node members",
"type": "object"
}
PolicyGroupKubernetesServiceCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupKubernetesServiceCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "PolicyGroupKubernetesServiceNamespace
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupKubernetesServiceList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes services belonging to a policy Group",
"id": "PolicyGroupKubernetesServiceList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupKubernetesServiceCluster
},
"required": true,
"type": "array"
}
},
"title": "List of kubernetes service members",
"type": "object"
}
PolicyGroupKubernetesServiceListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes services belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupKubernetesServiceListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupKubernetesServiceList
},
"required": true,
"title": "Paged Collection of kubernetes services that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of kubernetes service members",
"type": "object"
}
PolicyGroupKubernetesServiceNamespace (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes namespace members belonging to a Group",
"id": "PolicyGroupKubernetesServiceNamespace",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes namespace",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes namespace",
"type": "string"
},
"kubernetes_services": {
"items": {
"$ref": "PolicyKubernetesService
},
"required": true,
"type": "array"
}
},
"title": "Kubernetes namespace member details",
"type": "object"
}
PolicyGroupMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "PolicyGroupMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The display name of the member on the enforcement point",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The ID of the member on the enforcement point",
"type": "string"
},
"path": {
"readonly": true,
"required": true,
"title": "The path of the member, if relevant",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
}
},
"title": "Group member details",
"type": "object"
}
PolicyGroupMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of members belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupMemberDetails
},
"required": true,
"title": "Paged Collection of members that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group members list result",
"type": "object"
}
PolicyGroupPodCidrCluster (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes cluster members belonging to a Group",
"id": "PolicyGroupPodCidrCluster",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes cluster",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes cluster",
"type": "string"
},
"kubernetes_nodes": {
"items": {
"$ref": "PolicyKubernetesNodePodCidr
},
"required": true,
"title": "Kubernetes nodes",
"type": "array"
}
},
"title": "Kubernetes cluster member details",
"type": "object"
}
PolicyGroupPodCidrList (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes node pod cidrs belonging to a policy Group",
"id": "PolicyGroupPodCidrList",
"module_id": "PolicyGroupRealization",
"properties": {
"clusters": {
"items": {
"$ref": "PolicyGroupPodCidrCluster
},
"required": true,
"type": "array"
}
},
"title": "List of kubernetes node pod cidr members",
"type": "object"
}
PolicyGroupPodCidrListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of kubernetes node pod cidrs belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupPodCidrListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupPodCidrList
},
"required": true,
"title": "Paged Collection of kubernetes node pod cidrs that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of kubernetes node pod cidr members",
"type": "object"
}
PolicyGroupServiceAssociationsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "PolicyGroupServiceAssociationsRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"description": "Path of the entity for which associated services are to be fetched.",
"required": true,
"title": "Path of the entity",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"service_type": {
"enum": [
"firewall",
"ipfix"
],
"required": false,
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Associations list request parameters",
"type": "object"
}
PolicyHighPerformanceHostSwitchProfile (type)
{
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyHighPerformanceHostSwitchProfile",
"module_id": "PolicyHighPerformanceHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyHighPerformanceHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_config": {
"maximum": 1,
"minimum": 0,
"required": false,
"title": "This property is used to auto configure high performance.\nThis could be either 0 or 1. Value of 1 means user do not\nneed to provide any other configuration In this case, system\nwill enable high performance automatically. Value of 0 means\nthis mode is not enabled. In this case, user has to provide\nhigh performance configurations to enable high performance.\n",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"high_performance_configs": {
"items": {
"$ref": "HighPerformanceConfig
},
"minItems": 0,
"required": false,
"title": "List of configurations used in High Performance profile.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Switch Profile for High Performance.",
"type": "object"
}
PolicyHostInfraTrafficType (type)
{
"description": "The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned.",
"id": "PolicyHostInfraTrafficType",
"module_id": "PolicyNiocProfile",
"properties": {
"dynamic_res_pool_name": {
"required": false,
"title": "Dynamic resource pool traffic name",
"type": "string"
},
"traffic_name": {
"enum": [
"FAULT_TOLERANCE",
"HBR",
"ISCSI",
"MANAGEMENT",
"NFS",
"VDP",
"VIRTUAL_MACHINE",
"VMOTION",
"VSAN"
],
"required": false,
"title": "Traffic types",
"type": "string"
}
},
"title": "Enumerate all types of traffic",
"type": "object"
}
PolicyHostSwitchProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyHostSwitchProfileListRequestParameters",
"module_id": "PolicyBaseHostSwitchProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"deployment_type": {
"$ref": "EdgeDeploymentType,
"description": "If the node_type is specified, then deployment_type may be specified to filter uplink profiles applicable to only PHYSICAL_MACHINE or VIRTUAL_MACHINE deployments of these nodes.",
"required": false,
"title": "Deployment type of EdgeNode or PublicCloudGatewayNode"
},
"hostswitch_profile_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": false,
"title": "Type of host switch profile"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"max_active_uplink_count": {
"description": "Filter uplink profiles whose number of active uplinks in teaming policy is less than or equal to max_active_uplink_count.",
"required": false,
"title": "Filter uplink profiles by number of active links in teaming policy.",
"type": "int"
},
"node_type": {
"description": "The fabric node type is the resource_type of the Node such as EdgeNode and PublicCloudGatewayNode. If a fabric node type is given, uplink profiles that apply for nodes of the given type will be returned.",
"enum": [
"EdgeNode",
"PublicCloudGatewayNode"
],
"required": false,
"title": "Fabric node type for which uplink profiles are to be listed",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.",
"required": false,
"title": "The host switch profile's uplink teaming policy name",
"type": "string"
}
},
"title": "HostSwitchProfile List Request Parameters",
"type": "object"
}
PolicyHostSwitchProfileType (type)
{
"enum": [
"PolicyUplinkHostSwitchProfile",
"PolicyLldpHostSwitchProfile",
"PolicyNiocProfile",
"PolicyExtraConfigHostSwitchProfile",
"PolicyVtepHAHostSwitchProfile",
"PolicyHighPerformanceHostSwitchProfile"
],
"id": "PolicyHostSwitchProfileType",
"module_id": "PolicyBaseHostSwitchProfile",
"title": "Supported HostSwitch profiles.",
"type": "string"
}
PolicyHostSwitchProfilesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyHostSwitchProfilesListResult",
"module_id": "PolicyBaseHostSwitchProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyBaseHostSwitchProfile
},
"readonly": true,
"required": false,
"title": "HostSwitch Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HostSwitch Profile queries result",
"type": "object"
}
PolicyHostTransportNodeProfile (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyHostTransportNodeProfile",
"module_id": "PolicyHostTransportNodeProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_switch_spec": {
"$ref": "HostSwitchSpec,
"description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications. Only standard host switches are supported in the transport node profile.",
"required": false,
"title": "Host transport node host switch specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_overridden_hosts": {
"default": false,
"description": "Host Transport Node Profiles specify the configuration that is applied to all hosts in a cluster. The user has the ability to update the configuration on individual hosts within a cluster which will cause the host configuration to differ from the Host Transport Node Profile and results in the host to be marked as overridden. If a Host Transport Node Profile is edited or a new Host Transport Node Profile is applied on a Host Transport Node Collection, by default, the host configuration will be overwritten with the Host Transport Node Profile configuration and the overridden flag will be reset to false. This flag should be used when hosts that are set as overridden should not adopt the Host Transport Node Profile configuration when it is being updated or a new one is applied to the Host Transport Node Collection. In other words, when this flag is set to the default value of false and configuration is applied at the cluster level, the configuration will be applied on all hosts regardless if overridden or not. When this flag is set to true, all hosts that are set as overridden, i.e., have been updated invidivually, will be ignored and the cluster-level configuration will not be applied. Note, Host Transport Node Profiles can be applied on multiple clusters. This field will dictate the behavior followed by all clusters using this Host Transport Node Profile.",
"required": false,
"title": "Determines if cluster-level configuration should be applied on overridden hosts",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Transport Node Profile",
"type": "object"
}
PolicyHostTransportNodeProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyHostTransportNodeProfileListResult",
"module_id": "PolicyHostTransportNodeProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyHostTransportNodeProfile
},
"readonly": true,
"required": false,
"title": "PolicyHostTransportNodeProfile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Host Transport Node Profile queries result",
"type": "object"
}
PolicyIKEDigestAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "PolicyIKEDigestAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
PolicyIKEEncryptionAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128 uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "PolicyIKEEncryptionAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
PolicyIKEVersion (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"id": "PolicyIKEVersion",
"module_id": "PolicyL3Vpn",
"title": "IKE version",
"type": "string"
}
PolicyIPAddressInfo (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Used to specify the display name and value of the IPv4Address.",
"id": "PolicyIPAddressInfo",
"module_id": "PolicyL3Vpn",
"properties": {
"address_value": {
"$ref": "IPv4Address,
"description": "Value of the IPv4Address.",
"required": true,
"title": "Value of the IPv4Address"
},
"display_name": {
"description": "Display name used to help identify the IPv4Address.",
"required": false,
"title": "Display name of the IPv4Address",
"type": "string"
},
"next_hop": {
"$ref": "IPv4Address,
"description": "Next hop used in auto-plumbing of static route. If a value is not provided, static route will not be auto-plumbed.",
"required": false,
"title": "Next Hop of the IPv4Address"
}
},
"title": "IP address information",
"type": "object"
}
PolicyIdfwEnforcementPointRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request can be parameterized with this path and will be evaluted as follows > no enforcement point path specified: the request is evaluated on available existing enforcement point. We support only 1 per policy manager. > {enforcement_point_path}: the request is evaluated only on the given enforcement point. IDFW is currently not supported on Federation. Once it start supporting, GM will have to send the enforcement point path while LM behavior stays same.",
"id": "PolicyIdfwEnforcementPointRequestParameters",
"module_id": "PolicyIdentity",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Policy Idfw enforcement point Request Parameters",
"type": "object"
}
PolicyIdfwGroupRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameter that accepts Group path.",
"extends": {
"$ref": "PolicyIdfwEnforcementPointRequestParameters
},
"id": "PolicyIdfwGroupRequestParameters",
"module_id": "PolicyIdentity",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"group_path": {
"description": "Group path, forward slashes must be escaped using %2F.",
"required": true,
"title": "String Path of the group",
"type": "string"
}
},
"title": "Policy Idfw group request parameter",
"type": "object"
}
PolicyIdfwGroupVmDetailListResult (type)
{
"additionalProperties": false,
"description": "Identity Firewall user login/session data for a single Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdfwGroupVmDetailListResult",
"module_id": "PolicyIdentity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_path": {
"description": "String Path of the group",
"read_only": true,
"title": "String Path of the group",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IdfwVmDetail
},
"read_only": true,
"title": "List of user login/session data for a single VM",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Identity Firewall user login/session data for a single Group",
"type": "object"
}
PolicyIdsEventDataRequest (type)
{
"additionalProperties": false,
"description": "Filtering parameters to get only a subset of intrusion events.",
"id": "PolicyIdsEventDataRequest",
"module_id": "PolicyIDSMetrics",
"properties": {
"filters": {
"description": "An array of filter conditions.",
"items": {
"$ref": "FilterRequest
},
"required": false,
"title": "Filter conditions",
"type": "array"
}
},
"title": "Parameters to filter list of intrusions",
"type": "object"
}
PolicyIdsEventFlowData (type)
{
"additionalProperties": false,
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, protocol, rule id, profile id, and the action.",
"id": "PolicyIdsEventFlowData",
"module_id": "PolicyIDSMetrics",
"properties": {
"action_type": {
"description": "The action pertaining to the detected intrusion. Possible values are ALERT, DROP, REJECT, and INVALID. ALERT - If there is a signature match on the packet, it is allowed to pass but a notification is sent to the user notifying an intrusion was detected. DROP - On a signature match, the packet is silently dropped. An alert is sent to the user that an intrusion was detected. REJECT - On a signature match, the packet is dropped and TCP RST or ICMP error messages (for non-TCP pkts) are sent to the endpoints. An alert is sent to the user that an intrusion was detected. INVALID - If the action doesn't belong to any of the above mentioned categories, it is marked as INVALID.",
"enum": [
"ALERT",
"DROP",
"REJECT",
"INVALID"
],
"readonly": true,
"required": false,
"title": "IDS Event action",
"type": "string"
},
"bytes_toclient": {
"description": "Bytes sent to client.",
"readonly": true,
"required": false,
"title": "Bytes to client",
"type": "integer"
},
"bytes_toserver": {
"description": "Bytes sent to server.",
"readonly": true,
"required": false,
"title": "Bytes to server",
"type": "integer"
},
"client_ip": {
"description": "IP address of the VM that initiated the communication.",
"readonly": true,
"required": false,
"title": "IP address of the client VM",
"type": "string"
},
"destination_ip": {
"description": "IP address of the destination VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the destination VM",
"type": "string"
},
"destination_port": {
"description": "Port on the destination VM where the traffic was sent to.",
"readonly": true,
"required": false,
"title": "Destination port",
"type": "integer"
},
"gateway": {
"description": "Name of the gateway on which this intrusion was detected.",
"readonly": true,
"required": false,
"title": "Gateway where the intrusion was detected at",
"type": "string"
},
"gateway_tags": {
"description": "Tags associated with the gateway on which this intrusion was detected.",
"items": {
"$ref": "Tag
},
"readonly": true,
"required": false,
"title": "Tags associated with the gateway",
"type": "array"
},
"host": {
"description": "Name of the host on which this intrusion was detected.",
"readonly": true,
"required": false,
"title": "Host where intrusion was seen",
"type": "string"
},
"local_vm_ip": {
"description": "IP address of VM on the host where IDS engine is running.",
"readonly": true,
"required": false,
"title": "IP address of the local VM",
"type": "string"
},
"profile_id": {
"description": "The IDS profile id that is associated with the IDS rule pertaining to the intrusion event detected.",
"readonly": true,
"required": false,
"title": "IDS profile id",
"type": "string"
},
"protocol": {
"description": "Traffic protocol pertaining to the detected intrusion, could be TCP/UDP etc.",
"readonly": true,
"required": false,
"title": "Traffic protocol pertaining to the intrusion",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"source_ip": {
"description": "IP address of the source VM on the intrusion flow.",
"readonly": true,
"required": false,
"title": "IP address of the source VM",
"type": "string"
},
"source_port": {
"description": "Source port through which traffic was initiated that caused the intrusion to be detected.",
"readonly": true,
"required": false,
"title": "Source port",
"type": "integer"
},
"traffic_type": {
"description": "The source where the intrusion was detected. Possible values are GATEWAY and HOST.",
"enum": [
"GATEWAY",
"HOST"
],
"readonly": true,
"required": false,
"title": "IDS event detection source",
"type": "string"
}
},
"title": "IDS event flow data",
"type": "object"
}
PolicyIdsEventsBySignature (type)
{
"additionalProperties": false,
"description": "Intrusions that are detected, grouped by signature. It contains the signature id, severity, name, the number of intrusions of that type and the first occurence.",
"id": "PolicyIdsEventsBySignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of times signature was seen",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp,
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"first_occurrence_site": {
"description": "The site at which the intrusion first occurred.",
"readonly": true,
"required": false,
"title": "IDS event first occurrence site",
"type": "string"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"project_id": {
"readonly": true,
"required": false,
"title": "Project Identifier",
"type": "string"
},
"project_path": {
"readonly": true,
"required": false,
"title": "Project path",
"type": "string"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"severity": {
"description": "Severity of the threat covered by the signature, can be Critical, High, Medium, or Low.",
"readonly": true,
"required": false,
"title": "Severity of the signature",
"type": "string"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_name": {
"description": "Name of the signature pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Name of the signature",
"type": "string"
},
"sites_occurred": {
"description": "The sites at which the intrusion occurred.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "IDS event occurrence sites",
"type": "array"
},
"traffic_type": {
"description": "The source where the intrusion was detected. Possible values are GATEWAY and HOST.",
"enum": [
"GATEWAY",
"HOST"
],
"readonly": true,
"required": false,
"title": "IDS event detection source",
"type": "string"
}
},
"title": "Detected intrusions grouped by signature",
"type": "object"
}
PolicyIdsEventsBySignatureResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature, it contains minimal details about the intrusions.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdsEventsBySignatureResult",
"module_id": "PolicyIDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all intrusions detected, grouped by signature. The details include signature id, name, severity, timestamp, and total number of attempts per signature.",
"items": {
"$ref": "PolicyIdsEventsBySignature
},
"readonly": true,
"title": "List of all intrusions detected",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions grouped by signature",
"type": "object"
}
PolicyIdsEventsSummary (type)
{
"additionalProperties": false,
"description": "Intrusion event with all the event and signature details, each event contains the signature id, name, severity, first and recent occurence, users and VMs affected and other signature metadata.",
"id": "PolicyIdsEventsSummary",
"module_id": "PolicyIDSMetrics",
"properties": {
"affected_ip_count": {
"description": "Count of workload IPs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Count of workload IPs this signature was detected on",
"type": "integer"
},
"affected_vm_count": {
"description": "Count of VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Count of VMs this signature was detected on",
"type": "integer"
},
"first_occurence": {
"$ref": "EpochMsTimestamp,
"description": "First occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "First occurence of the intrusion"
},
"ids_flow_details": {
"description": "IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, and protocol.",
"items": {
"$ref": "PolicyIdsEventFlowData
},
"readonly": true,
"required": false,
"title": "IDS event flow data details",
"type": "object"
},
"is_ongoing": {
"description": "Flag indicating an ongoing intrusion.",
"readonly": true,
"required": false,
"title": "Flag indicating an ongoing intrusion",
"type": "boolean"
},
"is_rule_valid": {
"description": "Indicates if the rule id is valid or not.",
"readonly": true,
"required": false,
"title": "Is the rule id valid",
"type": "boolean"
},
"latest_occurence": {
"$ref": "EpochMsTimestamp,
"description": "Latest occurence of the intrusion, in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Latest occurence of the intrusion"
},
"pcap_id": {
"description": "ID of the packet-capture associated with an event.",
"readonly": true,
"required": false,
"title": "PCAP ID",
"type": "string"
},
"project_id": {
"readonly": true,
"required": false,
"title": "Project Identifier",
"type": "string"
},
"project_path": {
"readonly": true,
"required": false,
"title": "Project path",
"type": "string"
},
"resource_type": {
"description": "IDSEvent resource type.",
"readonly": true,
"required": true,
"title": "IDSEvent resource type",
"type": "string"
},
"rule_id": {
"description": "The IDS Rule id that detected this particular intrusion.",
"readonly": true,
"required": false,
"title": "IDS Rule id of detected intrusion",
"type": "integer"
},
"signature_id": {
"description": "Signature ID pertaining to the detected intrusion.",
"readonly": true,
"required": false,
"title": "Signature ID",
"type": "integer"
},
"signature_metadata": {
"description": "Metadata about the detected signature including name, id, severity, product affected, protocol etc.",
"items": {
"$ref": "IdsSignature
},
"readonly": true,
"required": false,
"title": "Metadata about the detected signature",
"type": "object"
},
"site_id": {
"description": "Site Identifier",
"readonly": true,
"required": false,
"title": "Site Identifier",
"type": "string"
},
"total_count": {
"description": "Number of times this particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of occurrences of this signature",
"type": "integer"
},
"user_details": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"$ref": "PolicyIdsUserStats
},
"readonly": true,
"required": false,
"title": "List of users on the affected VMs",
"type": "object"
},
"vm_details": {
"description": "List of VMs on which a particular signature was detected with the count.",
"items": {
"$ref": "PolicyIdsVmStats
},
"readonly": true,
"required": false,
"title": "List of VMs this signature was seen",
"type": "object"
}
},
"title": "Intrusions with event and signature data",
"type": "object"
}
PolicyIdsIpList (type)
{
"additionalProperties": false,
"description": "List of all affected IP addresses pertaining to a specific signature for intrusion events seen on edge.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdsIpList",
"module_id": "PolicyIDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected IP addresses specific to a particular signature.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "List of all affected IP addresses",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected IP addresses",
"type": "object"
}
PolicyIdsSummaryListResult (type)
{
"additionalProperties": false,
"description": "List of all intrusions that are detected grouped by signature with their summary.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdsSummaryListResult",
"module_id": "PolicyIDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of the detected intrusions.",
"items": {
"$ref": "PolicyIdsEventsSummary
},
"maxItems": 100,
"readonly": true,
"title": "Paged collection of intrusions",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of intrusions with their summary",
"type": "object"
}
PolicyIdsUserList (type)
{
"additionalProperties": false,
"description": "List of all affected users pertaining to a specific signature.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdsUserList",
"module_id": "PolicyIDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected users specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected users",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected Users",
"type": "object"
}
PolicyIdsUserStats (type)
{
"additionalProperties": false,
"description": "List of Users logged into VMs where intrusions of a given signature were detected.",
"id": "PolicyIdsUserStats",
"module_id": "PolicyIDSMetrics",
"properties": {
"count": {
"description": "Number of unique users logged into VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique users",
"type": "integer"
},
"user_list": {
"description": "List of users logged into VMs on which a particular signature was detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of users",
"type": "array"
}
},
"title": "List of Users",
"type": "object"
}
PolicyIdsVmList (type)
{
"additionalProperties": false,
"description": "List of all affected VMs pertaining to a specific signature for intrusion events seen on host.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIdsVmList",
"module_id": "PolicyIDSMetrics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of all affected VMs specific to a particular signature.",
"items": {
"type": "string"
},
"readonly": true,
"title": "List of all affected VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of affected VMs",
"type": "object"
}
PolicyIdsVmStats (type)
{
"additionalProperties": false,
"description": "List of VMs on which a particular signature was detected with the count.",
"id": "PolicyIdsVmStats",
"module_id": "PolicyIDSMetrics",
"properties": {
"count": {
"description": "Number of unique VMs on which a particular signature was detected.",
"readonly": true,
"required": false,
"title": "Number of unique VMs",
"type": "integer"
},
"vm_list": {
"description": "List of VM names on which intrusions of that particular signature type were detected.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of VM names",
"type": "array"
}
},
"title": "List of VMs where signature was detected",
"type": "object"
}
PolicyIgmpProfile (type)
{
"additionalProperties": false,
"description": "IGMP profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyIgmpProfile",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_member_query_interval": {
"default": 1,
"description": "Max Response Time inserted into Group-Specific Queries sent in response to Leave Group messages, and is also the amount of time between Group-Specific Query messages. This value may be tuned to modify the \"leave latency\" of the network. A reduced value results in reduced time to detect the loss of the last member of a group.",
"maximum": 25,
"minimum": 1,
"required": false,
"title": "Max Response Time",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"query_interval": {
"default": 30,
"description": "Interval(seconds) between general IGMP host-query messages.",
"maximum": 1800,
"minimum": 1,
"required": false,
"title": "Interval between general IGMP host-query messages",
"type": "int"
},
"query_max_response_time": {
"default": 10,
"description": "The query response interval(seconds) is the maximum amount of time that can elapse between when the querier router sends a host-query message and when it receives a response from a host. Configuring this interval allows admins to adjust the burstiness of IGMP messages on the subnet; larger values make the traffic less bursty, as host responses are spread out over a larger interval. The number of seconds represented by the query_max_response_time must be less than the query_interval.",
"maximum": 25,
"minimum": 1,
"required": false,
"title": "The maximum elapsed time between response",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"robustness_variable": {
"default": 2,
"description": "The Robustness Variable allows tuning for the expected packet loss on a subnet. If a subnet is expected to be lossy, the Robustness Variable may be increased. IGMP is robust to (Robustness Variable-1) packet losses. The Robustness Variable must not be zero, and SHOULD NOT be one.",
"maximum": 7,
"minimum": 1,
"required": false,
"title": "The Robustness Variable",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IGMP Profile",
"type": "object"
}
PolicyIgmpProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "Igmp Profile list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyIgmpProfileListRequestParameters",
"module_id": "PolicyMulticast",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Igmp Profile list request parameters",
"type": "object"
}
PolicyIgmpProfileListResult (type)
{
"additionalProperties": false,
"description": "Collection of Igmp Profile.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyIgmpProfileListResult",
"module_id": "PolicyMulticast",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Igmp Profile list results",
"items": {
"$ref": "PolicyIgmpProfile
},
"required": true,
"title": "Igmp Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Igmp Profile",
"type": "object"
}
PolicyInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a security policy or rule w.r.t to another one.",
"id": "PolicyInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where security policy/rule needs to be placed\n",
"type": "object"
}
PolicyInterVrfRoutingConfig (type)
{
"additionalProperties": false,
"description": "policy inter-vrf routing config.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyInterVrfRoutingConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bgp_route_leaking": {
"description": "Import / export BGP routes.",
"items": {
"$ref": "BgpRouteLeaking
},
"maxItems": 2,
"required": false,
"title": "Import / export BGP routes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"static_route_advertisement": {
"$ref": "PolicyStaticRouteAdvertisement,
"description": "Advertise subnet to target peers as static routes. It cannot be enabled on parent tier0 in first release.",
"required": false,
"title": "Advertise subnet to target peers as static routes"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_path": {
"description": "Policy path to tier0/vrf belongs to the same parent tier0.",
"required": true,
"title": "Policy path to tier0/vrf belongs to the same parent tier0",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "policy inter-vrf routing config",
"type": "object"
}
PolicyInterVrfRoutingConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyInterVrfRoutingConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "inter-vrf routing configuration list request parameters",
"type": "object"
}
PolicyInterVrfRoutingConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of inter-vrf routing configuration.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyInterVrfRoutingConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "inter-vrf routing configuration list results",
"items": {
"$ref": "PolicyInterVrfRoutingConfig
},
"required": true,
"title": "inter-vrf routing configuration list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of inter-vrf routing configuration",
"type": "object"
}
PolicyInterfaceGroupStatistics (type)
{
"additionalProperties": false,
"description": "Tier0 or Tier1 interface group statistics on specific Enforcement Point.",
"id": "PolicyInterfaceGroupStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"members": {
"description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.",
"items": {
"$ref": "LogicalRouterPortStatistics
},
"readonly": true,
"title": "Gateway Interface statistics",
"type": "array"
},
"summary": {
"$ref": "AggregatedLogicalRouterPortCounters,
"description": "Aggregated interface group statistics on specific Enforcement Point.",
"readonly": true,
"title": "Aggregated interface group statistics"
}
},
"title": "Gateway Interface group statistics",
"type": "object"
}
PolicyInterfaceOspfConfig (type)
{
"additionalProperties": false,
"description": "OSPF Interface configuration.",
"id": "PolicyInterfaceOspfConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bfd_path": {
"description": "This filed is valid only if enable_bfd is set to TRUE. If enable_bfd flag is set to TRUE, this profile will be applied to all OSPF peers in this interface. If this field is empty, bfd_path will refer to Tier-0 global BFD profile.",
"required": false,
"title": "Policy path of BFD profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_OSPF_BFD_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"dead_interval": {
"default": 40,
"description": "Specifies the number of seconds that router must wait before it declares a OSPF neighbor router down because it has not received OSPF hello packet. OSPF dead interval should be minimum 3 times greater than the hello interval",
"maximum": 65535,
"minimum": 3,
"required": false,
"title": "OSPF dead interval in seconds",
"type": "int"
},
"enable_bfd": {
"description": "Enable/Disable OSPF to register for BFD event. Use FALSE to disable BFD.",
"required": false,
"title": "enable BFD for OSPF",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "enable/disable OSPF on the interface. If enabled flag not specified, defailt is enable OSPF.",
"title": "enable/disable OSPF",
"type": "boolean"
},
"hello_interval": {
"default": 10,
"description": "Specifies the interval between the hello packets that OSPF sends on this interface. OSPF hello interval should be less than the dead interval",
"maximum": 21845,
"minimum": 1,
"required": false,
"title": "OSPF hello interval in seconds",
"type": "int"
},
"network_type": {
"default": "BROADCAST",
"description": "Configure OSPF networkt type, default is BROADCAST network type",
"enum": [
"BROADCAST",
"P2P"
],
"required": false,
"title": "Configure OSPF networkt type",
"type": "string"
},
"ospf_area": {
"description": "Attache Tier0 Interface to specified OSPF Area. all peers.",
"required": true,
"title": "Attach Tier0 Interface to specified OSPF Area",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_OSPF_AREA_RELATIONSHIP",
"rightType": [
"OspfAreaConfig"
]
}
]
}
},
"title": "OSPF Interface configuration",
"type": "object"
}
PolicyInterfaceStatistics (type)
{
"additionalProperties": false,
"description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalRouterPortStatistics
},
"id": "PolicyInterfaceStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"per_node_statistics": {
"additionalProperties": false,
"items": {
"$ref": "LogicalRouterPortStatisticsPerNode
},
"readonly": true,
"required": false,
"title": "Per Node Statistics",
"type": "array"
}
},
"title": "Tier0 or Tier1 interface statistics on specific Enforcement Point",
"type": "object"
}
PolicyInterfaceStatisticsSummary (type)
{
"additionalProperties": false,
"description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalRouterPortStatisticsSummary
},
"id": "PolicyInterfaceStatisticsSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"interface_policy_path": {
"description": "Policy path for the interface",
"title": "Policy path for the interface",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"title": "Tier0 or Tier1 interface statistics on specific Enforcement Point",
"type": "object"
}
PolicyIpReputationFeedQueryParameters (type)
{
"id": "PolicyIpReputationFeedQueryParameters",
"module_id": "PolicyFirewallIpReputation",
"properties": {
"operation": {
"enum": [
"enable_auto_download",
"disable_auto_download",
"download"
],
"required": true,
"title": "action",
"type": "string"
}
},
"title": "IP Reputation feed query parameters",
"type": "object"
}
PolicyIpsecVpnIkeServiceSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all IPSec VPN sessions for a specified service.",
"extends": {
"$ref": "PolicyIpsecVpnSessionSummary
},
"id": "PolicyIpsecVpnIkeServiceSummary",
"module_id": "PolicyVpnStats",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"display_name": {
"readonly": true,
"title": "Display name of IPSec VPN service",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the Primary site's enforcement point where the info is fetched. This is applicable only on a GlobalManager.",
"readonly": true,
"required": false,
"title": "Enforcement point Path",
"type": "string"
},
"ipsec_vpn_service_path": {
"readonly": true,
"title": "Policy path of IPSec VPN service",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary,
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN IKE service summary",
"type": "object"
}
PolicyIpsecVpnSessionSummary (type)
{
"additionalProperties": false,
"description": "Summarized view of all selected IPSec VPN sessions.",
"id": "PolicyIpsecVpnSessionSummary",
"module_id": "PolicyVpnStats",
"properties": {
"aggregate_traffic_counters": {
"$ref": "IPSecVPNTrafficCounters,
"description": "Aggregate traffic statistics across all selected sessions.",
"title": "Traffic summary"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last updated timestamp"
},
"session_summary": {
"$ref": "IPsecVPNIKESessionSummary,
"description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.",
"readonly": true,
"title": "Session summary"
},
"traffic_summary_per_session": {
"description": "Traffic summary per session.",
"items": {
"$ref": "IPSecVPNSessionTrafficSummary
},
"title": "Traffic summary",
"type": "array"
}
},
"title": "IPSec VPN session summary",
"type": "object"
}
PolicyKubernetesGateway (type)
{
"additionalProperties": false,
"description": "Kubernetes gateway details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyKubernetesGateway",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"gateway_ip_addresses": {
"items": {
"type": "string"
},
"required": true,
"title": "The ip addresses of kubernetes gateway resource",
"type": "array"
}
},
"title": "Kubernetes gateway resource details",
"type": "object"
}
PolicyKubernetesIngress (type)
{
"additionalProperties": false,
"description": "kubernetes ingress details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyKubernetesIngress",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"load_balance_ingress_ip_addresses": {
"items": {
"type": "string"
},
"required": true,
"title": "The load balance ingress ip addresses of kubernetes ingress resource",
"type": "array"
}
},
"title": "kubernetes ingress details",
"type": "object"
}
PolicyKubernetesListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the api that get data from the Antrea Cluster.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyKubernetesListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"description": "ID of the cluster to query",
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy kubernetes list request parameters",
"type": "object"
}
PolicyKubernetesNode (type)
{
"additionalProperties": false,
"description": "kubernetes node resource details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyKubernetesNode",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"ip_addresses": {
"items": {
"type": "string"
},
"required": true,
"title": "The ip addresses of kubernetes node resource",
"type": "array"
}
},
"title": "kubernetes node resource details",
"type": "object"
}
PolicyKubernetesNodePodCidr (type)
{
"additionalProperties": false,
"description": "kubernetes node resource details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyKubernetesNodePodCidr",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"pod_cidrs": {
"items": {
"type": "string"
},
"required": true,
"title": "The pod cidrs of kubernetes node resource",
"type": "array"
}
},
"title": "kubernetes node resource details",
"type": "object"
}
PolicyKubernetesResource (type)
{
"additionalProperties": false,
"description": "Details of the kubernetes resource belonging to a Group",
"id": "PolicyKubernetesResource",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
}
},
"title": "Kubernetes resource details",
"type": "object"
}
PolicyKubernetesService (type)
{
"additionalProperties": false,
"description": "Kubernetes service resource details",
"extends": {
"$ref": "PolicyKubernetesResource
},
"id": "PolicyKubernetesService",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_ips": {
"items": {
"type": "string"
},
"title": "The cluster ip addresses of kubernetes service resource",
"type": "array"
},
"display_name": {
"readonly": true,
"required": true,
"title": "The name of kubernetes resource",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "The id of kubernetes resource",
"type": "string"
},
"load_balance_ingresses": {
"items": {
"$ref": "PolicyKubernetesServiceLoadBalancerIngress
},
"title": "The load balance ingress of kubernetes service resource",
"type": "array"
},
"node_port_local_endpoints": {
"items": {
"$ref": "PolicyKubernetesServiceNodePortLocalEndpoint
},
"title": "The node port local endpoints of kubernetes service resource",
"type": "array"
},
"type": {
"readonly": true,
"required": true,
"title": "The type of kubernetes service resource",
"type": "string"
}
},
"title": "Kubernetes service resource details",
"type": "object"
}
PolicyKubernetesServiceLoadBalancerIngress (type)
{
"additionalProperties": false,
"description": "Kubernetes service Load Balance Ingress details",
"id": "PolicyKubernetesServiceLoadBalancerIngress",
"module_id": "PolicyGroupRealization",
"properties": {
"hostname": {
"description": "Hostname is set for load-balancer ingress points that are DNS based.",
"required": false,
"title": "Hostname of load-balance ingress point",
"type": "string"
},
"load_balancer_ingress_ip": {
"readonly": true,
"title": "The load balancer ingress ip of kubernetes service resource",
"type": "string"
},
"ports": {
"description": "Ports is a list of records of service points.",
"items": {
"$ref": "PolicyKubernetesServiceLoadBalancerIngressPortStatus
},
"required": false,
"title": "List of PortStatus",
"type": "array"
}
},
"title": "Kubernetes service Load Balance Ingress details",
"type": "object"
}
PolicyKubernetesServiceLoadBalancerIngressPortStatus (type)
{
"additionalProperties": false,
"description": "It represents the condition of a service point.",
"id": "PolicyKubernetesServiceLoadBalancerIngressPortStatus",
"module_id": "PolicyGroupRealization",
"properties": {
"port": {
"description": "Specifies port of service point.",
"readonly": false,
"required": false,
"title": "Port of service point",
"type": "integer"
},
"protocol": {
"description": "Specifies protocol of service point. e.g. TCP, UDP, SCTP.",
"enum": [
"TCP",
"UDP",
"SCTP"
],
"readonly": false,
"required": false,
"title": "Protocol of service point",
"type": "string"
}
},
"title": "Port status of a service point",
"type": "object"
}
PolicyKubernetesServiceNodePortLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Kubernetes service node port local endpoint details",
"id": "PolicyKubernetesServiceNodePortLocalEndpoint",
"module_id": "PolicyGroupRealization",
"properties": {
"node_ip": {
"readonly": true,
"title": "The node ip of kubernetes service resource",
"type": "string"
},
"node_port": {
"readonly": true,
"title": "The node port of kubernetes service resource",
"type": "string"
},
"protocol": {
"enum": [
"TCP",
"UDP",
"SCTP"
],
"title": "Protocol of endpoint",
"type": "string"
}
},
"title": "Kubernetes service node port local endpoint details",
"type": "object"
}
PolicyL2TablesParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TransportNodeIdParameters
},
"id": "PolicyL2TablesParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Layer-2 table request parameters",
"type": "object"
}
PolicyL2VpnRemoteMacParameters (type)
{
"additionalProperties": false,
"description": "Request Parameters for Remote Mac of L2Vpn Session.",
"extends": {
"$ref": "PolicyRuntimeOnEpRequestParameters
},
"id": "PolicyL2VpnRemoteMacParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"segment_path": {
"description": "Intent path of the segment.",
"required": false,
"title": "Segment Path",
"type": "string"
}
},
"title": "Remote mac for L2Vpn Session",
"type": "object"
}
PolicyLabel (type)
{
"additionalProperties": false,
"description": "Label to reference group of policy entities of same type.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyLabel",
"module_id": "PolicyLabel",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"refs": {
"description": "Policy entity paths referred by the label instance",
"items": {
"type": "string"
},
"required": false,
"title": "Policy entity paths referred by the label instance",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyLabel"
],
"relationshipType": "LABEL_REFS_RELATIONSHIP",
"rightType": []
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"description": "Policy intent entity type from PolicyResourceType",
"required": true,
"title": "Policy intent entity type from PolicyResourceType",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Label to reference group of policy entities of same type.",
"type": "object"
}
PolicyLabelListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyLabelListRequestParameters",
"module_id": "PolicyLabel",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyLabel list request parameters",
"type": "object"
}
PolicyLabelListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyLabelListResult",
"module_id": "PolicyLabel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyLabel
},
"required": true,
"title": "Policy label list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domains",
"type": "object"
}
PolicyLatencyStatProfile (type)
{
"description": "Latency stat service profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyLatencyStatProfile",
"module_id": "PolicyLatency",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the latency profile.",
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pnic_latency_enabled": {
"default": false,
"description": "Activate or Deactivate pnic latency.",
"readonly": false,
"title": "Pnic latency enablement flag",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sampling_interval": {
"description": "Event nth milliseconds packet is sampled. When a value less than 1000 is given, the realized sampling interval will be 1000 milliseconds.",
"maximum": 1000000,
"minimum": 1,
"title": "Latency sampling interval",
"type": "integer"
},
"sampling_rate": {
"description": "Event nth packet is sampled.",
"maximum": 1000000,
"minimum": 100,
"title": "Latency sampling rate",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Latency Stat Profile",
"type": "object"
}
PolicyLatencyStatProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyLatencyStatProfileListRequestParameters",
"module_id": "PolicyLatency",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Latency profile request parameters",
"type": "object"
}
PolicyLatencyStatProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyLatencyStatProfileListResult",
"module_id": "PolicyLatency",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Latency stat profile list.",
"items": {
"$ref": "PolicyLatencyStatProfile
},
"readonly": true,
"required": false,
"title": "Latency Stat Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of latency profile",
"type": "object"
}
PolicyListL2TablesParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListByNodeIdParameters
},
"id": "PolicyListL2TablesParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Layer-2 table list request parameters",
"type": "object"
}
PolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy list request parameters",
"type": "object"
}
PolicyListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of security policies",
"type": "object"
}
PolicyLiveTraceActionConfig (type)
{
"additionalProperties": false,
"id": "PolicyLiveTraceActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"counter_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"required": false,
"title": "Configuration of count action"
},
"datapath_stats_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"description": "Configuration of datapath statistics action, which can be enabled only when other actions are disabled.",
"required": false,
"title": "Configuration of datapath statistics action"
},
"pktcap_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"required": false,
"title": "Configuration of packet capture action"
},
"trace_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"required": false,
"title": "Configuration of trace action"
}
},
"title": "Livetrace action configuration",
"type": "object"
}
PolicyLiveTraceIpsecVpnConfig (type)
{
"additionalProperties": false,
"description": "Information for deriving virtual tunnel interface (VTI) of Route-based IPSec VPN session.",
"id": "PolicyLiveTraceIpsecVpnConfig",
"module_id": "PolicyConnectivity",
"properties": {
"session_path": {
"description": "Policy path of VPN session.",
"required": true,
"title": "Policy path of VPN session",
"type": "string"
}
},
"title": "IPSec VPN configuration for starting livetrace on IPSec tunnel interface",
"type": "object"
}
PolicyLldpHostSwitchProfile (type)
{
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyLldpHostSwitchProfile",
"module_id": "PolicyLldpHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyLldpHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"send_enabled": {
"required": true,
"title": "Enabled or disabled sending LLDP packets",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Switch for LLDP",
"type": "object"
}
PolicyMetadataProxyStatistics (type)
{
"id": "PolicyMetadataProxyStatistics",
"module_id": "PolicyMetadataProxy",
"properties": {
"metadata_proxy_path": {
"required": true,
"title": "Policy path of metadata proxy configuration",
"type": "string"
},
"statistics": {
"items": {
"$ref": "MetadataProxyStatisticsPerSegment
},
"required": false,
"title": "Metadata Proxy statistics per segment",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
PolicyMetadataProxyStatus (type)
{
"additionalProperties": false,
"id": "PolicyMetadataProxyStatus",
"module_id": "PolicyMetadataProxy",
"properties": {
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"proxy_status": {
"description": "UP means the metadata proxy is working fine on both transport-nodes(if configured); DOWN means the metadata proxy is is down on both transport-nodes(if configured), hence the metadata proxy will not repsond to any metadata request; Error means there is an error on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working on one of the transport node while not in the other transport-node (if configured). If the metadata proxy on the working transport-node goes down, the metadata proxy will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP"
],
"required": true,
"type": "string"
},
"transport_nodes": {
"description": "Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes.",
"items": {
"type": "string"
},
"required": true,
"title": "ids of transport nodes where this metadata proxy is running",
"type": "array"
}
},
"type": "object"
}
PolicyMulticastConfig (type)
{
"additionalProperties": false,
"description": "Multicast routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyMulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Activate/deactivate Multicast Configuration.",
"required": false,
"title": "Activate/deactivate Multicast Configuration",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"igmp_profile_path": {
"description": "Updates to IGMP profile applied on all Tier0 gateways consuming the configuration.",
"required": false,
"title": "Policy path to IGMP profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyMulticastConfig"
],
"relationshipType": "MULTICAST_IGMP_RELATIONSHIP",
"rightType": [
"PolicyIgmpProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pim_profile_path": {
"description": "Updates to PIM profile applied on all Tier0 gateways consuming the configuration.",
"required": false,
"title": "Policy path to PIM profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyMulticastConfig"
],
"relationshipType": "MULTICAST_PIM_RELATIONSHIP",
"rightType": [
"PolicyPimProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"replication_multicast_range": {
"description": "Replication multicast range. Required when enabled.",
"format": "ipv4-cidr-block",
"required": false,
"title": "Replication multicast range",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Multicast routing configuration",
"type": "object"
}
PolicyMulticastForwarding (type)
{
"additionalProperties": false,
"description": "Multicast Forwarding.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyMulticastForwarding",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 or Tier1 gateway.",
"required": true,
"title": "Policy path to Tier0 or Tier1 gateway",
"type": "string"
},
"mcast_forwarding_per_edge": {
"items": {
"$ref": "MulticastForwardingPerEdge
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Multicast Forwarding",
"type": "object"
}
PolicyMulticastForwardingInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyMulticastForwardingInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "MulticastForwardingCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyMulticastRoutes (type)
{
"additionalProperties": false,
"description": "Multicast Routes.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyMulticastRoutes",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"gateway_path": {
"description": "Policy path to Tier0 gateway.",
"required": true,
"title": "Policy path to Tier0 gateway",
"type": "string"
},
"mcast_routes_per_edge": {
"items": {
"$ref": "MulticastRoutesPerEdge
},
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Multicast Routes",
"type": "object"
}
PolicyMulticastRoutesInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyMulticastRoutesInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "MulticastRouteCsvRecord
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyNATRuleCounters (type)
{
"additionalProperties": false,
"description": "Gives the statistics count of a NAT rule.",
"id": "PolicyNATRuleCounters",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
}
},
"title": "Statistics count",
"type": "object"
}
PolicyNat (type)
{
"additionalProperties": false,
"description": "Represents NAT section. This object is created by default when corresponding tier-0/tier-1 is created. Under tier-0/tier-1 there will be 4 different NATs(sections). (INTERNAL, USER, DEFAULT and NAT64).",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyNat",
"module_id": "PolicyNAT",
"policy_hierarchical_children": [
"ChildPolicyVpcNatRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nat_type": {
"description": "Represents a NAT section under tier-0/tier-1.",
"enum": [
"INTERNAL",
"USER",
"DEFAULT",
"NAT64"
],
"title": "NAT section under tier-0/tier-1",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains list of NAT Rules",
"type": "object"
}
PolicyNatListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT list request parameters",
"type": "object"
}
PolicyNatListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNat
},
"required": true,
"title": "NAT list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of NAT Types",
"type": "object"
}
PolicyNatRule (type)
{
"additionalProperties": false,
"description": "Represents a NAT rule between source and destination at T0/T1 router.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyNatRule",
"module_id": "PolicyNAT",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Source NAT(SNAT) - translates a source IP address in an outbound packet so that the packet appears to originate from a different network. SNAT is only supported when the logical router is running in active-standby mode. Destination NAT(DNAT) - translates the destination IP address of inbound packets so that packets are delivered to a target address into another network. DNAT is only supported when the logical router is running in active-standby mode. Reflexive NAT(REFLEXIVE) - IP-Range and CIDR are supported to define the \"n\". The number of original networks should be exactly the same as that of translated networks. The address translation is deterministic. Reflexive is supported on both Active/Standby and Active/Active LR. NO_SNAT and NO_DNAT - These do not have support for translated_fields, only source_network and destination_network fields are supported. NAT64 - translates an external IPv6 address to a internal IPv4 address.",
"enum": [
"SNAT",
"DNAT",
"REFLEXIVE",
"NO_SNAT",
"NO_DNAT",
"NAT64"
],
"required": true,
"title": "Represents action of NAT Rule SNAT, DNAT, REFLEXIVE",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For DNAT and NO_DNAT rules, this is a mandatory field, and represents the destination network for the incoming packets. For other type of rules, optionally it can contain destination network of outgoing packets. NULL value for this field represents ANY network. For VPC DNAT NATRule, destination network address should be IPv4 address allocated from External Block associated with VPC.",
"required": false,
"title": "Represents the destination network"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The flag, which suggests whether the NAT rule is enabled or disabled. The default is True.",
"title": "Policy NAT Rule enabled flag",
"type": "boolean"
},
"firewall_match": {
"default": "MATCH_INTERNAL_ADDRESS",
"description": "It indicates how the firewall matches the address after NATing if firewall stage is not skipped. MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped. For NO_SNAT or NO_DNAT, it must be BYPASS or leave it unassigned",
"enum": [
"MATCH_EXTERNAL_ADDRESS",
"MATCH_INTERNAL_ADDRESS",
"BYPASS"
],
"required": false,
"title": "Represents the firewall match flag",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logging": {
"default": false,
"description": "The flag, which suggests whether the logging of NAT rule is enabled or disabled. The default is False.",
"title": "Policy NAT Rule logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"policy_based_vpn_mode": {
"description": "It indicates how the NSX edge applies Nat Policy for VPN traffic. It is supported only for Nat Rule action type DNAT and NO_DNAT. For all other NAT action, leave it unassigned. BYPASS - Default vpn mode. It indicates that Nat policy will be applied to the inbound traffic on Routed Based VPN tunnel, if the policy based VTI is in the \"scope\" for this rule. Default value will be set to BYPASS if MATCH - It indicates that this NAT rule will only match the Policy Based VPN traffic.",
"enum": [
"BYPASS",
"MATCH"
],
"required": false,
"title": "Indicates NSX edge Nat behaviour for inbound VPN tra",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Represents the array of policy paths of ProviderInterface or NetworkInterface or labels of type ProviderInterface or NetworkInterface or IPSecVpnSession on which the NAT rule should get enforced. The interfaces must belong to the same router for which the NAT Rule is created.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of policy paths of labels, ProviderInterface, NetworkInterface",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyNatRule"
],
"relationshipType": "NAT_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"Tier1Interface",
"Tier0Interface",
"PolicyLabel",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"default": 0,
"description": "The sequence_number decides the rule_priority of a NAT rule. Sequence_number and rule_priority have 1:1 mapping.For each NAT section, there will be reserved rule_priority numbers.The valid range of rule_priority number is from 0 to 2147483647(MAX_INT). 1. INTERNAL section rule_priority reserved from 0 - 1023 (1024 rules) valid sequence_number range 0 - 1023 2. USER section rule_priority reserved from 1024 - 2147482623 (2147481600 rules) valid sequence_number range 0 - 2147481599 3. DEFAULT section rule_priority reserved from 2147482624 - 2147483647 (1024 rules) valid sequence_number range 0 - 1023",
"title": "Sequence number of the Nat Rule",
"type": "int"
},
"service": {
"description": "It represents the path of Service on which the NAT rule will be applied. If not provided or if it is blank then Policy manager will consider it as ANY. Please note, if this is a DNAT, the destination_port of the service will be realized on NSX Manager as the translated_port. And if this is a SNAT, the destination_port will be ignored.",
"required": false,
"title": "Represents the service on which the NAT rule will be applied",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyNatRule"
],
"relationshipType": "NAT_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
}
]
},
"source_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT, NO_SNAT, NAT64 and REFLEXIVE rules, this is a mandatory field and represents the source network of the packets leaving the network. For DNAT and NO_DNAT rules, optionally it can contain source network of incoming packets. NULL value for this field represents ANY network.",
"required": false,
"title": "Represents the source network address"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"translated_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. If user specify the CIDR, this value is actually used as an IP pool that includes both the subnet and broadcast addresses as valid for NAT translations. This does not support IP range or IP sets. Comma separated list of single IP addresses is not suported for DNAT and REFLEXIVE rules. For SNAT, DNAT, NAT64 and REFLEXIVE rules, this ia a mandatory field, which represents the translated network address. For NO_SNAT and NO_DNAT this should be empty. For VPC SNAT and Refelexive NATRule, translated network address should be IPv4 address allocated from External Block associated with VPC.",
"required": false,
"title": "Represents the translated network address"
},
"translated_ports": {
"$ref": "PortElement,
"description": "Please note, if there is service configured in this NAT rule, the translated_port will be realized on NSX Manager as the destination_port. If there is no sevice configured, the port will be ignored.",
"required": false,
"title": "Port number or port range"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents a NAT rule between source and destination at T0/T1 router",
"type": "object"
}
PolicyNatRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatRuleListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT Rule list request parameters",
"type": "object"
}
PolicyNatRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRule
},
"required": true,
"title": "NAT Rules list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of NAT Rules",
"type": "object"
}
PolicyNatRuleStatistics (type)
{
"additionalProperties": false,
"description": "Gives the Statistics of a NAT rule.",
"extends": {
"$ref": "PolicyNATRuleCounters
},
"id": "PolicyNatRuleStatistics",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
},
"warning_message": {
"description": "The warning message about the NAT Rule Statistics.",
"readonly": true,
"title": "Warning Message",
"type": "string"
}
},
"title": "Statistics of NAT Rule",
"type": "object"
}
PolicyNatRuleStatisticsListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameter to get NAT rule statistics.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatRuleStatisticsListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT Rule statistics list request parameters",
"type": "object"
}
PolicyNatRuleStatisticsListResult (type)
{
"additionalProperties": false,
"description": "Gives the collection of NAT rule statistics per enforcement point.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleStatisticsListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRuleStatisticsPerEnforcementPoint
},
"required": true,
"title": "NAT rules statistics per enforcement point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of NAT Rule statistics",
"type": "object"
}
PolicyNatRuleStatisticsPerEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Gives the statistics of a NAT rule per enforcement point.",
"id": "PolicyNatRuleStatisticsPerEnforcementPoint",
"module_id": "PolicyNAT",
"properties": {
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point from where the statistics are fetched.",
"title": "Enforcement point Path",
"type": "string"
},
"rule_path": {
"description": "Path of NAT Rule.",
"title": "Path of NAT Rule",
"type": "string"
},
"rule_statistics": {
"description": "Gives NAT rule stats on an enforcement point.",
"items": {
"$ref": "PolicyNatRuleStatistics
},
"readonly": true,
"title": "Rule statistics per enforcement point",
"type": "array"
}
},
"title": "Statistics of NAT Rule per enforcement point",
"type": "object"
}
PolicyNatRuleStatisticsPerLogicalRouter (type)
{
"additionalProperties": false,
"description": "Gives the statistics of a NAT rule per logical router on specified enforcement point.",
"id": "PolicyNatRuleStatisticsPerLogicalRouter",
"module_id": "PolicyNAT",
"properties": {
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point from where the statistics are fetched.",
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"per_node_statistics": {
"description": "Detailed Rule statistics per logical router.",
"items": {
"$ref": "PolicyNatRuleStatisticsPerTransportNode
},
"readonly": true,
"title": "Detailed Rule statistics",
"type": "array"
},
"router_path": {
"description": "Path of the router.",
"title": "Router path",
"type": "string"
},
"statistics": {
"$ref": "PolicyNATRuleCounters,
"description": "Rolled up statistics for all rules on the logical router.",
"readonly": true,
"title": "Rolled up statistics"
}
},
"title": "Statistics of NAT Rule per logical router",
"type": "object"
}
PolicyNatRuleStatisticsPerLogicalRouterListResult (type)
{
"additionalProperties": false,
"description": "Gives the collection of NAT rule statistics per logical router on specified enforcement point.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleStatisticsPerLogicalRouterListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRuleStatisticsPerLogicalRouter
},
"required": true,
"title": "NAT rules statistics per logical router",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of NAT rule statistics per logical router",
"type": "object"
}
PolicyNatRuleStatisticsPerTransportNode (type)
{
"additionalProperties": false,
"description": "Gives the Statistics of a NAT rule.",
"extends": {
"$ref": "PolicyNATRuleCounters
},
"id": "PolicyNatRuleStatisticsPerTransportNode",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
},
"transport_node_path": {
"description": "Policy path of the Edge Node.",
"readonly": true,
"title": "Node path",
"type": "string"
}
},
"title": "Statistics of NAT Rule",
"type": "object"
}
PolicyNiocProfile (type) (Deprecated)
{
"deprecated": true,
"description": "This profile is created for Network I/O Control(NIOC).",
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyNiocProfile",
"module_id": "PolicyNiocProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyNiocProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true.",
"required": false,
"title": "Enabled status of NIOC feature",
"type": "boolean"
},
"host_infra_traffic_res": {
"description": "host_infra_traffic_res specifies bandwidth allocation for various traffic resources.",
"items": {
"$ref": "PolicyPolicyResourceAllocation
},
"required": false,
"title": "Resource allocation associated with NiocProfile",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Profile for Nioc",
"type": "object"
}
PolicyNonCompliantConfig (type)
{
"id": "PolicyNonCompliantConfig",
"module_id": "PolicyCompliance",
"properties": {
"affected_resources": {
"description": "Resources/Services impacted by non compliant configuration",
"items": {
"$ref": "PolicyResourceReference
},
"readonly": true,
"title": "Resources/Services impacted by non compliant configuration",
"type": "array"
},
"compliance_names": {
"description": "Names of the compliance programs according to which the affected resources are non-compliant.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Names of compliance programs",
"type": "array"
},
"description": {
"readonly": true,
"title": "Detail description of non compliant configuration with suggestive action",
"type": "string"
},
"non_compliance_code": {
"readonly": true,
"title": "Code for non compliant configuration",
"type": "integer"
},
"reported_by": {
"$ref": "PolicyResourceReference,
"readonly": true,
"title": "Id and name of non compliant resource/service"
}
},
"type": "object"
}
PolicyNsLookupParameters (type)
{
"extends": {
"$ref": "PolicyRuntimeOnEpRequestParameters
},
"id": "PolicyNsLookupParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"address": {
"required": false,
"title": "IP address or FQDN for nslookup",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"type": "object"
}
PolicyOspfDatabaseListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyOspfDatabaseListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "OspfDatabaseStatus
},
"readonly": true,
"required": true,
"title": "array of OSPF database data",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"tier0_path": {
"readonly": true,
"required": true,
"title": "Policy path for Tier0 gateway",
"type": "string"
}
},
"type": "object"
}
PolicyPimProfile (type)
{
"additionalProperties": false,
"description": "PIM profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyPimProfile",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bsm_enabled": {
"default": true,
"description": "Activate/deactivate bootstrap messaging Configuration.",
"required": false,
"title": "Activate/deactivate bootstrap messaging Configuration",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rp_address": {
"$ref": "IPAddress,
"deprecated": true,
"description": "This field is deprecated and recommended to use rp_address_multicast_ranges",
"required": false,
"title": "Static IPv4 multicast address configuration"
},
"rp_address_multicast_ranges": {
"description": "Static IPv4 multicast address and assciated multicast groups configuration.",
"items": {
"$ref": "RpAddressMulticastRanges
},
"required": false,
"title": "Static IPv4 multicast address and assciated multicast groups configuration",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "PIM profile",
"type": "object"
}
PolicyPimProfileListRequestParameters (type)
{
"additionalProperties": false,
"description": "PIM Profile list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyPimProfileListRequestParameters",
"module_id": "PolicyMulticast",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PIM Profile list request parameters",
"type": "object"
}
PolicyPimProfileListResult (type)
{
"additionalProperties": false,
"description": "Collection of Pim Profile.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyPimProfileListResult",
"module_id": "PolicyMulticast",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "PIM Profile list results.",
"items": {
"$ref": "PolicyPimProfile
},
"required": true,
"title": "PIM Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Pim Profile",
"type": "object"
}
PolicyPktCapResource (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PktCapResource
},
"id": "PolicyPktCapResource",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyPktCapResource"
},
"properties": {
"logical_port_path": {
"readonly": true,
"required": false,
"title": "The path of segment port or router port where the packets are captured",
"type": "string"
},
"pktcap_file_download_url": {
"readonly": true,
"required": true,
"title": "Packet capture file download URL",
"type": "string"
},
"port_id": {
"readonly": true,
"required": true,
"title": "The ID of logical port where packet capture action is performed",
"type": "string"
},
"resource_type": {
"required": true,
"title": "Type of packet capture resource",
"type": "string"
}
},
"type": "object"
}
PolicyPolicyResourceAllocation (type)
{
"description": "Specify limit, shares and reservation for all kinds of traffic. Values for limit and reservation are expressed in percentage. And for shares, the value is expressed as a number between 1-100. The overall reservation among all traffic types should not exceed 75%. Otherwise, the API request will be rejected.",
"id": "PolicyPolicyResourceAllocation",
"module_id": "PolicyNiocProfile",
"properties": {
"limit": {
"default": -1.0,
"description": "The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API.",
"maximum": 100,
"minimum": -1,
"required": true,
"title": "Maximum bandwidth percentage",
"type": "number"
},
"reservation": {
"default": 0.0,
"maximum": 75,
"minimum": 0,
"required": true,
"title": "Minimum guaranteed bandwidth percentage",
"type": "number"
},
"shares": {
"default": 50,
"maximum": 100,
"minimum": 1,
"required": true,
"title": "Shares",
"type": "int"
},
"traffic_type": {
"$ref": "PolicyHostInfraTrafficType,
"required": true,
"title": "Resource allocation traffic type"
}
},
"title": "Resource allocation information for a host infrastructure traffic type",
"type": "object"
}
PolicyPoolUsage (type)
{
"additionalProperties": false,
"description": "IP usage statistics in a IpAddressPool.",
"id": "PolicyPoolUsage",
"module_id": "PolicyIpam",
"properties": {
"allocated_ip_allocations": {
"description": "Total number of allocated IPs shown are from NSX manager. NSX manager uses default release delay of 2 mins. Till this delay passes, IPs will be shown as allocated (and counted in allocated ips). In this period of time there could be mismatch in requested_ip_allocations and allocated_ip_allocations.",
"readonly": true,
"title": "Total number of allocated IPs in a IpAddressPool",
"type": "integer"
},
"available_ips": {
"readonly": true,
"title": "Total number of available IPs in a IpAddressPool",
"type": "integer"
},
"requested_ip_allocations": {
"readonly": true,
"title": "Total number of requested IP allocations in a IpAddressPool",
"type": "integer"
},
"total_ips": {
"readonly": true,
"title": "Total number of IPs in a IpAddressPool",
"type": "integer"
}
},
"type": "object"
}
PolicyRealizedResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Abstract base class for all the realized policy objects",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyRealizedResource",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base class for all the realized policy objects",
"type": "object"
}
PolicyRelatedApiError (type)
{
"id": "PolicyRelatedApiError",
"module_id": "PolicyRealizedState",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
}
},
"title": "Detailed information about errors from API call to an enforcement point",
"type": "object"
}
PolicyRequestParameter (type)
{
"additionalProperties": false,
"description": "Optional API Request Parameter to be used in HAPI.",
"id": "PolicyRequestParameter",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Represents optional API request parameter to be used in HAPI",
"type": "object"
}
PolicyResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Abstract base class for all the policy objects.",
"extends": {
"$ref": "ManagedResource
},
"id": "PolicyResource",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base class for all the policy objects",
"type": "object"
}
PolicyResourceReference (type)
{
"additionalProperties": false,
"description": "Policy resource reference.",
"extends": {
"$ref": "ResourceReference
},
"id": "PolicyResourceReference",
"module_id": "Policy",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this resource. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of resource",
"type": "string"
},
"path": {
"description": "Absolute path of this object.",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"project_scope": {
"description": "Project scope of policy resource",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Project scope of policy resource",
"type": "array"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Policy resource reference",
"type": "object"
}
PolicyResourceReferenceForEP (type)
{
"additionalProperties": false,
"description": "Policy resource reference for enforcement point",
"extends": {
"$ref": "PolicyResourceReference
},
"id": "PolicyResourceReferenceForEP",
"module_id": "PolicyGroupRealization",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns this group. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns a group",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this resource. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of resource",
"type": "string"
},
"path": {
"description": "Absolute path of this object.",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"project_scope": {
"description": "Project scope of policy resource",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Project scope of policy resource",
"type": "array"
},
"remote_path": {
"description": "This is the path of the object on the local managers when queried on the NSX+ service, and path of the object on NSX+ service when queried from the local managers.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Policy resource reference for enforcement point",
"type": "object"
}
PolicyResourceReferenceForEPListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of policy resource references for enforcement point",
"extends": {
"$ref": "ListResult
},
"id": "PolicyResourceReferenceForEPListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyResourceReferenceForEP
},
"required": true,
"title": "Paged Collection of policy resource references for enforcement point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy resource reference list for enforcement point",
"type": "object"
}
PolicyResourceReferenceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyResourceReferenceListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyResourceReference
},
"required": true,
"title": "Policy resource references list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of PolicyResourceReference",
"type": "object"
}
PolicyRouteAdvertisementRule (type)
{
"additionalProperties": false,
"description": "policy route advertisement rule.",
"id": "PolicyRouteAdvertisementRule",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"default": "PERMIT",
"description": "Action to advertise filtered routes to the connected Tier0 gateway. PERMIT: Enables the advertisment DENY: Disables the advertisement",
"enum": [
"PERMIT",
"DENY"
],
"required": true,
"title": "Action to advertise routes",
"type": "string"
},
"name": {
"description": "Display name for rule.",
"required": false,
"title": "Display name for rule",
"type": "string"
},
"prefix_operator": {
"default": "GE",
"description": "Prefix operator to filter subnets. GE prefix operator filters all the routes with prefix length greater than or equal to the subnets configured. EQ prefix operator filter all the routes with prefix length equal to the subnets configured.",
"enum": [
"GE",
"EQ"
],
"required": false,
"title": "Prefix operator to match subnets",
"type": "string"
},
"route_advertisement_types": {
"description": "Enable different types of route advertisements.",
"items": {
"$ref": "InterVrfRouteAdvertisementTypes
},
"required": false,
"title": "Enable different types of route advertisements",
"type": "array"
},
"subnets": {
"description": "Network CIDRs to be routed.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"required": false,
"title": "Network CIDRs",
"type": "array"
}
},
"title": "policy route advertisement rule",
"type": "object"
}
PolicyRuntimeAlarm (type)
{
"description": "Alarm associated with the PolicyRuntimeInfoPerEP that exposes potential errors when retrieving runtime information from the enforcement point.",
"id": "PolicyRuntimeAlarm",
"module_id": "PolicyBaseStatistics",
"properties": {
"error_details": {
"$ref": "PolicyApiError,
"description": "Detailed information about errors from an API call made to the enforcement point, if any.",
"readonly": true,
"title": "Error Detailed Information"
},
"error_id": {
"description": "Alarm error id.",
"readonly": true,
"title": "Alarm Error Id",
"type": "string"
},
"message": {
"description": "Error message describing the issue.",
"readonly": true,
"title": "Error Message to Describe the Issue",
"type": "string"
}
},
"title": "Alarm of PolicyRuntimeInfoPerEP",
"type": "object"
}
PolicyRuntimeInfoPerEP (type)
{
"abstract": true,
"description": "Runtime Info Per Enforcement Point.",
"id": "PolicyRuntimeInfoPerEP",
"module_id": "PolicyBaseStatistics",
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
}
},
"title": "PolicyRuntimeInfoPerEP",
"type": "object"
}
PolicyRuntimeOnEpRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request on runtime information can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.",
"id": "PolicyRuntimeOnEpRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Runtime on enforcement point",
"type": "object"
}
PolicyRuntimeRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path and data source. A request on runtime information can be parameterized with this pair and will be evaluted as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.",
"extends": {
"$ref": "DataSourceParameters
},
"id": "PolicyRuntimeRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Policy Runtime Information",
"type": "object"
}
PolicySIEnforcementPointRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request can be | parameterized with this path and will be evaluted as follows | > no enforcement point path specified: the request is evaluated on DEFAULT enforcement point. > {enforcement_point_path}: the request is evaluated only on the given enforcement | point.",
"id": "PolicySIEnforcementPointRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Policy Service Insertion Request Parameters",
"type": "object"
}
PolicySIExcludeList (type)
{
"additionalProperties": false,
"description": "List of entities where Service Insertion will not be enforced. Exclusion List can contain PolicyGroup(s) or SegmentPort(s) or Segment(s).",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicySIExcludeList",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of the members in the exclude list",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "ExcludeList member list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicySIExcludeList"
],
"relationshipType": "SI_EXCLUDE_LIST_RELATIONSHIP",
"rightType": [
"Segment",
"SegmentPort",
"Group"
]
}
]
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Insertion Exclusion List",
"type": "object"
}
PolicySIStatusConfiguration (type)
{
"description": "It represents status of Service Insertion for North-South and East-West context types.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicySIStatusConfiguration",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"east_west_enabled": {
"default": false,
"description": "If set to true, service insertion for east-west traffic is enabled.",
"title": "East-West status flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"north_south_enabled": {
"default": false,
"description": "If set to true, service insertion for north-south traffic is enabled.",
"title": "North-South status flag",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Insertion Status",
"type": "object"
}
PolicyServiceChain (type)
{
"description": "Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyServiceChain",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_policy": {
"default": "ALLOW",
"description": "Failure policy for the service defines the action to be taken i.e to allow or to block the traffic during failure scenarios.",
"enum": [
"ALLOW",
"BLOCK"
],
"readonly": false,
"required": false,
"title": "Failure Policy",
"type": "string"
},
"forward_path_service_profiles": {
"description": "Forward path service profiles are applied to ingress traffic.",
"items": {
"type": "string"
},
"maxItems": 4,
"readonly": false,
"required": true,
"title": "Forward path service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"path_selection_policy": {
"default": "LOCAL",
"description": "Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - Preference to be given to local service insances. REMOTE - Preference to be given to the SVM co-located on the same host. ROUND_ROBIN - All active service paths are hit with equal probability.",
"enum": [
"ANY",
"LOCAL",
"REMOTE",
"ROUND_ROBIN"
],
"readonly": false,
"required": false,
"title": "Path Selection Policy",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"reverse_path_service_profiles": {
"description": "Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.",
"items": {
"type": "string"
},
"maxItems": 4,
"readonly": false,
"required": false,
"title": "Reverse path service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"service_segment_path": {
"description": "Path to service segment using which the traffic needs to be redirected.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Path to service segment",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_SEGMENT_RELATIONSHIP",
"rightType": [
"ServiceSegment"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Service Chain",
"type": "object"
}
PolicyServiceChainListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyServiceChainListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyServiceChain
},
"required": true,
"title": "All PolicyServiceChain objects",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Service Chain List",
"type": "object"
}
PolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Represents an instance of partner Service and its configuration.",
"extends": {
"$ref": "BasePolicyServiceInstance
},
"id": "PolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"required": true,
"title": "Deployment Template attributes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compute_id": {
"description": "Id of the compute(ResourcePool) to which this service needs to be deployed.",
"required": true,
"title": "Id of the compute resource.",
"type": "string"
},
"context_id": {
"description": "UUID of VCenter/Compute Manager as seen on NSX Manager, to which this service needs to be deployed.",
"required": false,
"title": "Id of the compute manager",
"type": "string"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"deployment_spec_name": {
"description": "Form factor for the deployment of partner service.",
"required": true,
"title": "Name of the Deployment Specification",
"type": "string"
},
"deployment_template_name": {
"description": "Template for the deployment of partnet service.",
"required": true,
"title": "Name of the Deployment Template",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_policy": {
"default": "BLOCK",
"description": "Failure policy for the Service VM. If this values is not provided, it will be defaulted to FAIL_CLOSE.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "Failure policy for the Service VM",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"primary_gateway_address": {
"$ref": "IPElement,
"description": "Gateway address for primary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided.",
"required": false,
"title": "Gateway for primary management console"
},
"primary_interface_mgmt_ip": {
"$ref": "IPElement,
"description": "Management IP Address of primary interface of the Service",
"required": true,
"title": "Management IP Address of primary interface of the Service"
},
"primary_interface_network": {
"description": "Path of the segment to which primary interface of the Service VM needs to be connected",
"required": false,
"title": "Path of the segment to which primary interface of the Service VM needs to be connected",
"type": "string"
},
"primary_portgroup_id": {
"description": "Id of the standard or ditsributed port group for primary management console. Please note that only 1 of the 2 values from 1. primary_interface_network 2. primary_portgroup_id are allowed to be passed. Both can't be passed in the same request.",
"required": false,
"title": "Id of the standard or ditsributed port group for primary management console",
"type": "string"
},
"primary_subnet_mask": {
"$ref": "IPElement,
"description": "Subnet for primary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided.",
"required": false,
"title": "Subnet for primary management console IP"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"secondary_gateway_address": {
"$ref": "IPElement,
"description": "Gateway address for secondary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided.",
"required": false,
"title": "Gateway for secondary management console"
},
"secondary_interface_mgmt_ip": {
"$ref": "IPElement,
"description": "Management IP Address of secondary interface of the Service",
"required": false,
"title": "Management IP Address of secondary interface of the Service"
},
"secondary_interface_network": {
"description": "Path of segment to which secondary interface of the Service VM needs to be connected",
"required": false,
"title": "Path of segment to which secondary interface of the Service VM needs to be connected",
"type": "string"
},
"secondary_portgroup_id": {
"description": "Id of the standard or ditsributed port group for secondary management console. Please note that only 1 of the 2 values from 1. secondary_interface_network 2. secondary_portgroup_id are allowed to be passed. Both can't be passed in the same request.",
"required": false,
"title": "Id of the standard or ditsributed port group for secondary management console",
"type": "string"
},
"secondary_subnet_mask": {
"$ref": "IPElement,
"description": "Subnet for secondary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided.",
"required": false,
"title": "Subnet for secondary management console IP"
},
"storage_id": {
"description": "Id of the storage(Datastore). VC moref of Datastore to which this service needs to be deployed.",
"required": true,
"title": "Id of the storage",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an instance of partner Service and its configuration",
"type": "object"
}
PolicyServiceInstanceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyServiceInstanceListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyServiceInstance list request parameters",
"type": "object"
}
PolicyServiceInstanceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyServiceInstanceListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyServiceInstance
},
"required": true,
"title": "Service instance list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of only SI objects",
"type": "object"
}
PolicyServiceInstanceStatistics (type)
{
"description": "Statistics for NICs for a PolicyServiceInstance",
"extends": {
"$ref": "Resource
},
"id": "PolicyServiceInstanceStatistics",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"enforcement_point_path": {
"description": "Enforcement point path, forward slashes must be escaped using %2F.",
"readonly": true,
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"instance_runtime_statistics": {
"description": "Statistics for the data NICs for all the runtimes associated with this service instance.",
"items": {
"$ref": "InstanceRuntimeStatistic
},
"readonly": true,
"required": false,
"title": "Statistics for all runtimes",
"type": "array"
},
"service_instance_id": {
"description": "PolicyServiceInsatnce path",
"readonly": true,
"required": true,
"title": "PolicyServiceInstance path",
"type": "string"
}
},
"title": "Statistics for NICs on PolicyServiceInstance",
"type": "object"
}
PolicyServiceProfile (type)
{
"description": "Service profile represents specialization of a vendor template. User may provide any of the vendor_template_name or vendor_template_key properties. But in case of multiple vendor templates with the same name, it is recommended to use the vendor_template_key. When both attributes are provided, name is ignored and only key is used to identify the template. If there are multiple templates with same name, and vendor_template_name is provided, realization will fail.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyServiceProfile",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to NSX. If a vendor template exposes configurable parameters, then their values are specified here.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service profile attributes",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"redirection_action": {
"description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Redirection action is not applicable to guest introspection service.",
"enum": [
"PUNT",
"COPY"
],
"readonly": false,
"required": false,
"title": "Redirection action",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vendor_template_key": {
"description": "The vendor template key property of actual vendor template. This should be used when multiple templates with same name exist.",
"required": false,
"title": "Vendor Template Key",
"type": "string"
},
"vendor_template_name": {
"description": "Name of the vendor template for which this Service Profile is being created.",
"readonly": false,
"required": false,
"title": "Vendor template name",
"type": "string"
}
},
"title": "Policy Service Profile for a given Service",
"type": "object"
}
PolicyServiceProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyServiceProfileListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Service Profile list request parameters",
"type": "object"
}
PolicyServiceProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyServiceProfileListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyServiceProfile
},
"required": true,
"title": "Service Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Service Profile List",
"type": "object"
}
PolicyServiceReferenceCascadeDeletionParam (type)
{
"id": "PolicyServiceReferenceCascadeDeletionParam",
"module_id": "PolicyServiceInsertion",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete all children associated with service reference",
"type": "boolean"
}
},
"title": "Service reference casade delete param",
"type": "object"
}
PolicyStaticRouteAdvertisement (type)
{
"additionalProperties": false,
"description": "policy static route advertisement.",
"id": "PolicyStaticRouteAdvertisement",
"module_id": "PolicyConnectivity",
"properties": {
"advertisement_rules": {
"description": "Route advertisement rules.",
"items": {
"$ref": "PolicyRouteAdvertisementRule
},
"required": false,
"title": "Route advertisement rules",
"type": "array"
},
"in_filter_prefix_list": {
"description": "Paths of ordered Prefix list, it breaks after first match.",
"items": {
"type": "string"
},
"maxItems": 5,
"required": false,
"title": "Paths of ordered Prefix list",
"type": "array"
}
},
"title": "policy static route advertisement",
"type": "object"
}
PolicyStatisticsAggregateParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter for aggregating Policy statistics on enforcement point.",
"extends": {
"$ref": "StatisticsRequestParameters
},
"id": "PolicyStatisticsAggregateParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"action": {
"description": "Action to take on statistics for an object.",
"enum": [
"aggregate"
],
"required": false,
"title": "Action on statistics",
"type": "string"
},
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Statistics Aggregate",
"type": "object"
}
PolicyStatisticsResetParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter for resetting Policy statistics on enforcement point.",
"extends": {
"$ref": "PolicyRuntimeOnEpRequestParameters
},
"id": "PolicyStatisticsResetParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"action": {
"description": "Action to take on statistics for an object.",
"enum": [
"reset"
],
"required": true,
"title": "Action on statistics",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Statistics Reset",
"type": "object"
}
PolicySubAttributes (type)
{
"additionalProperties": false,
"id": "PolicySubAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for sub attribute",
"type": "string"
},
"key": {
"enum": [
"TLS_CIPHER_SUITE",
"TLS_VERSION",
"CIFS_SMB_VERSION"
],
"required": true,
"title": "Key for sub attribute",
"type": "string"
},
"value": {
"description": "Multiple sub attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for sub attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Sub Attributes data holder",
"type": "object"
}
PolicyTask (type)
{
"abstract": true,
"additionalProperties": false,
"description": "This object holds the information of the task.",
"extends": {
"$ref": "TaskProperties
},
"id": "PolicyTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Task information",
"type": "object"
}
PolicyTepCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyTepCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "PolicyTepTableCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyTepListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTepListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyTepTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
PolicyTepTableCsvRecord (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "PolicyTepTableCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"segment_id": {
"description": "This is the identifier of the TEP segment. This segment is NOT the same as logical segment or logical switch.",
"required": false,
"title": "TEP segment identifier",
"type": "string"
},
"tep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The tunnel endpoint IP address"
},
"tep_label": {
"required": true,
"title": "The tunnel endpoint label",
"type": "integer"
},
"tep_mac_address": {
"required": true,
"title": "The tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
PolicyTepTableEntry (type)
{
"additionalProperties": false,
"id": "PolicyTepTableEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"segment_id": {
"required": false,
"title": "The segment Id",
"type": "string"
},
"tep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The tunnel endpoint IP address"
},
"tep_label": {
"required": false,
"title": "The tunnel endpoint label",
"type": "integer"
},
"tep_mac_address": {
"required": false,
"title": "The tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
PolicyTier1MulticastConfig (type)
{
"additionalProperties": false,
"description": "Multicast routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTier1MulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Activate/deactivate Multicast Configuration. Whenever service router needs to be added/deleted from tier1, user needs to deactivate multicast first.",
"required": false,
"title": "Activate/deactivate Multicast Configuration",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Multicast routing configuration",
"type": "object"
}
PolicyTimeIntervalValue (type)
{
"id": "PolicyTimeIntervalValue",
"module_id": "PolicyFirewallScheduler",
"properties": {
"end_interval": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 17:30.",
"required": true,
"title": "End time of the interval",
"type": "string"
},
"start_interval": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 9:00.",
"required": true,
"title": "Start time of the interval",
"type": "string"
}
},
"title": "Time interval on which firewall schedule will be applicable",
"type": "object"
}
PolicyTraceflowObservationDelivered (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDelivered
},
"id": "PolicyTraceflowObservationDelivered",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDelivered"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the interface into which the traceflow packet was delivered (e.g.,\nTier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"readonly": true,
"required": false,
"title": "Path of interface",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"parent_port_path": {
"Description": "The port path of the corresponding parent port for current deliver observation point.\n",
"nsx_feature": "ChildSegment",
"required": false,
"title": "Path of parent segment port",
"type": "string"
},
"resolution_type": {
"description": "This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by IP table. ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table. ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP. ARP_VM - No suppression and the ARP request is resolved by VM. ARP_LRP - No suppression and the ARP request is resolved by logical router.",
"enum": [
"UNKNOWN",
"ARP_SUPPRESSION_PORT_CACHE",
"ARP_SUPPRESSION_TABLE",
"ARP_SUPPRESSION_CP_QUERY",
"ARP_VM",
"ARP_LRP"
],
"readonly": true,
"required": false,
"title": "The resolution type of the delivered message for ARP",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"Description": "The path of the segment port into\nwhich the traceflow packet was delivered.\n",
"readonly": true,
"required": false,
"title": "Path of segment port",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"target_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address of the resolved IP by ARP",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan_id": {
"$ref": "VlanID,
"required": false,
"title": "VLAN on bridged network"
}
},
"type": "object"
}
PolicyTraceflowObservationDropped (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDropped
},
"id": "PolicyTraceflowObservationDropped",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDropped"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the interface at which the traceflow packet was dropped (e.g.,\nTier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"readonly": true,
"required": false,
"title": "Path of interface",
"type": "string"
},
"ipsec_fail_reason": {
"description": "This field specifies the IPSec VPN fails reason IPSEC_SA_NOT_FOUND - IPSec SA required for processing the packet does not exist IPSEC_UDP_ENC_STATE_MISMATCH - ESP packet is UDP encapsulated but IPsec SA does not expect UDP encapsulation IPSEC_SEQ_ROLLOVER - IPSec SA sequence number has exceeded the maximum value IPSEC_FRAG_NEEDED - Received packet has DF bit set in IP header but requires fragmentation due to ESP encapsulation IPSEC_TUN_IFACE_DOWN - IPSec tunnel interface is down IPSEC_POLICY_NOMATCH - Received packet does not match IPSec policy IPSEC_POLICY_BLOCK - IPSec packet processing failed IPSEC_POLICY_ERROR - IPSec packet processing failed IPSEC_REPLAY_SEQ_NUM_REPEAT - IPSec packet is dropped due to replay IPSEC_REPLAY_RECV_DELAY - IPSec packet is dropped due to replay IPSEC_REPLAY_PROC_DELAY - IPSec packet is dropped due to replay IPSEC_ZERO_SEQ_NUM_RECVD - ESP packet is received with sequence number as zero IPSEC_ENQUEUE_FAIL - Packet processing failed during crypto operation IPSEC_AUTH_DGST_MISMATCH - Packet integrity check failed due to digest mismatch IPSEC_AUTH_DGST_SIZE_MISMATCH - Packet integrity check failed due to invalid digest length IPSEC_AUTH_UNSUPPORTED_ALGO - Packet integrity check failed due to unsupported hash algorithm IPSEC_CRYPTO_FAIL - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_INCOMPLETE - Packet processing failed during crypto operation IPSEC_CRYPTO_SESSION_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_ARGS_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_ERROR - Packet processing failed during crypto operation IPSEC_CRYPTO_NO_BUF_SPACE - Packet processing failed during crypto operation IPSEC_CRYPTO_UNSUPPORTED_CIPHER - Packet processing failed during crypto operation IPSEC_MALFORMED - Received ESP packet is malformed IPSEC_MALFORMED_INV_PADDING - Received ESP packet is malformed IPSEC_PADDING_REMOVAL_FAILED - Received ESP packet is malformed IPSEC_INNER_MALFORMED - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_IP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_UDP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_TCP - IP packet after ESP decryption is malformed IPSEC_UNKNOWN - IPSec VPN failure reason is unknown",
"enum": [
"IPSEC_SA_NOT_FOUND",
"IPSEC_UDP_ENC_STATE_MISMATCH",
"IPSEC_SEQ_ROLLOVER",
"IPSEC_FRAG_NEEDED",
"IPSEC_TUN_IFACE_DOWN",
"IPSEC_POLICY_NOMATCH",
"IPSEC_POLICY_BLOCK",
"IPSEC_POLICY_ERROR",
"IPSEC_REPLAY_SEQ_NUM_REPEAT",
"IPSEC_REPLAY_RECV_DELAY",
"IPSEC_REPLAY_PROC_DELAY",
"IPSEC_ZERO_SEQ_NUM_RECVD",
"IPSEC_ENQUEUE_FAIL",
"IPSEC_AUTH_DGST_MISMATCH",
"IPSEC_AUTH_DGST_SIZE_MISMATCH",
"IPSEC_AUTH_UNSUPPORTED_ALGO",
"IPSEC_CRYPTO_FAIL",
"IPSEC_CRYPTO_PROC_INCOMPLETE",
"IPSEC_CRYPTO_SESSION_INV",
"IPSEC_CRYPTO_ARGS_INV",
"IPSEC_CRYPTO_PROC_ERROR",
"IPSEC_CRYPTO_NO_BUF_SPACE",
"IPSEC_CRYPTO_UNSUPPORTED_CIPHER",
"IPSEC_MALFORMED",
"IPSEC_MALFORMED_INV_PADDING",
"IPSEC_PADDING_REMOVAL_FAILED",
"IPSEC_INNER_MALFORMED",
"IPSEC_INNER_MALFORMED_IP",
"IPSEC_INNER_MALFORMED_UDP",
"IPSEC_INNER_MALFORMED_TCP",
"IPSEC_UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of IPSec VPN traceflow packet",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall NO_MAC - Drop by vswitch as no destination MAC hit MAC Table. FILTERED_UPLINK - Filtering applied at the corresponding UPLINK having no aggregation.",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN",
"FILTERED_UPLINK"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"Description": "The path of the segment port at which the\ntraceflow packet was dropped.\n",
"readonly": true,
"required": false,
"title": "Path of segment port",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTraceflowObservationDroppedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDroppedLogical
},
"id": "PolicyTraceflowObservationDroppedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDroppedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that dropped the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that dropped the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the interface at which traceflow packet was dropped (e.g.,\nTier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"readonly": true,
"required": false,
"title": "Path of interface",
"type": "string"
},
"ipsec_fail_reason": {
"description": "This field specifies the IPSec VPN fails reason IPSEC_SA_NOT_FOUND - IPSec SA required for processing the packet does not exist IPSEC_UDP_ENC_STATE_MISMATCH - ESP packet is UDP encapsulated but IPsec SA does not expect UDP encapsulation IPSEC_SEQ_ROLLOVER - IPSec SA sequence number has exceeded the maximum value IPSEC_FRAG_NEEDED - Received packet has DF bit set in IP header but requires fragmentation due to ESP encapsulation IPSEC_TUN_IFACE_DOWN - IPSec tunnel interface is down IPSEC_POLICY_NOMATCH - Received packet does not match IPSec policy IPSEC_POLICY_BLOCK - IPSec packet processing failed IPSEC_POLICY_ERROR - IPSec packet processing failed IPSEC_REPLAY_SEQ_NUM_REPEAT - IPSec packet is dropped due to replay IPSEC_REPLAY_RECV_DELAY - IPSec packet is dropped due to replay IPSEC_REPLAY_PROC_DELAY - IPSec packet is dropped due to replay IPSEC_ZERO_SEQ_NUM_RECVD - ESP packet is received with sequence number as zero IPSEC_ENQUEUE_FAIL - Packet processing failed during crypto operation IPSEC_AUTH_DGST_MISMATCH - Packet integrity check failed due to digest mismatch IPSEC_AUTH_DGST_SIZE_MISMATCH - Packet integrity check failed due to invalid digest length IPSEC_AUTH_UNSUPPORTED_ALGO - Packet integrity check failed due to unsupported hash algorithm IPSEC_CRYPTO_FAIL - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_INCOMPLETE - Packet processing failed during crypto operation IPSEC_CRYPTO_SESSION_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_ARGS_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_ERROR - Packet processing failed during crypto operation IPSEC_CRYPTO_NO_BUF_SPACE - Packet processing failed during crypto operation IPSEC_CRYPTO_UNSUPPORTED_CIPHER - Packet processing failed during crypto operation IPSEC_MALFORMED - Received ESP packet is malformed IPSEC_MALFORMED_INV_PADDING - Received ESP packet is malformed IPSEC_PADDING_REMOVAL_FAILED - Received ESP packet is malformed IPSEC_INNER_MALFORMED - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_IP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_UDP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_TCP - IP packet after ESP decryption is malformed IPSEC_UNKNOWN - IPSec VPN failure reason is unknown",
"enum": [
"IPSEC_SA_NOT_FOUND",
"IPSEC_UDP_ENC_STATE_MISMATCH",
"IPSEC_SEQ_ROLLOVER",
"IPSEC_FRAG_NEEDED",
"IPSEC_TUN_IFACE_DOWN",
"IPSEC_POLICY_NOMATCH",
"IPSEC_POLICY_BLOCK",
"IPSEC_POLICY_ERROR",
"IPSEC_REPLAY_SEQ_NUM_REPEAT",
"IPSEC_REPLAY_RECV_DELAY",
"IPSEC_REPLAY_PROC_DELAY",
"IPSEC_ZERO_SEQ_NUM_RECVD",
"IPSEC_ENQUEUE_FAIL",
"IPSEC_AUTH_DGST_MISMATCH",
"IPSEC_AUTH_DGST_SIZE_MISMATCH",
"IPSEC_AUTH_UNSUPPORTED_ALGO",
"IPSEC_CRYPTO_FAIL",
"IPSEC_CRYPTO_PROC_INCOMPLETE",
"IPSEC_CRYPTO_SESSION_INV",
"IPSEC_CRYPTO_ARGS_INV",
"IPSEC_CRYPTO_PROC_ERROR",
"IPSEC_CRYPTO_NO_BUF_SPACE",
"IPSEC_CRYPTO_UNSUPPORTED_CIPHER",
"IPSEC_MALFORMED",
"IPSEC_MALFORMED_INV_PADDING",
"IPSEC_PADDING_REMOVAL_FAILED",
"IPSEC_INNER_MALFORMED",
"IPSEC_INNER_MALFORMED_IP",
"IPSEC_INNER_MALFORMED_UDP",
"IPSEC_INNER_MALFORMED_TCP",
"IPSEC_UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of IPSec VPN traceflow packet",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"jumpto_rule_path": {
"description": "The path of the jump-to rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "Jump-to Rule Path",
"type": "string"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_path": {
"description": "The path of the l2 rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "L2 Rule Path",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall NO_MAC - Drop by vswitch as no destination MAC hit MAC Table. FILTERED_UPLINK - Filtering applied at the corresponding UPLINK having no aggregation.",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN",
"FILTERED_UPLINK"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"Description": "The path of the segment port at which traceflow packet\nwas dropped.\n",
"readonly": true,
"required": false,
"title": "Path of segment port",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_path_index": {
"description": "The index of service path that is a chain of services represents the point where the traceflow packet was dropped.",
"readonly": true,
"required": false,
"title": "The index of service path",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTraceflowObservationForwardedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationForwardedLogical
},
"id": "PolicyTraceflowObservationForwardedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationForwardedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to forward the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that forwarded the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that forwarded the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_component_id": {
"readonly": true,
"required": false,
"title": "The id of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_name": {
"readonly": true,
"required": false,
"title": "The name of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_path": {
"readonly": true,
"required": false,
"title": "The path of the destination component to which the traceflow packet was forwarded",
"type": "string"
},
"dst_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the destination component to which the traceflow packet was forwarded."
},
"interface_path": {
"Description": "The path of the interface through which the traceflow packet was forwarded (e.g.,\nTier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"readonly": true,
"required": false,
"title": "Path of interface",
"type": "string"
},
"ipsec_vpn": {
"$ref": "TraceflowObservationIpsecVpn,
"description": "This field is specified when the traceflow packet was forwarded through IPSec VPN.",
"readonly": true,
"required": false,
"title": "IPSec VPN on which the traceflow packet was forwarded"
},
"ipsec_vpn_path": {
"$ref": "PolicyTraceflowObservationIpsecVpn,
"readonly": true,
"required": false,
"title": "The related path of IPsec VPN through which the traceflow packet was forwarded"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"jumpto_rule_path": {
"description": "The path of the jump-to rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "Jump-to Rule Path",
"type": "string"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_path": {
"description": "The path of the l2 rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "L2 Rule Path",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to forward the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"next_hop": {
"$ref": "IPAddress,
"description": "This field is specified when the traceflow packet was routed by logical router.",
"readonly": true,
"required": false,
"title": "Next hop IP address of matched routing entry"
},
"resend_type": {
"description": "ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type",
"enum": [
"UNKNOWN",
"ARP_UNKNOWN_FROM_CP",
"ND_NS_UNKNWON_FROM_CP"
],
"readonly": true,
"required": false,
"title": "The type of packet resending",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"route_prefix": {
"$ref": "IPCIDRBlock,
"description": "This field is specified when the traceflow packet was routed by logical router.",
"readonly": true,
"required": false,
"title": "Prefix of matched routing entry"
},
"segment_port_path": {
"Description": "The path of the segment port through which the\ntraceflow packet was forwarded.\n",
"readonly": true,
"required": false,
"title": "Path of segment port",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_index": {
"readonly": true,
"required": false,
"title": "The index of the service insertion component",
"type": "integer"
},
"service_path_index": {
"readonly": true,
"required": false,
"title": "The path index of the service insertion component",
"type": "integer"
},
"service_ttl": {
"readonly": true,
"required": false,
"title": "The ttl of the service insertion component",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"spoofguard_ip": {
"$ref": "IPCIDRBlock,
"description": "This field specified the prefix IP address a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "Prefix IP address matched in the whitelist in spoofguard"
},
"spoofguard_mac": {
"$ref": "MACAddress,
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address matched in the whitelist in spoofguard"
},
"spoofguard_vlan_id": {
"$ref": "VlanID,
"description": "This field specified the VLAN id a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "VLAN id matched in the whitelist in spoofguard"
},
"svc_nh_mac": {
"description": "MAC address of nexthop for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of nexthop",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"translated_dst_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated destination IP address of VNP/NAT"
},
"translated_src_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated source IP address of VPN/NAT"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was forwarded by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was forwarded"
},
"vni": {
"description": "This field is specified when the traceflow packet was forwarded by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was forwarded.",
"type": "int"
}
},
"type": "object"
}
PolicyTraceflowObservationIpsecVpn (type)
{
"additionalProperties": false,
"id": "PolicyTraceflowObservationIpsecVpn",
"module_id": "PolicyConnectivity",
"properties": {
"session_path": {
"readonly": true,
"required": false,
"title": "The path of the IPsec VPN session",
"type": "string"
},
"vti_path": {
"readonly": true,
"required": false,
"title": "The path of the virtual tunnel interface for Route-Based IPsec VPN",
"type": "string"
}
},
"title": "The related policy path of IPsec VPN traceflow observations",
"type": "object"
}
PolicyTraceflowObservationReceivedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationReceivedLogical
},
"id": "PolicyTraceflowObservationReceivedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationReceivedLogical"
},
"properties": {
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that received the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that received the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the interface at which the traceflow packet was received (e.g.,\nTier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"readonly": true,
"required": false,
"title": "Path of interface",
"type": "string"
},
"ipsec_vpn": {
"$ref": "TraceflowObservationIpsecVpn,
"description": "This field is specified when the traceflow packet was received on IPSec VPN.",
"readonly": true,
"required": false,
"title": "IPSec VPN on which the traceflow packet was received."
},
"ipsec_vpn_path": {
"$ref": "PolicyTraceflowObservationIpsecVpn,
"readonly": true,
"required": false,
"title": "The related path of IPsec VPN on which the traceflow packet was received"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was received",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was received",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"Description": "The path of the segment port at which the\ntraceflow packet was received.\n",
"readonly": true,
"required": false,
"title": "Path of segment port",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"src_component_id": {
"readonly": true,
"required": false,
"title": "The id of the source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_name": {
"readonly": true,
"required": false,
"title": "The name of source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_path": {
"readonly": true,
"required": false,
"title": "The path of the source component from which the traceflow packet was received",
"type": "string"
},
"src_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the source component from which the traceflow packet was received."
},
"svc_mac": {
"description": "MAC address of SAN volume controller for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of SAN volume controller",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was received by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was received."
},
"vni": {
"description": "This field is specified when the traceflow packet was received by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was received.",
"type": "int"
}
},
"type": "object"
}
PolicyTraceflowObservationRelayedLogical (type)
{
"extends": {
"$ref": "TraceflowObservationRelayedLogical
},
"id": "PolicyTraceflowObservationRelayedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationRelayedLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the destination which the packet will be relayed.",
"readonly": true,
"required": true,
"title": "The IP address of the destination"
},
"logical_comp_uuid": {
"description": "This field specified the logical component that relay service located.",
"readonly": true,
"required": false,
"title": "The id of the component which relay service located",
"type": "string"
},
"logical_component_path": {
"description": "This field specifies the logical component that relay service located on.",
"readonly": true,
"required": false,
"title": "The path of the component on which relay service located",
"type": "string"
},
"message_type": {
"default": "REQUEST",
"description": "This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client",
"enum": [
"REQUEST",
"REPLY"
],
"readonly": true,
"required": true,
"title": "The type of the relay service",
"type": "string"
},
"relay_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the relay service.",
"readonly": true,
"required": true,
"title": "The IP address of relay service"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTransportZone (type)
{
"description": "Transport Zone.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTransportZone",
"module_id": "PolicyTransportZone",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authorized_vlans": {
"description": "This field lists vlan ids allowed on logical network entities, eg. Segments, bridges, etc. created under this transport zone. Can be empty, VLAN id or a range of VLAN ids specified with '-' in between. An empty list allows all vlan ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Authorized VLAN ids for this TransportZone",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"forwarding_mode": {
"description": "Transport Zone Forwarding Mode, must be one of either IPV4_ONLY or IPV6_ONLY or IPV4_AND_IPV6. Default is IPV4_ONLY.",
"enum": [
"IPV4_ONLY",
"IPV6_ONLY",
"IPV4_AND_IPV6"
],
"nsx_feature": "L2Ipv6",
"title": "Transport Zone Forwarding Mode",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "Flag to indicate if the transport zone is the default one. Only one transport zone can be the default one for a given transport zone type.",
"title": "Flag to indicate if the transport zone is the default one",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nested_nsx": {
"default": false,
"description": "This flag should be set to true in nested NSX environment. When the \"allow_changing_vdr_mac_in_use\" property in the global config object RoutingGlobalConfig is false, this flag can not be changed if this transport zone is OVERLAY and the change will make any transport node in this transport zone to change the VDR MAC used in any host switch. When this flag is true and this transport zone is OVERLAY, all host switches in this transport zone will use the VDR MAC in the \"vdr_mac_nested\" property in the global config object RoutingGlobalConfig.",
"required": false,
"title": "Flag to indicate if all transport nodes in this transport zone are connected through nested NSX.",
"type": "boolean"
},
"nsx_id": {
"description": "UUID of transport zone on NSX-T enforcement point.",
"readonly": true,
"title": "Transport Zone UUID on NSX-T Enforcement Point",
"type": "string"
},
"origin_id": {
"description": "This field is populated only if the transport zone was created by NSX system to support security on vSphere Distributed Switch (vDS). The origin_id will refer to the identifier of corresponding vDS from it's parent vCenter server.",
"readonly": true,
"required": false,
"title": "The host switch id generated by the system.",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_profile_paths": {
"description": "Policy Transport Zone Profile paths",
"items": {
"type": "string"
},
"required": false,
"title": "Policy Transport Zone Profile paths",
"type": "array"
},
"tz_type": {
"description": "Transport Zone Traffic type, must be one of either VLAN_BACKED or OVERLAY_BACKED. OVERLAY_STANDARD, OVERLAY_ENS and UNKNOWN are DEPRECATED. STANDARD, ENS and ENS_INTERRUPT are hostSwitch modes and same need to be given in HostTransportNode.HostSwitchSpec.",
"enum": [
"OVERLAY_STANDARD",
"OVERLAY_ENS",
"VLAN_BACKED",
"OVERLAY_BACKED",
"UNKNOWN"
],
"required": true,
"title": "Transport Zone Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uplink_teaming_policy_names": {
"additionalProperties": false,
"description": "The names of switching uplink teaming policies that all transport nodes in this transport zone support. Uplinkin teaming policies are only valid for VLAN backed transport zones.",
"items": {
"type": "string"
},
"required": false,
"title": "Names of the switching uplink teaming policies that are supported by this transport zone.",
"type": "array"
}
},
"search_dsl_name": [
"transport zone"
],
"title": "Transport Zone",
"type": "object"
}
PolicyTransportZoneListRequestParameters (type)
{
"additionalProperties": false,
"description": "Policy Transport Zone list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyTransportZoneListRequestParameters",
"module_id": "PolicyTransportZone",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Transport Zone List Request Parameters",
"type": "object"
}
PolicyTransportZoneListResult (type)
{
"description": "Paged Collection of Transport Zone",
"extends": {
"$ref": "ListResult
},
"id": "PolicyTransportZoneListResult",
"module_id": "PolicyTransportZone",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"description": "Transport Zone list result.",
"items": {
"$ref": "PolicyTransportZone
},
"required": true,
"title": "Transport Zone List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Transport Zone",
"type": "object"
}
PolicyTransportZoneProfile (type)
{
"description": "Transport Zone Profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTransportZoneProfile",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_config": {
"$ref": "BfdHealthMonitoringConfig,
"additionalProperties": false,
"description": "Bfd Health Monitoring Options",
"required": true,
"title": "Bfd Profile Options"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tz_profile_type": {
"description": "Policy Transport Zone Type.",
"enum": [
"BFD"
],
"required": true,
"title": "Policy Transport Zone Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Transport Zone Profile",
"type": "object"
}
PolicyTransportZoneProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyTransportZoneProfileListRequestParameters",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Transport Zone Profile request parameters",
"type": "object"
}
PolicyTransportZoneProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTransportZoneProfileListResult",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyTransportZoneProfile
},
"required": true,
"title": "Policy Transport Zone profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Policy Transport Zone Profiles",
"type": "object"
}
PolicyTunnelDigestAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "PolicyTunnelDigestAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Digest Algorithms used in tunnel establishment",
"type": "string"
}
PolicyTunnelEncryptionAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "PolicyTunnelEncryptionAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Encryption algorithm used in tunnel",
"type": "string"
}
PolicyTunnelListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyTunnelListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "gre tunnel list request parameters",
"type": "object"
}
PolicyTunnelListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTunnelListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tunnel
},
"required": true,
"title": "Policy Tunnel list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Policy Tunnel entities",
"type": "object"
}
PolicyUplinkHostSwitchProfile (type)
{
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyUplinkHostSwitchProfile",
"module_id": "PolicyUplinkHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyUplinkHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lags": {
"help_summary": "Valid only for a NVDS Hostswitch. For VDS Lags are configured from VC.",
"items": {
"$ref": "Lag
},
"maxItems": 64,
"required": false,
"title": "list of LACP group",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"help_summary": "If this field is not provided, the value of the \"physical_uplink_mtu\" from the GlobalConfigs module will be used as the default.",
"minimum": 1280,
"required": false,
"title": "Maximum Transmission Unit used for uplinks",
"type": "int"
},
"named_teamings": {
"help_summary": "If this field is not provided, logical switches will not have specific teaming policies applied to them; the default teaming policy will be used. For Non-ESX transport nodes that do not support specific uplink teaming policies on logical switches, their PolicyUplinkHostSwitchProfiles must NOT set this property; the default TeamingPolicy will always be used.",
"items": {
"$ref": "NamedTeamingPolicy
},
"maxItems": 32,
"required": false,
"title": "List of named uplink teaming policies that can be used by logical switches",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overlay_encap": {
"default": "GENEVE",
"enum": [
"VXLAN",
"GENEVE"
],
"required": false,
"title": "The protocol used to encapsulate overlay traffic",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"teaming": {
"$ref": "TeamingPolicy,
"help_summary": "This is the default TeamingPolicy used on TransportNodes that use this PolicyUplinkHostSwitchProfile for the logical switches that do not have any NamedTeamingPolicy assigned.",
"required": true,
"title": "Default TeamingPolicy associated with this UplinkProfile"
},
"transport_vlan": {
"$ref": "VlanID,
"default": 0,
"required": false,
"title": "VLAN used for tagging Overlay traffic of associated HostSwitch"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"uplink profile"
],
"title": "Profile for uplink policies",
"type": "object"
}
PolicyUrlCategorizationConfig (type)
{
"additionalProperties": false,
"description": "The type contains information about the configuration of the feature for a specific node. It contains information like the whether the feature is activated/deactivated, the context profiles defining the category list to detect.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyUrlCategorizationConfig",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"context_profiles": {
"deprecated": true,
"description": "The ids of the context profiles that provides the list of categories to be detected. This field is deprecated. URL Categorization will not be supported in association with context profiles.",
"items": {
"type": "string"
},
"required": false,
"title": "Context profiles",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Property which specifies the activating/deactivating of the feature.",
"required": true,
"title": "Enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_frequency": {
"default": 30,
"description": "The frequency in minutes at which the updates are downloaded from the URL categorization cloud service. The minimum allowed value is 5 minutes.",
"minimum": 5,
"required": false,
"title": "Policy URL Categorization Update Frequency",
"type": "int"
}
},
"title": "URL categorization entity",
"type": "object"
}
PolicyUrlCategory (type)
{
"additionalProperties": false,
"description": "Every URL is classified into one or more of 83 pre-defined categories. Examples of categories are 'Shopping', 'Financial Services', 'Travel', etc.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyUrlCategory",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category_id": {
"description": "The id of the category.",
"required": true,
"title": "Category id",
"type": "int"
},
"category_name": {
"description": "The name of the category.",
"required": true,
"title": "Category name",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy URL category",
"type": "object"
}
PolicyUrlCategoryListRequestParameters (type)
{
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyUrlCategoryListRequestParameters",
"module_id": "PolicyUrlCategorization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "URL category list request parameters",
"type": "object"
}
PolicyUrlCategoryListResult (type)
{
"additionalProperties": false,
"description": "List of Policy URL categories.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyUrlCategoryListResult",
"module_id": "PolicyUrlCategorization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyUrlCategory
},
"required": true,
"title": "Category list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of Policy URL categories",
"type": "object"
}
PolicyUrlReputationSeverity (type)
{
"additionalProperties": false,
"description": "The reputation severity of an URL.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyUrlReputationSeverity",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_reputation": {
"description": "The maximum reputation for the severity.",
"required": true,
"title": "Maximum reputation",
"type": "int"
},
"min_reputation": {
"description": "The minimum reputation for the severity.",
"required": true,
"title": "Minimim Reputation",
"type": "int"
},
"name": {
"description": "The name of the severity.",
"required": true,
"title": "Reputation severity name",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"reputation_severity_id": {
"description": "The id of the reputation severity.",
"required": true,
"title": "Reputation severity id",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy URL reputation severity",
"type": "object"
}
PolicyUrlReputationSeverityListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyUrlReputationSeverityListRequestParameters",
"module_id": "PolicyUrlCategorization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "URL reputation severity list request parameters",
"type": "object"
}
PolicyUrlReputationSeverityListResult (type)
{
"additionalProperties": false,
"description": "List of URL reputation severities.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyUrlReputationSeverityListResult",
"module_id": "PolicyUrlCategorization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyUrlReputationSeverity
},
"required": true,
"title": "Reputation Severity list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of URL reputation severities",
"type": "object"
}
PolicyVpcNatRule (type)
{
"additionalProperties": false,
"description": "Represents a NAT rule between source and destination at for a given VPC.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyVpcNatRule",
"module_id": "PolicyVpcNat",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Source NAT(SNAT) - translates a source IP address into an outbound packet so that the packet appears to originate from a different network. Destination NAT(DNAT) - translates the destination IP address of inbound packets so that packets are delivered to a target address into another network. Reflexive NAT(REFLEXIVE) - one-to-one mapping of source and destination IP addresses.",
"enum": [
"SNAT",
"DNAT",
"REFLEXIVE"
],
"required": true,
"title": "Represents action of NAT Rule SNAT, DNAT, REFLEXIVE",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_network": {
"$ref": "IPElementList,
"description": "This supports single IP address and it does not support IP range or IP sets. For DNAT rules, this is a mandatory field, and represents the destination network for the incoming packets. For other type of rules, optionally it can contain destination network of outgoing packets. NULL value for this field represents ANY network. In case of DNAT NATRule, destination network address should be IPv4 address allocated from External Block associated with VPC.",
"required": false,
"title": "Represents the destination network"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The flag, which suggests whether the NAT rule is enabled or disabled. The default is True.",
"title": "Policy NAT Rule enabled flag",
"type": "boolean"
},
"firewall_match": {
"default": "MATCH_INTERNAL_ADDRESS",
"description": "It indicates how the firewall matches the address after NATing if firewall stage is not skipped. MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped.",
"enum": [
"MATCH_EXTERNAL_ADDRESS",
"MATCH_INTERNAL_ADDRESS",
"BYPASS"
],
"required": false,
"title": "Represents the firewall match flag",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logging": {
"default": false,
"description": "The flag, which suggests whether the logging of NAT rule is enabled or disabled. The default is False.",
"title": "Policy NAT Rule logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "The sequence_number decides the rule_priority of a NAT rule. Sequence_number and rule_priority have 1:1 mapping.For each NAT section, there will be reserved rule_priority numbers.The valid range of rule_priority number is from 0 to 2147483647(MAX_INT). 1. INTERNAL section rule_priority reserved from 0 - 1023 (1024 rules) valid sequence_number range 0 - 1023 2. USER section rule_priority reserved from 1024 - 2147482623 (2147481600 rules) valid sequence_number range 0 - 2147481599 3. DEFAULT section rule_priority reserved from 2147482624 - 2147483647 (1024 rules) valid sequence_number range 0 - 1023",
"title": "Sequence number of the Nat Rule",
"type": "int"
},
"source_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT and REFLEXIVE rules, this is a mandatory field and represents the source network of the packets leaving the network. For DNAT rules, optionally it can contain source network of incoming packets. NULL value for this field represents ANY network.",
"required": false,
"title": "Represents the source network address"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"translated_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. If user specify the CIDR, this value is actually used as an IP pool that includes both the subnet and broadcast addresses as valid for NAT translations. This does not support IP range or IP sets. For SNAT, DNAT and REFLEXIVE rules, this ia a mandatory field, which represents the translated network address. In case of SNAT and Refelexive NATRule, translated network address should be single IPv4 address allocated from External Block associated with VPC.",
"required": false,
"title": "Represents the translated network address"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents a NAT rule between source and destination for a given VPC",
"type": "object"
}
PolicyVpcNatRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyVpcNatRuleListResult",
"module_id": "PolicyVpcNat",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyVpcNatRule
},
"required": true,
"title": "VPC NAT Rules list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of VPC NAT Rules",
"type": "object"
}
PolicyVtepHAHostSwitchProfile (type)
{
"extends": {
"$ref": "PolicyBaseHostSwitchProfile
},
"id": "PolicyVtepHAHostSwitchProfile",
"module_id": "PolicyVtepHAHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyVtepHAHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_recovery": {
"default": true,
"description": "The auto_recovery property specifies the status of autonomous recovery option for VTEP High Availability feature. When auto_recovery is set to true, faulted vmknic will be checked after every auto_recovery_max_backoff time and if it is recovered, VMs will be moved back to that VTEP. By default, auto_recovery will be set to true.",
"required": true,
"title": "Enabled status of autonomous recovery option",
"type": "boolean"
},
"auto_recovery_initial_wait": {
"default": 300,
"description": "This property controls after how much time the autonomous recovery should start.",
"maximum": 3600,
"minimum": 300,
"readonly": false,
"required": true,
"title": "Start time of autonomous recovery (in seconds)",
"type": "int"
},
"auto_recovery_max_backoff": {
"default": 86400,
"description": "This property controls after how much time should faulted vmknic be checked to see if the VMs can be moved back to the initial VTEP.",
"maximum": 86400,
"minimum": 3600,
"readonly": false,
"required": true,
"title": "Maximum backoff time for autonomous recovery (in seconds)",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "The enabled property specifies the status of VTEP High Availability feature. When enabled is set to true, VTEP High Availability feature is turned on and VMs will be moved to alternate healthy VTEP once fault is detected at a vmknic. By default, enabled will be set to true.",
"required": true,
"title": "Enabled status of VTEP High Availability feature",
"type": "boolean"
},
"failover_timeout": {
"default": 5,
"description": "This property controls after how much time should VMs be moved to alternate healthy VTEP once fault is detected at a vmknic. If the value is set to 0, VMs will be moved to alternate healthy VTEP immediately after detecting the fault at vmknic.",
"maximum": 60,
"minimum": 0,
"readonly": false,
"required": true,
"title": "VTEP High Availability failover timeout (in seconds)",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "PolicyHostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Host Switch for VTEP High Availability",
"type": "object"
}
PoolAlgorithm (type)
{
"additionalProperties": false,
"description": "Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies.",
"enum": [
"ROUND_ROBIN",
"WEIGHTED_ROUND_ROBIN",
"LEAST_CONNECTION",
"WEIGHTED_LEAST_CONNECTION",
"IP_HASH"
],
"id": "PoolAlgorithm",
"module_id": "LoadBalancer",
"title": "load balancing algorithm",
"type": "string"
}
PoolMember (type)
{
"additionalProperties": false,
"id": "PoolMember",
"module_id": "LoadBalancer",
"properties": {
"admin_state": {
"$ref": "PoolMemberAdminStateType,
"default": "ENABLED",
"required": false,
"title": "member admin state"
},
"backup_member": {
"default": false,
"description": "Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s).",
"required": false,
"title": "determine whether the pool member is for backup usage",
"type": "boolean"
},
"display_name": {
"required": false,
"title": "pool member name",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "pool member IP address"
},
"max_concurrent_connections": {
"description": "To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "maximum concurrent connection number",
"type": "integer"
},
"port": {
"$ref": "PortElement,
"description": "If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case.",
"required": false,
"title": "pool member port number"
},
"weight": {
"default": 1,
"description": "Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "pool member weight",
"type": "integer"
}
},
"type": "object"
}
PoolMemberAction (type)
{
"additionalProperties": false,
"id": "PoolMemberAction",
"module_id": "LoadBalancer",
"properties": {
"action": {
"enum": [
"ADD_MEMBERS",
"REMOVE_MEMBERS",
"UPDATE_MEMBERS"
],
"readonly": false,
"required": true,
"title": "Specifies addition, removal and modification action",
"type": "string"
}
},
"type": "object"
}
PoolMemberAdminStateType (type)
{
"additionalProperties": false,
"description": "User can set the admin state of a member to ENABLED or DISABLED or GRACEFUL_DISABLED. By default, when a member is added, it is ENABLED. If a member is set to DISABLED, it is not selected for any new connections. Active connections, however, will continue to be processed by it. New connections with matching persistence entries pointing to DISABLED members are not sent to those DISABLED members. Those connections are assigned to other members of the pool and the corresponding persistence entries are updated to point to the newly selected server. To allow for a more graceful way of taking down servers for maintenance, a routine task, another admin state GRACEFUL_DISABLED is supported. Existing connections to a member in GRACEFUL_DISABLED state continue to be processed.",
"enum": [
"ENABLED",
"DISABLED",
"GRACEFUL_DISABLED"
],
"id": "PoolMemberAdminStateType",
"module_id": "LoadBalancer",
"title": "pool member admin state",
"type": "string"
}
PoolMemberGroup (type)
{
"additionalProperties": false,
"id": "PoolMemberGroup",
"module_id": "LoadBalancer",
"properties": {
"customized_members": {
"description": "The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address.",
"items": {
"$ref": "PoolMemberSetting
},
"readonly": false,
"title": "List of customized pool member settings",
"type": "array"
},
"grouping_object": {
"$ref": "ResourceReference,
"description": "Load balancer pool support grouping object as dynamic pool members. The IP list of the grouping object such as NSGroup would be used as pool member IP setting.",
"required": true,
"title": "Grouping object resource reference"
},
"ip_revision_filter": {
"default": "IPV4",
"description": "Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"required": false,
"title": "Filter of ipv4 or ipv6 address of grouping object IP list",
"type": "string"
},
"max_ip_list_size": {
"description": "The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Maximum number of grouping object IP address list",
"type": "integer"
},
"port": {
"description": "If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Pool member port for all IP addresses of the grouping object",
"type": "int"
}
},
"type": "object"
}
PoolMemberSetting (type)
{
"additionalProperties": false,
"description": "The setting is used to add, update or remove pool members from pool. For static pool members, admin_state, display_name and weight can be updated. For dynamic pool members, only admin_state can be updated.",
"id": "PoolMemberSetting",
"module_id": "LoadBalancer",
"properties": {
"admin_state": {
"$ref": "PoolMemberAdminStateType,
"default": "ENABLED",
"required": false,
"title": "Member admin state"
},
"display_name": {
"description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.",
"required": false,
"title": "Pool member display name",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "Pool member IP address"
},
"port": {
"$ref": "PortElement,
"required": false,
"title": "Pool member port number"
},
"weight": {
"description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Pool member weight",
"type": "integer"
}
},
"title": "Pool member setting",
"type": "object"
}
PoolMemberSettingList (type)
{
"additionalProperties": false,
"id": "PoolMemberSettingList",
"module_id": "LoadBalancer",
"properties": {
"members": {
"items": {
"$ref": "PoolMemberSetting
},
"required": true,
"title": "List of pool member settings to be passed to add, update and remove APIs\n",
"type": "array"
}
},
"title": "List of PoolMemberSetting",
"type": "object"
}
PoolUsage (type)
{
"additionalProperties": false,
"description": "Pool usage statistics in a pool.",
"id": "PoolUsage",
"module_id": "Ipam",
"properties": {
"allocated_ids": {
"readonly": true,
"title": "Total number of allocated IDs in a pool",
"type": "integer"
},
"free_ids": {
"readonly": true,
"title": "Total number of free IDs in a pool",
"type": "integer"
},
"total_ids": {
"readonly": true,
"title": "Total number of IDs in a pool",
"type": "integer"
}
},
"type": "object"
}
PortAddressBindingEntry (type)
{
"additionalProperties": false,
"description": "Detailed information about static address for the port.",
"id": "PortAddressBindingEntry",
"module_id": "PolicyConnectivity",
"properties": {
"ip_address": {
"description": "IP Address for port binding",
"required": false,
"title": "IP address",
"type": "string"
},
"mac_address": {
"$ref": "MACAddress,
"description": "Mac address for port binding",
"required": false,
"title": "MAC address"
},
"vlan_id": {
"$ref": "VlanID,
"description": "VLAN ID for port binding",
"required": false,
"title": "VLAN ID"
}
},
"title": "Address binding information",
"type": "object"
}
PortAttacher (type) (Deprecated)
{
"deprecated": true,
"id": "PortAttacher",
"module_id": "LogicalPort",
"properties": {
"entity": {
"description": "This is a vmknic name if the attacher is vmknic. Otherwise, it is full path of the attached VM's config file",
"readonly": false,
"required": true,
"title": "Reference to the attached entity",
"type": "string"
},
"host": {
"readonly": false,
"required": true,
"title": "TransportNode on which the attacher resides",
"type": "string"
}
},
"title": "VM or vmknic entity attached to LogicalPort",
"type": "object"
}
PortAttachment (type)
{
"additionalProperties": false,
"description": "Detail information about port attachment",
"id": "PortAttachment",
"module_id": "PolicyConnectivity",
"properties": {
"allocate_addresses": {
"description": "Indicate how IP will be allocated for the port. Enum BOTH references IP pool and MAC pool. Enum NONE is no allocation.",
"enum": [
"IP_POOL",
"MAC_POOL",
"BOTH",
"DHCP",
"DHCPV6",
"SLAAC",
"NONE"
],
"required": false,
"title": "Allocate addresses",
"type": "string"
},
"app_id": {
"description": "ID used to identify/look up a child attachment behind a parent attachment",
"required": false,
"title": "App Id",
"type": "string"
},
"bms_interface_config": {
"$ref": "AttachedInterfaceEntry,
"description": "Indicate application interface configuration for Bare Metal Server.",
"required": false,
"title": "Application interface configuration for Bare metal server"
},
"context_id": {
"description": "If type is CHILD and the parent port is on the same segment as the child port, then this field should be VIF ID of the parent port. If type is CHILD and the parent port is on a different segment, then this field should be policy path of the parent port. If type is INDEPENDENT/STATIC, then this field should be transport node ID.",
"required": false,
"title": "Context ID based on the type",
"type": "string"
},
"context_type": {
"description": "Set to PARENT when type field is CHILD. Read only field.",
"enum": [
"PARENT"
],
"readonly": true,
"title": "Context Type",
"type": "string"
},
"evpn_vlans": {
"description": "List of Evpn tenant VLAN IDs the Parent logical-port serves in Evpn Route-Server mode. Only effective when attachment type is PARENT and the logical-port is attached to vRouter VM.",
"items": {
"type": "string"
},
"maxItems": 1000,
"minItems": 0,
"required": false,
"title": "Evpn tenant VLAN IDs the Parent logical-port serves.",
"type": "array"
},
"hyperbus_mode": {
"default": "DISABLE",
"description": "Flag to indicate if hyperbus configuration is required.",
"enum": [
"ENABLE",
"DISABLE"
],
"title": "Hyperbus mode",
"type": "string"
},
"id": {
"description": "VIF UUID on NSX Manager. If the attachement type is PARENT, this property is required.",
"required": false,
"title": "Port attachment ID",
"type": "string"
},
"traffic_tag": {
"$ref": "VlanID,
"description": "Not valid when type field is INDEPENDENT, mainly used to identify traffic from different ports in container use case.",
"required": false,
"title": "VLAN ID"
},
"type": {
"description": "Type of port attachment. STATIC is added to replace INDEPENDENT. INDEPENDENT type and PARENT type are deprecated.",
"enum": [
"PARENT",
"CHILD",
"INDEPENDENT",
"STATIC"
],
"required": false,
"title": "Attachement type",
"type": "string"
}
},
"title": "Attachment information on the port",
"type": "object"
}
PortConnectionBMEntities (type)
{
"id": "PortConnectionBMEntities",
"module_id": "PortConnection",
"properties": {
"dst_port": {
"$ref": "LogicalPort,
"required": false
},
"src_port": {
"$ref": "LogicalPort,
"required": false
}
},
"title": "Port Connection Bare Metal Entities",
"type": "object"
}
PortConnectionContainersEntities (type)
{
"id": "PortConnectionContainersEntities",
"module_id": "PortConnection",
"properties": {
"logical_ports": {
"items": {
"$ref": "LogicalPort
},
"required": false,
"type": "array"
}
},
"title": "Port Connection Containers Entities",
"type": "object"
}
PortConnectionEdgeNodeGroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PortConnectionEntity
},
"id": "PortConnectionEdgeNodeGroup",
"module_id": "PortConnection",
"properties": {
"edge_nodes": {
"items": {
"$ref": "TransportNode
},
"type": "array"
},
"id": {
"readonly": true,
"required": true,
"title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "Id of the logical router",
"type": "string"
},
"resource": {
"$ref": "ManagedResource,
"readonly": true,
"required": false,
"title": "Resource reference with details of the entity"
}
},
"title": "Collection of edge nodes backing a logical router",
"type": "object"
}
PortConnectionEntities (type)
{
"additionalProperties": false,
"id": "PortConnectionEntities",
"module_id": "PortConnection",
"properties": {
"containers": {
"$ref": "PortConnectionContainersEntities,
"required": true
},
"edge_node_groups": {
"items": {
"$ref": "PortConnectionEdgeNodeGroup
},
"required": false,
"type": "array"
},
"errors": {
"items": {
"$ref": "PortConnectionError
},
"required": true,
"type": "array"
},
"hypervisors": {
"items": {
"$ref": "PortConnectionHypervisor
},
"required": true,
"type": "array"
},
"logical_switches": {
"items": {
"$ref": "PortConnectionLogicalSwitch
},
"required": true,
"type": "array"
},
"physical_hosts": {
"$ref": "PortConnectionBMEntities,
"require": false
},
"routers": {
"items": {
"$ref": "PortConnectionRouter
},
"required": false,
"type": "array"
},
"tunnels": {
"items": {
"$ref": "PortConnectionTunnel
},
"required": true,
"type": "array"
},
"vms": {
"items": {
"$ref": "VirtualMachine
},
"required": true,
"type": "array"
}
},
"title": "Port Connection Entities (to help draw a visual picture of entities between two ports)",
"type": "object"
}
PortConnectionEntity (type)
{
"additionalProperties": false,
"id": "PortConnectionEntity",
"module_id": "PortConnection",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)",
"type": "string"
},
"resource": {
"$ref": "ManagedResource,
"readonly": true,
"required": false,
"title": "Resource reference with details of the entity"
}
},
"title": "Port Connection Entity",
"type": "object"
}
PortConnectionError (type)
{
"additionalProperties": false,
"id": "PortConnectionError",
"module_id": "PortConnection",
"properties": {
"entity_type": {
"type": "string"
},
"error_details": {
"type": "object"
},
"error_summary": {
"type": "string"
}
},
"title": "Errors encountered while fetching entities in the forwarding path",
"type": "object"
}
PortConnectionHypervisor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PortConnectionEntity
},
"id": "PortConnectionHypervisor",
"module_id": "PortConnection",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)",
"type": "string"
},
"neighbors_list": {
"items": {
"$ref": "InterfaceNeighborProperties
},
"type": "array"
},
"pnics": {
"deprecated": true,
"items": {
"$ref": "Pnic
},
"type": "array"
},
"pnics_list": {
"items": {
"$ref": "NodeInterfaceProperties
},
"type": "array"
},
"profiles": {
"items": {
"$ref": "BaseHostSwitchProfile
},
"type": "array"
},
"resource": {
"$ref": "ManagedResource,
"readonly": true,
"required": false,
"title": "Resource reference with details of the entity"
}
},
"title": "Port Connection Hypervisor/Transport Node Entity",
"type": "object"
}
PortConnectionLogicalSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PortConnectionEntity
},
"id": "PortConnectionLogicalSwitch",
"module_id": "PortConnection",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)",
"type": "string"
},
"resource": {
"$ref": "ManagedResource,
"readonly": true,
"required": false,
"title": "Resource reference with details of the entity"
},
"router_ports": {
"items": {
"$ref": "LogicalPort
},
"readonly": true,
"title": "Logical Ports that are attached to a router",
"type": "array"
},
"vm_ports": {
"items": {
"$ref": "LogicalPort
},
"readonly": true,
"required": true,
"title": "Logical Ports that are attached to a VIF/VM",
"type": "array"
},
"vm_ports_states": {
"items": {
"$ref": "LogicalPortState
},
"readonly": true,
"required": true,
"title": "States of Logical Ports that are attached to a VIF/VM",
"type": "array"
},
"vm_vnics": {
"items": {
"$ref": "VirtualNetworkInterface
},
"readonly": true,
"title": "Virutal Network Interfaces that are attached to the Logical Ports",
"type": "array"
}
},
"title": "Port Connection Logical Switch Entity",
"type": "object"
}
PortConnectionRequestParameters (type)
{
"additionalProperties": false,
"id": "PortConnectionRequestParameters",
"module_id": "PortConnection",
"properties": {
"peer_port_id": {
"required": true,
"title": "ID of peer port",
"type": "string"
}
},
"title": "Port Connection request parameters",
"type": "object"
}
PortConnectionRouter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PortConnectionEntity
},
"id": "PortConnectionRouter",
"module_id": "PortConnection",
"properties": {
"downlink_ports": {
"items": {
"$ref": "LogicalRouterPort
},
"readonly": true,
"required": true,
"title": "Downlink ports of the Logical Router.",
"type": "array"
},
"id": {
"readonly": true,
"required": true,
"title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)",
"type": "string"
},
"resource": {
"$ref": "ManagedResource,
"readonly": true,
"required": false,
"title": "Resource reference with details of the entity"
},
"uplink_ports": {
"items": {
"$ref": "LogicalRouterPort
},
"readonly": true,
"required": true,
"title": "Uplink ports of the Logical Router.",
"type": "array"
}
},
"title": "Port Connection Logical Router Entity",
"type": "object"
}
PortConnectionTunnel (type)
{
"additionalProperties": false,
"id": "PortConnectionTunnel",
"module_id": "PortConnection",
"properties": {
"src_node_id": {
"required": true,
"title": "Id of the source transport node",
"type": "string"
},
"tunnel_properties": {
"$ref": "TunnelProperties,
"required": true,
"title": "Tunnel properties between the source and the destination transport node"
}
},
"title": "Tunnel information between two given transport nodes",
"type": "object"
}
PortDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Port. Using this entity, user can specify intent for applying discovery profile to particular Port. Port here is Logical Port.",
"extends": {
"$ref": "DiscoveryProfileBindingMap
},
"id": "PortDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_discovery_profile_path": {
"description": "PolicyPath of associated IP Discovery Profile",
"required": false,
"title": "IP Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortDiscoveryProfileBindingMap"
],
"relationshipType": "PORT_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
}
]
},
"mac_discovery_profile_path": {
"description": "PolicyPath of associated Mac Discovery Profile",
"required": false,
"title": "Mac Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortDiscoveryProfileBindingMap"
],
"relationshipType": "PORT_BINDINGMAP_MACDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"MacDiscoveryProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Port Discovery Profile binding map",
"type": "object"
}
PortDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PortDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port Discovery Profile Binding Map list request parameters",
"type": "object"
}
PortDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortDiscoveryProfileBindingMap
},
"required": true,
"title": "Port Discovery Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port Discovery Profile Binding Maps",
"type": "object"
}
PortElement (type)
{
"description": "Examples- Single port \"8080\", Range of ports \"8090-8095\"",
"format": "port-or-range",
"id": "PortElement",
"module_id": "Common",
"title": "A port or a port range",
"type": "string"
}
PortMirrorFilter (type)
{
"additionalProperties": false,
"id": "PortMirrorFilter",
"module_id": "PolicyPortMirroring",
"properties": {
"destination_ips": {
"$ref": "IPAddresses,
"description": "Destination IP in the form of IPAddresses, used to match the destination IP of a packet. If not provided, no filtering by destination IPs is performed.",
"title": "Destination IP used to filter packets"
},
"destination_ports": {
"$ref": "PortElement,
"description": "Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed.",
"title": "Destination port or port range used to filter packets"
},
"protocol": {
"description": "The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed.",
"enum": [
"TCP",
"UDP"
],
"title": "The protocol used to filter packets.",
"type": "string"
},
"source_ips": {
"$ref": "IPAddresses,
"description": "Source IP in the form of IPAddresses, used to match the source IP of a packet. If not provided, no filtering by source IPs is performed.",
"title": "Source IP used to filter packets"
},
"source_ports": {
"$ref": "PortElement,
"description": "Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed.",
"title": "Source port or port range used to filter packets"
}
},
"type": "object"
}
PortMirroringFilter (type)
{
"id": "PortMirroringFilter",
"module_id": "PortMirroring",
"properties": {
"dst_ips": {
"$ref": "IPAddresses,
"description": "Destination IP in the form of IPAddresses, used to match the destination IP of a packet. If not provided, no filtering by destination IPs is performed.",
"required": false,
"title": "Destination IP used to filter packets"
},
"dst_ports": {
"$ref": "PortElement,
"description": "Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed.",
"required": false,
"title": "Destination port or port range used to filter packets"
},
"filter_action": {
"default": "MIRROR",
"description": "If set to MIRROR, packets will be mirrored. If set to DO_NOT_MIRROR, packets will not be mirrored.",
"enum": [
"MIRROR",
"DO_NOT_MIRROR"
],
"required": false,
"title": "Mirror action to filter packets",
"type": "string"
},
"ip_protocol": {
"description": "The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed.",
"enum": [
"TCP",
"UDP"
],
"required": false,
"title": "The protocol used to filter packets.",
"type": "string"
},
"src_ips": {
"$ref": "IPAddresses,
"description": "Source IP in the form of IPAddresses, used to match the source IP of a packet. If not provided, no filtering by source IPs is performed.",
"required": false,
"title": "Source IP used to filter packets"
},
"src_ports": {
"$ref": "PortElement,
"description": "Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed.",
"required": false,
"title": "Source port or port range used to filter packets"
}
},
"type": "object"
}
PortMirroringProfile (type)
{
"additionalProperties": false,
"description": "Mirrors Data from source to destination",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PortMirroringProfile",
"module_id": "PolicyPortMirroring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_group": {
"description": "Data from source group will be copied to members of destination group. Only IPSET group and group with membership criteria VM is supported. IPSET group allows only three ip's.",
"required": true,
"title": "Destination group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMirroringProfile"
],
"relationshipType": "PORT_MIRRORING_DESTINATION_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"direction": {
"default": "BIDIRECTIONAL",
"description": "Port mirroring profile direction",
"enum": [
"INGRESS",
"EGRESS",
"BIDIRECTIONAL"
],
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_type": {
"default": "GRE",
"description": "User can provide Mirror Destination type e.g GRE, ERSPAN_TWO or ERSPAN_THREE.If profile type is REMOTE_L3_SPAN, encapsulation type is used else ignored.",
"enum": [
"GRE",
"ERSPAN_TWO",
"ERSPAN_THREE"
],
"required": false,
"title": "Mirror Destination encapsulation type",
"type": "string"
},
"erspan_id": {
"default": 0,
"description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.",
"maximum": 1023,
"minimum": 0,
"required": false,
"title": "ERSPAN session id",
"type": "int"
},
"filter_action": {
"default": "INCLUDE",
"description": "If set to INCLUDE, packets matching all filters will be mirrored. If set to EXCLUDE, packets NOT matching any filters will be mirrored.",
"enum": [
"INCLUDE",
"EXCLUDE"
],
"title": "Action to include or exclude traffic for all filter in port_mirroring_filters",
"type": "string"
},
"gre_key": {
"default": 0,
"description": "User-configurable 32-bit key only for GRE",
"minimum": 0,
"required": false,
"title": "GRE encapsulation key",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_filters": {
"description": "An array of 5-tuples used to filter packets for the mirror session. If not provided, all the packets will be mirrored. This field is with filter_action which defines whether packets matching the filter will be included or excluded",
"items": {
"$ref": "PortMirrorFilter
},
"maxItems": 1,
"minItems": 0,
"title": "Port mirroring filter",
"type": "array"
},
"profile_type": {
"default": "REMOTE_L3_SPAN",
"description": "Allows user to select type of port mirroring session.",
"enum": [
"REMOTE_L3_SPAN",
"LOGICAL_SPAN"
],
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snap_length": {
"description": "If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored.",
"maximum": 65535,
"minimum": 60,
"required": false,
"title": "Maximum packet length for packet truncation",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_ip_stack": {
"default": "Default",
"description": "User can provide Mirror stack or Default stack to send mirror traffic. If profile type is REMOTE_L3_SPAN, tcp_ip_stack type is used else ignored.",
"enum": [
"Default",
"Mirror"
],
"title": "Mirror Destination encapsulation type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Mirrors Data from source to destination",
"type": "object"
}
PortMirroringProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortMirroringProfileListRequestParameters",
"module_id": "PolicyPortMirroring",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port mirroring profile request parameters",
"type": "object"
}
PortMirroringProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortMirroringProfileListResult",
"module_id": "PolicyPortMirroring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortMirroringProfile
},
"required": true,
"title": "Port Mirroring Profiles list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of port mirroring profiles",
"type": "object"
}
PortMirroringSession (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "PortMirroringSession",
"module_id": "PortMirroring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"$ref": "DirectionType,
"required": true,
"title": "Port mirroring session direction"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_vlan_id": {
"$ref": "VlanID,
"description": "Only for Remote SPAN Port Mirror.",
"required": false,
"title": "Encapsulation VLAN ID"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mirror_destination": {
"$ref": "MirrorDestination,
"required": true,
"title": "Mirror destination"
},
"mirror_sources": {
"items": {
"$ref": "MirrorSource
},
"minItems": 1,
"required": true,
"title": "Mirror sources",
"type": "array"
},
"port_mirroring_filters": {
"description": "An array of 5-tuples used to filter packets for the mirror session, if not provided, all the packets will be mirrored.",
"items": {
"$ref": "PortMirroringFilter
},
"required": false,
"title": "Port mirror filter for this session",
"type": "array"
},
"preserve_original_vlan": {
"default": false,
"required": false,
"title": "Only for Remote SPAN Port Mirror. Whether to preserve original VLAN.",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_type": {
"$ref": "PortMirroringSessionType,
"default": "LocalPortMirrorSession",
"description": "If this property is unset, this session will be treated as LocalPortMirrorSession.",
"required": false,
"title": "Port mirroring session type"
},
"snap_length": {
"description": "If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored.",
"maximum": 65535,
"minimum": 60,
"required": false,
"title": "Maximum packet length for packet truncation",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_ip_stack": {
"description": "If set to mirror, mirror packet will be sent via dedicated mirror stack to destination; If set to default, mirror packet will be sent via default stack; So far, the value mirror can only be chosen in L3PortMirrorSession.",
"enum": [
"Default",
"Mirror"
],
"required": false,
"title": "TCP/IP Stack",
"type": "string"
}
},
"type": "object"
}
PortMirroringSessionListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PortMirroringSessionListResult",
"module_id": "PortMirroring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortMirroringSession
},
"readonly": true,
"title": "Port mirroring session results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Mirror session queries result",
"type": "object"
}
PortMirroringSessionType (type)
{
"additionalProperties": false,
"description": "PortMirroringSession is the configuration instance of port mirroring, you can create different types of PortMirroringSession with different mirror source and mirror destination. Each port mirror session type has its own mirror source and mirror destination pair. LocalPortMirrorSession include LogicalPortMirrorSession and UplinkPortMirrorSession. You can create multiple mirror sessions of same parent type by one API call. LogicalPortMirrorSession - source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination] UplinkPortMirrorSession - source[PnicMirrorSource] destination[LogicalPortMirrorDestination] RspanSrcMirrorSession - source[LogicalPortMirrorSource] destination[PnicMirrorDestination] RspanDstMirrorSession - source[VlanMirrorSource] destination[LogicalPortMirrorDestination] LogicalLocalPortMirrorSession - source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination] L3PortMirrorSession - source[LogicalPortMirrorSource or LogicalSwitchMirrorSource] destination[IPMirrorDestination]",
"enum": [
"LogicalPortMirrorSession",
"UplinkPortMirrorSession",
"RspanSrcMirrorSession",
"RspanDstMirrorSession",
"LocalPortMirrorSession",
"LogicalLocalPortMirrorSession",
"L3PortMirrorSession"
],
"id": "PortMirroringSessionType",
"module_id": "PortMirroring",
"title": "Resource types of mirror session",
"type": "string"
}
PortMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Port. Using this entity, user can specify intent for applying monitoring profile to particular Port. Port here is Segment Port.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "PortMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXL2CollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_PORT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Port Monitoring Profile binding map",
"type": "object"
}
PortMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PortMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port Monitoring Profile Binding Map list request parameters",
"type": "object"
}
PortMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortMonitoringProfileBindingMap
},
"required": true,
"title": "Port Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port Monitoring Profile Binding Maps",
"type": "object"
}
PortQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between qos profile and Port. Using this entity, you can specify intent for applying qos profile to particular Port. Port here is Segment Port.",
"extends": {
"$ref": "QoSProfileBindingMap
},
"id": "PortQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"qos_profile_path": {
"description": "PolicyPath of associated QoS Profile",
"required": false,
"title": "QoS Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortQoSProfileBindingMap"
],
"relationshipType": "QOS_PROFILE_PORT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"QoSProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"port qos profile binding map"
],
"title": "Port QoS Profile binding map",
"type": "object"
}
PortQoSProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortQoSProfileBindingMapListRequestParameters",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port QoS Profile Binding Map list request parameters",
"type": "object"
}
PortQoSProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortQoSProfileBindingMapListResult",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortQoSProfileBindingMap
},
"required": true,
"title": "Port QoS Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port QoS Profile Binding Maps",
"type": "object"
}
PortSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Contains the binding relationship between port and security profile.",
"extends": {
"$ref": "SecurityProfileBindingMap
},
"id": "PortSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_security_profile_path": {
"description": "The policy path of the asscociated Segment Security profile",
"required": false,
"title": "Segment Security Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortSecurityProfileBindingMap"
],
"relationshipType": "PORT_SECURITY_BINDING_MAP_SEGMENT_SECURITY_RELATIONSHIP",
"rightType": [
"SegmentSecurityProfile"
]
}
]
},
"spoofguard_profile_path": {
"description": "The policy path of the asscociated SpoofGuard profile",
"required": false,
"title": "SpoofGuard Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortSecurityProfileBindingMap"
],
"relationshipType": "PORT_SECURITY_BINDING_MAP_SPOOFGUARD_RELATIONSHIP",
"rightType": [
"SpoofGuardProfile",
"IPDiscoveryProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Security profile binding map for port",
"type": "object"
}
PortSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port security profile binding map request parameters",
"type": "object"
}
PortSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortSecurityProfileBindingMapListResult",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortSecurityProfileBindingMap
},
"required": true,
"title": "Port security profile binding map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of port security profile binding maps",
"type": "object"
}
PortStatus (type)
{
"description": "It represents the condition of a service point.",
"id": "PortStatus",
"module_id": "InventoryContainerObj",
"properties": {
"port": {
"description": "Specifies port of service point.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Port of service point",
"type": "integer"
},
"protocol": {
"description": "Specifies protocol of service point. e.g. TCP, UDP, SCTP.",
"enum": [
"TCP",
"UDP",
"SCTP"
],
"readonly": false,
"required": false,
"title": "Protocol of service point",
"type": "string"
}
},
"title": "Port status of a service point",
"type": "object"
}
PostVmGroupMigrationSpec (type)
{
"additionalProperties": false,
"description": "Migration spec for a VM group that will be used in post VM group migration step.",
"id": "PostVmGroupMigrationSpec",
"module_id": "Migration",
"properties": {
"allow_override": {
"default": false,
"description": "Flag to indicate whether to re-run the post migrate steps for the VM group if they are already run before.",
"readonly": false,
"required": false,
"title": "Flag for re-running post migrate steps",
"type": "boolean"
},
"failed_vm_instance_ids": {
"description": "List of instance uuids of VMs that failed to migrate.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of instance uuids of VMs",
"type": "array"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"group_id": {
"description": "User defined VM group id that must be unique among all VM groups ids and also should match the group id used in the pre VM group migrate API.",
"readonly": false,
"required": true,
"title": "User defined VM group id",
"type": "string"
}
},
"title": "Migration spec for a VM group",
"type": "object"
}
PreReqCondition (type)
{
"enum": [
"WAVE_FRONT",
"TSDB",
"TRACE"
],
"id": "PreReqCondition",
"module_id": "PolicySha",
"title": "Valid pre-req condition",
"type": "string"
}
PreUpgradeHealthCheckInfo (type)
{
"description": "Information about the ESX health perspective check.",
"id": "PreUpgradeHealthCheckInfo",
"module_id": "EHP",
"properties": {
"check": {
"default": "",
"description": "Identifier of the check.",
"readonly": false,
"required": true,
"title": "Check Identifier",
"type": "string"
},
"description": {
"$ref": "PreUpgradeHealthCheckMessage,
"description": "Description of the check.",
"readonly": false,
"required": true,
"title": "PreUpgradeHealthCheck description"
},
"name": {
"$ref": "PreUpgradeHealthCheckMessage,
"description": "Name of the check.",
"readonly": false,
"required": true,
"title": "PreUpgradeHealthCheck name"
}
},
"title": "ESX health perspective check information",
"type": "object"
}
PreUpgradeHealthCheckMessage (type)
{
"additionalProperties": false,
"description": "Localized message object related to host health perspective.",
"id": "PreUpgradeHealthCheckMessage",
"module_id": "EHP",
"properties": {
"default_message": {
"default": "",
"description": "The value of this localizable string or message template in the en_US (English) locale.",
"readonly": false,
"required": true,
"title": "Default message",
"type": "string"
},
"id": {
"default": "",
"description": "Unique identifier of the localizable string or message template.",
"readonly": false,
"required": true,
"title": "Identifier of Localizable String",
"type": "string"
},
"localized": {
"description": "Localized string value as per request requirements.",
"readonly": false,
"required": false,
"title": "Localized string",
"type": "string"
}
},
"title": "host health perspective localized message",
"type": "object"
}
PreUpgradeHealthCheckRequest (type)
{
"id": "PreUpgradeHealthCheckRequest",
"module_id": "EHP",
"properties": {
"entity-id": {
"description": "Unique identifier of host moref.",
"readonly": false,
"required": true,
"title": "Entity Identifier",
"type": "string"
},
"vcenter-uuid": {
"description": "Instance uuid of vCenter. To get the instance id refer the <b>instanceUuid</b> field of https://<nsx-mgr>/api/v1/fabric/compute-managers API response.",
"readonly": false,
"required": true,
"title": "vCenter uuid",
"type": "string"
}
},
"title": "Health perspective check request",
"type": "object"
}
PreUpgradeHealthCheckStatus (type)
{
"description": "Status of an host health perspective check.",
"id": "PreUpgradeHealthCheckStatus",
"module_id": "EHP",
"properties": {
"info": {
"$ref": "PreUpgradeHealthCheckInfo,
"description": "Status of the check.",
"readonly": false,
"required": true,
"title": "Check Information"
},
"issues": {
"default": [],
"description": "List of issues reported by the check.",
"items": {
"$ref": "PreUpgradeHealthCheckMessage
},
"readonly": false,
"required": true,
"title": "List of issues",
"type": "array"
},
"status": {
"enum": [
"OK",
"WAIT",
"NOT_OK"
],
"readonly": false,
"required": true,
"title": "Status of check",
"type": "string"
},
"wait_duration": {
"description": "Duration in milliseconds to wait before issuing status check again. This field is optional and is only populated when status is WAIT.",
"readonly": true,
"required": false,
"title": "Wait duration",
"type": "int"
}
},
"title": "ESX health perspective check status",
"type": "object"
}
PreUpgradeHostHealthCheckStatuses (type)
{
"description": "Aggregated status list of performed host pre-upgrade checks.",
"id": "PreUpgradeHostHealthCheckStatuses",
"module_id": "EHP",
"properties": {
"check_statuses": {
"default": [],
"description": "List of pre check statuses.",
"items": {
"$ref": "PreUpgradeHealthCheckStatus
},
"readonly": false,
"required": true,
"title": "Check statuses",
"type": "array"
},
"status": {
"description": "Aggregated status of all individual checks. It will be OK only when all executed checks return OK.",
"enum": [
"OK",
"WAIT",
"NOT_OK"
],
"readonly": true,
"required": true,
"title": "Aggregated status of all checks",
"type": "string"
},
"wait_duration": {
"description": "Duration in milliseconds to wait before issuing status check again. This field is optional and is only populated when status is WAIT.",
"readonly": true,
"required": false,
"title": "Wait duration",
"type": "int"
}
},
"title": "host health perspective checks status list",
"type": "object"
}
PreVmGroupMigrationSpec (type)
{
"additionalProperties": false,
"description": "Migration spec for a VM group that will be used in pre VM group migration step.",
"id": "PreVmGroupMigrationSpec",
"module_id": "Migration",
"properties": {
"allow_override": {
"default": false,
"description": "Flag to indicate whether to re-run the pre migrate steps for the VM group if they are already run before.",
"readonly": false,
"required": false,
"title": "Flag for re-running the pre migrate steps",
"type": "boolean"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"group_id": {
"description": "User defined VM group id that must be unique among all VM groups ids.",
"readonly": false,
"required": true,
"title": "User defined VM group id",
"type": "string"
},
"vm_instance_ids": {
"description": "List of VM instance uuids that can be found in VC inventory.",
"items": {
"type": "string"
},
"readonly": false,
"required": true,
"title": "List of VM instance uuids",
"type": "array"
}
},
"title": "Migration spec for a VM group",
"type": "object"
}
PrecheckParameters (type)
{
"id": "PrecheckParameters",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"cluster_ids": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Cluster ID list for nvds upgrade precheck",
"type": "array"
}
},
"title": "Parameters for nvds upgrade precheck",
"type": "object"
}
PreconfiguredEndpoint (type) (Deprecated)
{
"deprecated": true,
"id": "PreconfiguredEndpoint",
"module_id": "TransportNode",
"properties": {
"device_name": {
"readonly": false,
"required": true,
"title": "Name of the virtual tunnel endpoint",
"type": "string"
}
},
"title": "Tunnel endpoint configuration of preconfigured host switch",
"type": "object"
}
PreconfiguredHostSwitch (type) (Deprecated)
{
"deprecated": true,
"description": "Preconfigured host switch is used for manually configured transport node.",
"id": "PreconfiguredHostSwitch",
"module_id": "TransportNode",
"properties": {
"endpoints": {
"items": {
"$ref": "PreconfiguredEndpoint
},
"maxItems": 1,
"required": false,
"title": "List of virtual tunnel endpoints which are preconfigured on this host switch",
"type": "array"
},
"host_switch_id": {
"readonly": false,
"required": true,
"title": "External Id of the preconfigured host switch.",
"type": "string"
},
"transport_zone_endpoints": {
"description": "List of TransportZones that are to be associated with specified host switch.",
"items": {
"$ref": "TransportZoneEndPoint
},
"readonly": false,
"required": false,
"title": "Transport zone endpoints.",
"type": "array"
}
},
"title": "Preconfigured host switch",
"type": "object"
}
PreconfiguredHostSwitchSpec (type) (Deprecated)
{
"deprecated": true,
"description": "Preconfigured host switch specification is used for manually configured transport node. It is user's responsibility to ensure correct configuration is provided to NSX. This type is only valid for supported KVM fabric nodes.",
"extends": {
"$ref": "HostSwitchSpec
},
"id": "PreconfiguredHostSwitchSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "PreconfiguredHostSwitchSpec"
},
"properties": {
"host_switches": {
"items": {
"$ref": "PreconfiguredHostSwitch
},
"maxItems": 1,
"required": true,
"title": "Preconfigured Transport Node host switches",
"type": "array"
},
"resource_type": {
"enum": [
"StandardHostSwitchSpec",
"PreconfiguredHostSwitchSpec"
],
"required": true,
"type": "string"
}
},
"title": "Specification of transport node preconfigured host switch",
"type": "object"
}
PrefixConfig (type)
{
"additionalProperties": false,
"id": "PrefixConfig",
"module_id": "Routing",
"properties": {
"action": {
"$ref": "RoutingFilterAction,
"required": true,
"title": "Action for the IPPrefix"
},
"ge": {
"maximum": 128,
"minimum": 1,
"required": false,
"title": "Greater than or equal to",
"type": "integer"
},
"le": {
"maximum": 128,
"minimum": 1,
"required": false,
"title": "Less than or equal to",
"type": "integer"
},
"network": {
"$ref": "IPCIDRBlock,
"description": "If absent, the action applies to all addresses.",
"required": false,
"title": "CIDR"
}
},
"type": "object"
}
PrefixEntry (type)
{
"additionalProperties": false,
"id": "PrefixEntry",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"default": "PERMIT",
"description": "Action for the prefix list.",
"enum": [
"PERMIT",
"DENY"
],
"required": false,
"title": "Action for the prefix list",
"type": "string"
},
"ge": {
"description": "Prefix length greater than or equal to.",
"maximum": 128,
"minimum": 1,
"title": "Prefix length greater than or equal to",
"type": "int"
},
"le": {
"description": "Prefix length less than or equal to.",
"maximum": 128,
"minimum": 1,
"title": "Prefix length less than or equal to",
"type": "int"
},
"network": {
"description": "Network prefix in CIDR format. \"ANY\" matches all networks.",
"required": true,
"title": "Network prefix in CIDR format",
"type": "string"
}
},
"title": "Network prefix entry",
"type": "object"
}
PrefixList (type)
{
"additionalProperties": false,
"description": "A named list of prefixes for routing purposes.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PrefixList",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefixes": {
"description": "Specify ordered list of network prefixes.",
"items": {
"$ref": "PrefixEntry
},
"minItems": 1,
"required": true,
"title": "Ordered list of network prefixes",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A named list of prefixes for routing purposes",
"type": "object"
}
PrefixListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PrefixListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PrefixList request parameters",
"type": "object"
}
PrefixListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PrefixListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PrefixList
},
"required": true,
"title": "PrefixList results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of PrefixLists",
"type": "object"
}
Principal (type)
{
"additionalProperties": false,
"id": "Principal",
"module_id": "CertificateManager",
"properties": {
"attributes": {
"description": "Attribute list.",
"items": {
"$ref": "KeyValue
},
"readonly": false,
"required": true,
"type": "array"
}
},
"type": "object"
}
PrincipalIdentity (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "PrincipalIdentity",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.",
"readonly": false,
"required": false,
"title": "Id of the stored certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"deprecated": true,
"deprecation_advice": "Deprecated in favor of roles_for_paths",
"description": "The roles that are associated with this PI.",
"pattern": "^[_a-z0-9-]+$",
"readonly": false,
"required": false,
"title": "Role",
"type": "string"
},
"roles_for_paths": {
"description": "The roles that are associated with this PI, limiting them to a policy path like '/infra'. In case the path is '/', the roles apply everywhere.",
"items": {
"$ref": "RolesForPath
},
"readonly": false,
"required": false,
"title": "Roles for Paths",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
PrincipalIdentityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PrincipalIdentityList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "PrincipalIdentity list.",
"items": {
"$ref": "PrincipalIdentity
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PrincipalIdentity query result",
"type": "object"
}
PrincipalIdentityWithCertificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PrincipalIdentity
},
"id": "PrincipalIdentityWithCertificate",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.",
"readonly": false,
"required": false,
"title": "Id of the stored certificate",
"type": "string"
},
"certificate_pem": {
"description": "PEM encoding of the new certificate.",
"readonly": false,
"required": true,
"title": "PEM encoding of the new certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"deprecated": true,
"deprecation_advice": "Deprecated in favor of roles_for_paths",
"description": "The roles that are associated with this PI.",
"pattern": "^[_a-z0-9-]+$",
"readonly": false,
"required": false,
"title": "Role",
"type": "string"
},
"roles_for_paths": {
"description": "The roles that are associated with this PI, limiting them to a policy path like '/infra'. In case the path is '/', the roles apply everywhere.",
"items": {
"$ref": "RolesForPath
},
"readonly": false,
"required": false,
"title": "Roles for Paths",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ProcessInformation (type)
{
"description": "Describes a process detail informaiton.",
"id": "ProcessInformation",
"module_id": "ShaApplianceMonitor",
"properties": {
"command": {
"description": "Display the command line used to start the process.",
"title": "Display process command",
"type": "string"
},
"cpu_usage": {
"description": "The process's share of the elapsed CPU time since the last screen update, expressed as a percentage of total CPU time.",
"title": "CPU usage",
"type": "number"
},
"memory_usage": {
"description": "A process's currently used share of available physical memory.",
"title": "Memory usage",
"type": "number"
},
"nice_value": {
"description": "A negative nice value means higher priority, whereas a positive nice value means lower priority. Zero in this field simply means priority will not be adjusted in determining a process's dispatch-ability.",
"title": "The nice value of the process",
"type": "string"
},
"process_id": {
"description": "Display the process id.",
"title": "Process id",
"type": "string"
},
"resident_memory_size": {
"description": "The non-swapped physical memoery a task is using.",
"title": "Resident Memory Size (MB)",
"type": "number"
},
"shared_memory_size": {
"description": "The amount of shared memory available to a process, not all of which is typically resident. It simply reflects memory that could be potentially shared with other processes.",
"title": "Shared Memory Size (MB)",
"type": "number"
},
"user": {
"description": "Display the process user.",
"title": "Process user",
"type": "string"
},
"virtual_memory_size": {
"description": "The total amount of virtual memory used by the process. It includes all code, data and shared libraries plus pages that have been swapped out and pages that have been mapped but not used.",
"title": "Virtual Memory Size (MB)",
"type": "number"
}
},
"title": "Process information",
"type": "object"
}
ProductType (type)
{
"additionalProperties": false,
"description": "Type of a product.",
"id": "ProductType",
"module_id": "FileUploadFramework",
"properties": {
"product": {
"description": "Name of the appliance for which upload is performed.",
"enum": [
"SAMPLE",
"ALB_CONTROLLER",
"INTELLIGENCE"
],
"required": true,
"title": "Name of the appliance",
"type": "string"
}
},
"title": "Type of product",
"type": "object"
}
ProfileBindingListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProfileBindingListRequestParameters",
"module_id": "PolicyProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Profile binding map list request parameters",
"type": "object"
}
ProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between profile and policy entities.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ProfileBindingMap",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy base profile binding map",
"type": "object"
}
ProfileSeverity (type)
{
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"SUSPICIOUS"
],
"id": "ProfileSeverity",
"module_id": "PolicyIDS",
"title": "Intrusion Detection System Profile severity",
"type": "string"
}
ProfileSupportedAttributeTypesResult (type)
{
"additionalProperties": false,
"id": "ProfileSupportedAttributeTypesResult",
"module_id": "PolicyContextProfile",
"properties": {
"attribute_types": {
"items": {
"type": "string"
},
"readonly": true,
"title": "List of ProfileSupportedAttributes types",
"type": "array"
}
},
"title": "Context Profile SupportedAttributes Types",
"type": "object"
}
ProfileSupportedAttributesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProfileSupportedAttributesListRequestParameters",
"module_id": "PolicyContextProfile",
"properties": {
"attribute_key": {
"description": "It fetches attributes and subattributes for the given attribute key supported in the system which can be used for Policy Context Profile creation.",
"required": false,
"title": "Fetch attributes and sub-attributes for the given attribute key",
"type": "string"
},
"attribute_source": {
"default": "SYSTEM",
"description": "It fetches attributes and sub attributes for the given attribute key based on the source of attribute which can be used for Policy Context Profile creation.",
"enum": [
"ALL",
"CUSTOM",
"SYSTEM"
],
"required": false,
"title": "Source of the attribute, System Defined or custom",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Profile Attributes list request parameters.",
"type": "object"
}
ProfileType (type)
{
"enum": [
"FirewallSessionTimerProfile",
"FirewallCpuMemThresholdsProfile",
"GiServiceProfile",
"FirewallFloodProtectionProfile",
"FirewallDnsProfile",
"LatencyStatProfile",
"SHAProfile",
"IpDiscoverySwitchingUpmProfile",
"SystemHealthPluginProfile",
"GeneralSecuritySettingsProfile",
"IpfixSwitchUpmProfile",
"IpfixCollectorUpmProfile",
"PaceHostConfigProfile",
"CommonAgentHostConfigProfile",
"OdsProfile",
"OdsDynamicProfile"
],
"id": "ProfileType",
"module_id": "Common",
"title": "Profile type of the ServiceConfig",
"type": "string"
}
ProgressItem (type)
{
"id": "ProgressItem",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Item description",
"type": "string"
},
"name": {
"required": true,
"title": "Name of the item",
"type": "string"
},
"parts": {
"items": {
"$ref": "ProgressItemPart
},
"title": "Finer details, usually there is only one part",
"type": "array"
}
},
"type": "object"
}
ProgressItemPart (type)
{
"id": "ProgressItemPart",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Description of the process",
"type": "string"
},
"error": {
"required": false,
"title": "Error message, if ran into error",
"type": "string"
},
"name": {
"required": true,
"title": "Name of the process",
"type": "string"
},
"percentage": {
"required": true,
"title": "0 - 100 of the task being completed",
"type": "integer"
},
"status": {
"enum": [
"RUNNING",
"ERROR",
"COMPLETE"
],
"required": true,
"title": "Status of this process",
"type": "string"
}
},
"type": "object"
}
Project (type)
{
"additionalProperties": false,
"description": "Project is a construct that provides network isolation for all its contents out of the box, where the compute and networking elements within are isolated from other Projects. The Project will also be used to provide hybridity across on-prem datacenters and the cloud, thus providing a means of building private clouds with elements both on-prem and in the cloud. The project can be created by users with Org Admin role and read access to Tier0s and Edge clusters. Read access to Tier0s and Edge clusters can be achieved by either associating the user with another role with the required permissions (say Auditor), or by sharing the Tier0s and Edge clusters with the Org before creating the project. The project can also be created by users with Enterprise Admin role without explicit sharing of Tier0s and Edge clusters.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Project",
"module_id": "PolicyProject",
"policy_hierarchical_children": [
"ChildVpc"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"activate_default_dfw_rules": {
"description": "By default, Project is created with default distributed firewall rules, this flag allows to deactivate those default rules . If not set, the default rules are enabled. The system will expect the API user to pass this flag as \"false\" when the system is not entitled to distributed firewall.",
"nsx_feature": "LicenseDistinctCheck",
"required": false,
"title": "Activate the default DFW rules for the Project",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"dedicated_resources": {
"$ref": "DedicatedResources,
"required": false
},
"default": {
"description": "true - the project is a default project. Default projects are non-editable, system create ones.",
"readonly": true,
"required": false,
"title": "Flag to indicate that the project is a default project",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_ipv4_blocks": {
"description": "IP block used for allocating CIDR blocks for public subnets. IP block can be consumed by all the VPCs under this project. CIDR that must be unique across Org/provider and will be auto advertised up to Org/Provider Tier0 gateway.",
"items": {
"type": "string"
},
"required": false,
"title": "PolicyPath of public ip block",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_EXTERNAL_IPV4BLOCK_RELATIONSHIP",
"rightType": [
"IpAddressBlock"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"short_id": {
"description": "Defaults to id if id is less than equal to 8 characters or defaults to random generated id if not set.",
"maxLength": 8,
"title": "Identifier to use when displaying project context in logs",
"type": "string"
},
"site_infos": {
"description": "Information related to sites applicable for given Project. For on-prem deployment, only 1 is allowed.",
"items": {
"$ref": "SiteInfo
},
"maxItems": 16,
"required": false,
"title": "Collection of Site information",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier_0s": {
"description": "The tier 0 path or label of type Tier0 has to be pre-created before Project is created. The tier 0 typically provides connectivity to external world. List of sites for Project has to be subset of sites where the tier 0 spans. Label should have reference of Tier0 path.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of Tier 0s path or label associated with this Project.",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_TIER0_RELATIONSHIP",
"rightType": [
"Tier0"
]
},
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_TIER0_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vc_folder": {
"nsx_feature": "VCFolder",
"required": false,
"title": "Flag to specify whether the DVPGs created for project segments are grouped under a folder on the VC.",
"type": "boolean"
}
},
"title": "Policy Project",
"type": "object"
}
ProjectDeleteRequestParameters (type)
{
"description": "Project Delete Request parameters",
"id": "ProjectDeleteRequestParameters",
"module_id": "PolicyProject",
"properties": {
"is_recursive": {
"default": false,
"description": "true - Delete entire project tree including all its children. This is very similar to HAPI delete. false - Delete will not include project's children. If project has any children then delete will fail.",
"required": false,
"title": "Recursively delete entire project tree.",
"type": "boolean"
}
},
"title": "Policy Project Delete Request Parameters",
"type": "object"
}
ProjectListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProjectListRequestParameters",
"module_id": "PolicyProject",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"instance_id": {
"required": false,
"title": "Instance id of NSX+ where to route this request to.",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy PROJECT list request parameters",
"type": "object"
}
ProjectListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ProjectListResult",
"module_id": "PolicyProject",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Project
},
"required": true,
"title": "PROJECT list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of PROJECT",
"type": "object"
}
ProjectRequestParameters (type)
{
"description": "Project Request parameters",
"id": "ProjectRequestParameters",
"module_id": "PolicyProject",
"properties": {
"short_format": {
"default": false,
"description": "true - result in short format i.e. only id, path and display_name of the listed projects, false - descriptive result with all properties of the projects being listed.",
"required": false,
"title": "Project API response is brief or descriptive",
"type": "boolean"
}
},
"title": "Policy Project Request Parameters",
"type": "object"
}
ProjectRouteFilter (type)
{
"additionalProperties": false,
"description": "Project route filter to control routes advertised from Project's Tier1 Gateway to Tier0 Gateway. If project route filter configured for project then match_prefix_list must permit prefixes including public blocks for route advertisement from Tier1 gateway and VPC. Project route filter can only be configured by Enterprise Admin in case of LM and Org Admin or EA in case of NSX+.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ProjectRouteFilter",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"match_prefix_list": {
"description": "Policy path to prefixList to filter routes advertised from Tier1 Gateway.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": true,
"title": "Policy path to PrefixList",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"projects_list": {
"description": "Prefix list will be applied to all Tier-1s and VPCs under the specified list of project Paths. Project cannot be part of multiple route filter configurations.",
"items": {
"type": "string"
},
"required": true,
"title": "List of project paths",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Project route filter",
"type": "object"
}
ProjectRouteFilterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProjectRouteFilterListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy project route filter list request parameters",
"type": "object"
}
ProjectRouteFilterListResult (type)
{
"additionalProperties": false,
"description": "Collection of Policy project route filter.",
"extends": {
"$ref": "ListResult
},
"id": "ProjectRouteFilterListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Project route filters results",
"items": {
"$ref": "ProjectRouteFilter
},
"required": true,
"title": "Collection of Policy project route filters",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy project route filter",
"type": "object"
}
PropertyItem (type)
{
"additionalProperties": false,
"description": "Represents a label-value pair.",
"id": "PropertyItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the property will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "Represents field value of the property.",
"maxLength": 1024,
"required": true,
"title": "Field of the Property",
"type": "string"
},
"heading": {
"default": false,
"description": "Set to true if the field is a heading. Default is false.",
"title": "If true, represents the field as a heading",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "If a field represents a heading, then label is not needed",
"title": "Label of the property"
},
"label_value_separator": {
"description": "Label value separator used between label and value. It can be any separator like \":\" or \"-\".",
"title": "Labale value separator used between label and value",
"type": "string"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. This will be linked with value of the property.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Render configuration to be applied, if any.",
"items": {
"$ref": "RenderConfiguration
},
"title": "Render Configuration",
"type": "array"
},
"rowspan": {
"description": "Represent the vertical span of the widget / container",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"separator": {
"default": false,
"description": "If true, separates this property in a widget.",
"title": "A separator after this property",
"type": "boolean"
},
"span": {
"description": "Represent the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"style": {
"description": "A style object applicable for the property item. It could be the any padding, margin style sheet applicable to the property item. A 'style' property is supported in case of layout 'AUTO' only.",
"title": "A Style object applicable for the Property Item",
"type": "object"
},
"type": {
"default": "String",
"description": "Data type of the field.",
"enum": [
"String",
"Number",
"Date",
"Url"
],
"maxLength": 255,
"required": true,
"title": "field data type",
"type": "string"
}
},
"title": "LabelValue Property",
"type": "object"
}
Protocol (type)
{
"abstract": true,
"additionalProperties": {},
"id": "Protocol",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "name"
},
"properties": {
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
}
},
"type": "object"
}
ProtocolVersion (type)
{
"additionalProperties": false,
"id": "ProtocolVersion",
"module_id": "ApiServiceConfig",
"properties": {
"enabled": {
"required": true,
"title": "Enable status for this protocol version",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the TLS protocol version",
"type": "string"
}
},
"title": "HTTP protocol version",
"type": "object"
}
Proxy (type)
{
"description": "Type to define the Proxy configuration.",
"extends": {
"$ref": "ManagedResource
},
"id": "Proxy",
"module_id": "ProxyConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Certificate ID with a valid certificate, procured from trust-management API. If the scheme property is set to HTTPS, certificate_id is verified if specified.",
"required": false,
"title": "Valid certificate ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Flag to indicate if proxy is enabled. When set to true, a scheme, host and port must be provided.",
"required": true,
"title": "Flag to indicate if proxy is enabled.",
"type": "boolean"
},
"host": {
"description": "Specify the fully qualified domain name, or ip address, of the proxy server.",
"format": "hostname-or-ip",
"required": true,
"title": "FQDN or IP address of the proxy server",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Specify the password used to authenticate with the proxy server, if required.",
"required": false,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"port": {
"description": "Specify the port of the proxy server.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Configured port for proxy",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scheme": {
"description": "The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.",
"enum": [
"HTTP",
"HTTPS"
],
"required": true,
"title": "The scheme accepted by the proxy server",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"test_connection_url": {
"default": "https://www.vmware.com",
"description": "Specify a url for connection testing when adding proxy config. https://www.vmware.com is used by default if not specified.",
"required": false,
"title": "Test connection url",
"type": "string"
},
"username": {
"description": "Specify the user name used to authenticate with the proxy server, if required.",
"required": false,
"title": "User name",
"type": "string"
}
},
"title": "Proxy Configuration",
"type": "object"
}
PublicClientInfo (type)
{
"additionalProperties": false,
"description": "Parameters needed to specify a PKCE OAuth2 client.",
"id": "PublicClientInfo",
"module_id": "ApplianceModes",
"properties": {
"base_url": {
"description": "Protocol and domain name (or IP address) of CSP, for e.g., https://console.cloud.vmware.com.",
"required": true,
"title": "CSP base URL",
"type": "string"
},
"client_id": {
"description": "The client-id to use with CSP, identified with base_url.",
"required": true,
"title": "The client-id to use with CSP",
"type": "string"
},
"default_org_id": {
"description": "The org id for this client-id, typically a UUID.",
"required": true,
"title": "The org id for this client-id",
"type": "string"
},
"ea_org_id": {
"description": "The symbolic org id for enterprise admins.",
"required": true,
"title": "The symbolic org id for enterprise admins",
"type": "string"
},
"gss_org_id": {
"description": "The symbolic org id for GSS (Global Support Services).",
"required": true,
"title": "The symbolic org id for GSS (Global Support Services)",
"type": "string"
},
"redirect_uris": {
"description": "The set of redirect URI's configured for this client_id.",
"items": {
"type": "string"
},
"required": true,
"title": "The set of redirect URI's configured for this client_id",
"type": "array"
},
"sre_org_id": {
"description": "The symbolic org id SRE (Site Reliability Engineer).",
"required": true,
"title": "The symbolic org id for SRE (Site Reliability Engineer)",
"type": "string"
}
},
"title": "Information for a PKCE OAuth2 client",
"type": "object"
}
PublicCloudGatewayNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "EdgeNode
},
"id": "PublicCloudGatewayNode",
"module_id": "FabricNode",
"nsx_feature": "PublicCloud",
"polymorphic-type-descriptor": {
"type-identifier": "PublicCloudGatewayNode"
},
"properties": {
"allocation_list": {
"description": "List of logical router ids to which this edge node is allocated.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Allocation list",
"type": "array"
},
"deployment_config": {
"$ref": "EdgeNodeDeploymentConfig,
"description": "When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP.",
"required": false,
"title": "Config for automatic deployment of edge node virtual machine."
},
"deployment_type": {
"$ref": "EdgeDeploymentType,
"readonly": true,
"required": false
},
"description": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'description' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Discovered IP Addresses of the fabric node, version 4 or 6",
"type": "array"
},
"display_name": {
"can_sort": true,
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'display_name' must be used instead. For HostNode, this field defaults to ID if not set. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": false,
"title": "ID of the Node maintained on the Node and used to recognize the Node",
"type": "string"
},
"fqdn": {
"readonly": true,
"required": false,
"title": "Fully qualified domain name of the fabric node",
"type": "string"
},
"id": {
"can_sort": true,
"description": "Unique identifier of this resource.",
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.",
"items": {
"$ref": "IPAddress
},
"required": false,
"title": "IP Addresses of the Node, version 4 or 6",
"type": "array"
},
"node_settings": {
"$ref": "EdgeNodeSettings,
"description": "Reports the current configuration of host name, SSH and servers configured for DNS, syslog, NTP. The settings are configured as part of automatic deployment of edge virtual machine. The settings are editable.",
"required": true,
"title": "Current configuration on edge node."
},
"resource_type": {
"help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'",
"required": true,
"title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'",
"type": "string"
},
"tags": {
"deprecated": true,
"description": "This field is deprecated. TransportNode field 'tags' must be used instead. For EdgeNode and PublicCloudGatewayNode, this field is ignored if specified in request payload.",
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
QoSBaseRateLimiter (type)
{
"abstract": true,
"id": "QoSBaseRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enabled": {
"required": true,
"type": "boolean"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A Limiter configuration entry that specifies type and metrics",
"type": "object"
}
QoSDscp (type)
{
"description": "Dscp value is ignored in case of 'TRUSTED' DscpTrustMode.",
"id": "QoSDscp",
"module_id": "PolicyQoS",
"properties": {
"mode": {
"$ref": "DscpTrustMode
},
"priority": {
"default": 0,
"maximum": 63,
"minimum": 0,
"title": "Internal Forwarding Priority",
"type": "int"
}
},
"required": true,
"title": "One of QoS or Encapsulated-Remote-Switched-Port-Analyzer",
"type": "object"
}
QoSProfile (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "QoSProfile",
"module_id": "PolicyQoS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"class_of_service": {
"description": "Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic. If the field is not provided during PUT / PATCH call, a default value is assigned.",
"maximum": 7,
"minimum": 0,
"required": false,
"title": "Class of service",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dscp": {
"$ref": "QoSDscp
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"shaper_configurations": {
"description": "Array of Rate limiter configurations to applied on Segment or Port.",
"items": {
"$ref": "QoSBaseRateLimiter
},
"maxItems": 3,
"minItems": 0,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"qos segment profile"
],
"type": "object"
}
QoSProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "QoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base QoS Profile Binding Map",
"type": "object"
}
QoSProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "QoSProfileListRequestParameters",
"module_id": "PolicyQoS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "QoS Profile request parameters",
"type": "object"
}
QoSProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "QoSProfileListResult",
"module_id": "PolicyQoS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "QoSProfile
},
"required": true,
"title": "QoS profiles list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of QoS profiles",
"type": "object"
}
QosBaseRateShaper (type) (Deprecated)
{
"abstract": true,
"deprecated": true,
"id": "QosBaseRateShaper",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enabled": {
"required": true,
"type": "boolean"
},
"resource_type": {
"default": "IngressRateShaper",
"enum": [
"IngressRateShaper",
"IngressBroadcastRateShaper",
"EgressRateShaper"
],
"required": true,
"type": "string"
}
},
"title": "A shaper configuration entry that specifies type and metrics",
"type": "object"
}
QosSwitchingProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseSwitchingProfile
},
"id": "QosSwitchingProfile",
"module_id": "QosSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "QosSwitchingProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"class_of_service": {
"description": "Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic. If the field is not provided during create / update call, a default value is assigned.",
"maximum": 7,
"minimum": 0,
"required": false,
"title": "Class of service",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dscp": {
"$ref": "Dscp
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"shaper_configuration": {
"items": {
"$ref": "QosBaseRateShaper
},
"maxItems": 3,
"minItems": 0,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
QueryTunnelParameters (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "QueryTunnelParameters",
"module_id": "Tunnel",
"properties": {
"bfd_diagnostic_code": {
"enum": [
"0",
"NO_DIAGNOSTIC",
"1",
"CONTROL_DETECTION_TIME_EXPIRED",
"2",
"ECHO_FUNCTION_FAILED",
"3",
"NEIGHBOR_SIGNALED_SESSION_DOWN",
"4",
"FORWARDING_PLANE_RESET",
"5",
"PATH_DOWN",
"6",
"CONCATENATED_PATH_DOWN",
"7",
"ADMINISTRATIVELY_DOWN",
"8",
"REVERSE_CONCATENATED_PATH_DOWN"
],
"title": "BFD diagnostic code of Tunnel as defined in RFC 5880",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"encap": {
"description": "The encapsulation type of tunnel. VXLAN - tunnel with VXLAN encapsulation GENEVE - tunnel with GENEVE encapsulation UNKNOWN_ENCAP - tunnel with unknown encapsulation",
"enum": [
"UNKNOWN_ENCAP",
"GENEVE",
"VXLAN"
],
"title": "Tunnel encapsulation type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"remote_node_id": {
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"status": {
"enum": [
"UP",
"DOWN"
],
"title": "Tunnel status",
"type": "string"
}
},
"type": "object"
}
QuotaStats (type)
{
"additionalProperties": false,
"description": "'QuotaStats' provides quota resource details.",
"id": "QuotaStats",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"assigned_max_limit": {
"description": "Assigned max workload count.",
"readonly": true,
"required": false,
"title": "Assigned max workload count.",
"type": "integer"
},
"current_inventory": {
"description": "Current workload count.",
"readonly": true,
"required": false,
"title": "Current workload count.",
"type": "integer"
},
"object_type": {
"description": "Resource type name.",
"readonly": true,
"required": false,
"title": "Resource type name",
"type": "string"
},
"quota_name": {
"description": "Quota name.",
"readonly": true,
"required": false,
"title": "Quota name",
"type": "string"
},
"quota_owner_id": {
"description": "This is a UUID generated by the system for knowing whoes owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "Quota owner id assigned by the system.",
"type": "string"
},
"quota_path": {
"description": "Quota policy path.",
"readonly": true,
"required": false,
"title": "Quota policy path",
"type": "string"
}
},
"title": "Policy quota status",
"type": "object"
}
QuotaStatsListResult (type)
{
"additionalProperties": false,
"id": "QuotaStatsListResult",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"results": {
"items": {
"$ref": "QuotaStats
},
"required": true,
"title": "QuotaStats list results",
"type": "array"
}
},
"title": "Collection of QuotaStats",
"type": "object"
}
QuotaStatsPerPrefix (type)
{
"additionalProperties": false,
"id": "QuotaStatsPerPrefix",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"path_prefix": {
"description": "Path prefix for retriving the quota details.",
"title": "Path prefix for the quota details.",
"type": "string"
},
"quota_details": {
"items": {
"$ref": "QuotaStats
},
"required": true,
"title": "QuotaStats list results",
"type": "array"
}
},
"title": "Collection of QuotaStats for given path-prefix",
"type": "object"
}
QuotaStatsPerPrefixListResult (type)
{
"additionalProperties": false,
"id": "QuotaStatsPerPrefixListResult",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"results": {
"items": {
"$ref": "QuotaStatsPerPrefix
},
"required": true,
"title": "QuotaStats list results",
"type": "array"
}
},
"title": "Collection of QuotaStatsPerPrefix",
"type": "object"
}
QuotaStatsRequestParameter (type)
{
"additionalProperties": false,
"description": "Quota details will be populated in the response body for given policy resource path.",
"id": "QuotaStatsRequestParameter",
"module_id": "PolicyMultiTenancyQuota",
"properties": {
"constraint_path": {
"description": "Constraint path to retrive the quota details. Please note, when this constraint path is given, only this constraint will be considered on given path_prefix for returning the quota status. - Sample example - constraint_path=/orgs/org-1/projects/project-1/infra/constraints/constraint-1",
"required": false,
"title": "Constraint path to retrive the quota details.",
"type": "string"
},
"path_prefix": {
"description": "Path prefix for retriving the quota details. This value will be compared (exact match) with path-prefix of the quota. - Sample example - path_prefix=/orgs/org-1/projects/project-1/",
"required": true,
"title": "Path prefix for retriving the quota details.",
"type": "string"
}
},
"title": "Filter to populate quota details",
"type": "object"
}
RAConfig (type)
{
"additionalProperties": false,
"id": "RAConfig",
"module_id": "Routing",
"properties": {
"hop_limit": {
"default": 64,
"description": "The maximum number of hops through which packets can pass before being discarded.",
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Hop limit",
"type": "integer"
},
"prefix_lifetime": {
"default": 2592000,
"description": "The time interval in seconds, in which the prefix is advertised as valid.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of prefix",
"type": "integer"
},
"prefix_preferred_time": {
"default": 604800,
"description": "The time interval in seconds, in which the prefix is advertised as preferred.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Prefix preferred time",
"type": "integer"
},
"ra_interval": {
"default": 600,
"description": "Interval between 2 Router advertisement in seconds.",
"maximum": 1800,
"minimum": 4,
"required": false,
"title": "RA interval",
"type": "integer"
},
"router_lifetime": {
"default": 1800,
"description": "Router lifetime value in seconds. A value of 0 indicates the router is not a default router for the receiving end. Any other value in this field specifies the lifetime, in seconds, associated with this router as a default router.",
"maximum": 65520,
"minimum": 0,
"required": false,
"title": "Lifetime of router",
"type": "integer"
},
"router_preference": {
"$ref": "NDRAPreference,
"default": "MEDIUM",
"description": "NDRA Router preference value with MEDIUM as default. If the router_lifetime is 0, the preference must be set to MEDIUM.",
"required": false,
"title": "Router preference"
}
},
"type": "object"
}
RAMode (type)
{
"additionalProperties": false,
"description": "Router Advertisement Modes. DISABLED - RA is disabled SLAAC_DNS_THROUGH_RA - Stateless address auto-configuration RA for address and configuration SLAAC_DNS_THROUGH_DHCP - SLAAC RA for address and DHCPv6 for configuration DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - DHCPv6 for address and configurations SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP - SLAAC RA and DHCPv6 for address and configurations",
"enum": [
"DISABLED",
"SLAAC_DNS_THROUGH_RA",
"SLAAC_DNS_THROUGH_DHCP",
"DHCP_ADDRESS_AND_DNS_THROUGH_DHCP",
"SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP"
],
"id": "RAMode",
"module_id": "Routing",
"title": "Router Advertisement Mode",
"type": "string"
}
RaDNSConfig (type)
{
"additionalProperties": false,
"id": "RaDNSConfig",
"module_id": "Routing",
"properties": {
"dns_server": {
"description": "DNS server.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 8,
"required": false,
"title": "DNS server",
"type": "array"
},
"dns_server_lifetime": {
"default": 1800000,
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of DNS server in milliseconds",
"type": "integer"
},
"domain_name": {
"description": "Domain name in RA message.",
"items": {
"type": "string"
},
"maxItems": 8,
"required": false,
"title": "Domain name",
"type": "array"
},
"domain_name_lifetime": {
"default": 1800000,
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of Domain names in milliseconds",
"type": "integer"
}
},
"type": "object"
}
RateLimits (type) (Deprecated)
{
"deprecated": true,
"description": "Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type",
"id": "RateLimits",
"module_id": "SwitchSecuritySwitchingProfile",
"properties": {
"enabled": {
"default": false,
"readonly": false,
"required": false,
"title": "Whether rate limiting is enabled",
"type": "boolean"
},
"rx_broadcast": {
"default": 0,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Incoming broadcast traffic limit in packets per second",
"type": "int"
},
"rx_multicast": {
"default": 0,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Incoming multicast traffic limit in packets per second",
"type": "int"
},
"tx_broadcast": {
"default": 0,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Outgoing broadcast traffic limit in packets per second",
"type": "int"
},
"tx_multicast": {
"default": 0,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Outgoing multicast traffic limit in packets per second",
"type": "int"
}
},
"title": "Rate limiting configuration",
"type": "object"
}
RawCoreCount (type)
{
"additionalProperties": false,
"id": "RawCoreCount",
"module_id": "SecurityLicenseUsage",
"properties": {
"bare_metal_agent_cores": {
"description": "Bare metal agent cores count.",
"readonly": true,
"title": "Bare metal agent cores count",
"type": "string"
},
"compute_cores": {
"description": "Compute core count.",
"readonly": true,
"title": "Compute core count",
"type": "string"
},
"dpu_units": {
"description": "DPU units count.",
"readonly": true,
"title": "DPU units count",
"type": "string"
},
"gateway_cores": {
"description": "Edge CPU cores count.",
"readonly": true,
"title": "Edge CPU cores count",
"type": "string"
}
},
"type": "object"
}
RdPerEdgeEntry (type)
{
"id": "RdPerEdgeEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_display_name": {
"title": "display name of the edge",
"type": "string"
},
"edge_path": {
"title": "edge path",
"type": "string"
},
"rd": {
"title": "Route Distinguisher",
"type": "string"
}
},
"title": "Route Distinguisher per edge",
"type": "object"
}
RdPerEdgeMapping (type)
{
"description": "This object holds route distinguishers per edge.",
"id": "RdPerEdgeMapping",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"rd_per_edge_mapping": {
"items": {
"$ref": "RdPerEdgeEntry
},
"title": "List of Route Distinguisher per edge",
"type": "array"
}
},
"title": "Route Distinguisher per edge node",
"type": "object"
}
Reaction (type)
{
"additionalProperties": false,
"description": "Reaction represents a programmable entity which encapsulates the events and the actions in response to the events, or simply \"If This Then That\".",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Reaction",
"module_id": "PolicyReaction",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"description": "Actions that need to be taken when the events occur. These actions must appear in the order that they need to be taken in. This field can be interpreted as the HOW of the Reaction, or simply as \"Then That\".",
"items": {
"$ref": "Action
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Reaction Actions",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"events": {
"description": "Events that provide contextual variables about what the reaction should react to. This field can be interpreted as the WHAT of the Reaction, or simply as \"If This\" Clause.",
"items": {
"$ref": "Event
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Reaction Events",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Reaction",
"type": "object"
}
RealTimeConfig (type)
{
"additionalProperties": false,
"id": "RealTimeConfig",
"module_id": "InventoryCmObj",
"properties": {
"allowed": {
"description": "This flag specifies whether vSwitch RT is enabled or not in the VDS.",
"readonly": true,
"required": false,
"title": "vSwitch RT flag",
"type": "boolean"
},
"lan_annotations": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of VDS Uplinks and PRP lan Annotations.",
"type": "array"
}
},
"type": "object"
}
RealizationListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Enforcement point. The basic requirement for these kind of APIs is filtering by Enforcement point.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RealizationListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realization list request params",
"type": "object"
}
RealizationStateBarrierConfig (type)
{
"description": "The configuration data for setting the global realization state barrier",
"extends": {
"$ref": "RevisionedResource
},
"id": "RealizationStateBarrierConfig",
"module_id": "RealizationStateBarrier",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"interval": {
"description": "The interval in milliseconds used for auto incrementing the barrier number",
"minimum": 0,
"readonly": false,
"required": true,
"title": "Interval in milliseconds",
"type": "integer"
}
},
"type": "object"
}
RealizationStateQueryParameters (type)
{
"description": "Query parameters that allow checking the realization status of logical entities such as firewall rules and sections.",
"id": "RealizationStateQueryParameters",
"module_id": "RealizationState",
"properties": {
"barrier_id": {
"deprecated": true,
"description": "The system checks to ensure that the logical entity is realized or not at least at the given barrier number. This parameter has been deprecated. Please use request_id instead.",
"minimum": 0,
"readonly": false,
"required": false,
"type": "integer"
},
"request_id": {
"description": "Passing a request_id allows you to check if the changes to a logical entity made in a particular API request have been realized or not. The request_id is returned from each API request in the X-NSX-REQUESTID header. For example, to check if a change to a firewall rule has been realized, save the X-NSX-REQUESTID header value returned from the PUT /api/v1/firewall/sections/<section-id>/rules/<rule-id> call, then add ?request_id=<id> to the GET /api/v1/firewall/rules/<rule-id>/state API call.",
"readonly": false,
"required": false,
"title": "Realization request ID",
"type": "string"
}
},
"title": "Realization state request query parameters",
"type": "object"
}
RealizedEnforcementPoint (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedEnforcementPoint",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"realized_firewalls": {
"$ref": "RealizedFirewalls,
"readonly": true,
"required": false,
"title": "Root of Realized Firewalls"
},
"realized_groups": {
"$ref": "RealizedGroups,
"readonly": true,
"required": false,
"title": "Root of Realized Groups"
},
"realized_services": {
"$ref": "RealizedServices,
"readonly": true,
"required": false,
"title": "Root of Realized Services"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Enforcement Point",
"type": "object"
}
RealizedEnforcementPointListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedEnforcementPointListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized enforcement point list request parameters",
"type": "object"
}
RealizedEnforcementPointListResult (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListResult
},
"id": "RealizedEnforcementPointListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RealizedEnforcementPoint,
"title": "Enforcement point list result"
},
"required": false,
"title": "Paged Collection of Enforcement Point's",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RealizedFirewall (type)
{
"abstract": true,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedFirewall",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedFirewallSection"
],
"required": true,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized firewall",
"type": "object"
}
RealizedFirewallRule (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedFirewallRule",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Action enforced on the packets which matches the firewall rule.",
"enum": [
"ALLOW",
"DROP",
"REJECT"
],
"readonly": true,
"required": false,
"title": "Action",
"type": "string"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Destination List",
"type": "array"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless firewall rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": true,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"description": "Flag to deactivate rule. Deactivated will only be persisted but never provisioned/realized.",
"readonly": true,
"required": false,
"title": "Rule activate/deactivate flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"services": {
"description": "List of the services. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Service List",
"type": "array"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": true,
"required": false,
"title": "Source List",
"type": "array"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Firewall Rule",
"type": "object"
}
RealizedFirewallSection (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "RealizedFirewall
},
"id": "RealizedFirewallSection",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "RealizedFirewallSection"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedFirewallSection"
],
"required": true,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"rules": {
"description": "List of firewall rules in the section.",
"items": {
"$ref": "RealizedFirewallRule
},
"readonly": true,
"required": false,
"title": "List of the firewall rules",
"type": "array"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"section_type": {
"description": "Type of the rules which a section can contain.",
"enum": [
"LAYER2",
"LAYER3"
],
"readonly": true,
"required": false,
"title": "Section Type",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Firewall section",
"type": "object"
}
RealizedFirewallSectionListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedFirewallSectionListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized firewall section list request parameters",
"type": "object"
}
RealizedFirewallSectionListResult (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListResult
},
"id": "RealizedFirewallSectionListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RealizedFirewallSection,
"title": "Firewall list results"
},
"readonly": true,
"required": false,
"title": "Paged Collection of firewall sections",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RealizedFirewalls (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedFirewalls",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"realized_firewalls": {
"items": {
"$ref": "RealizedFirewall
},
"readonly": true,
"required": false,
"title": "list of realized firewalls",
"type": "array"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized firewalls",
"type": "object"
}
RealizedGroup (type)
{
"abstract": true,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedGroup",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedNSGroup",
"RealizedSecurityGroup"
],
"required": true,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized group",
"type": "object"
}
RealizedGroups (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedGroups",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"realized_groups": {
"items": {
"$ref": "RealizedGroup
},
"readonly": true,
"required": false,
"title": "list of realized groups",
"type": "array"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized groups",
"type": "object"
}
RealizedIPSetListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedIPSetListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized IPSet list request parameters",
"type": "object"
}
RealizedLogicalPort (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedLogicalPort",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"logical_port_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port",
"type": "string"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The Operational status of the logical port",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Logical Port",
"type": "object"
}
RealizedLogicalSwitch (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedLogicalSwitch",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"logical_switch_id": {
"readonly": true,
"required": false,
"title": "Id of the logical switch",
"type": "string"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"transport_zone_id": {
"readonly": true,
"required": false,
"title": "Transport zone identifier",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Logical Switch",
"type": "object"
}
RealizedMACSetListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedMACSetListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized MACSet list request parameters",
"type": "object"
}
RealizedNSGroup (type)
{
"experimental": true,
"extends": {
"$ref": "RealizedGroup
},
"id": "RealizedNSGroup",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "RealizedNSGroup"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evaluations": {
"description": "Reference to the evaluated members of the NSGroup.",
"items": {
"$ref": "RealizedNSGroupMemberEvaluation
},
"maxItems": 500,
"readonly": true,
"required": false,
"title": "Evaluated members of NSGroup",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedNSGroup",
"RealizedSecurityGroup"
],
"required": true,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Network and Security Group",
"type": "object"
}
RealizedNSGroupListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedNSGroupListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized NSGroup list request parameters",
"type": "object"
}
RealizedNSGroupMemberEvaluation (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedNSGroupMemberEvaluation",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"logical_ports": {
"items": {
"$ref": "RealizedLogicalPort
},
"readonly": true,
"required": false,
"title": "list of logical ports",
"type": "array"
},
"logical_switches": {
"items": {
"$ref": "RealizedLogicalSwitch
},
"readonly": true,
"required": false,
"title": "list of logical switches",
"type": "array"
},
"member_count": {
"readonly": true,
"required": false,
"title": "Count of the members added to this NSGroup",
"type": "integer"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"virtual_machines": {
"items": {
"$ref": "RealizedVirtualMachine
},
"readonly": true,
"required": false,
"title": "list of virtual machines",
"type": "array"
}
},
"title": "Realized NSGroup member evaluation",
"type": "object"
}
RealizedNSService (type)
{
"experimental": true,
"extends": {
"$ref": "RealizedService
},
"id": "RealizedNSService",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "RealizedNSService"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedNSService"
],
"required": true,
"title": "Realized services",
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"service_type": {
"enum": [
"SERVICE",
"SERVICE_GROUP"
],
"readonly": true,
"required": false,
"title": "Realized nsservice type",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized NSService",
"type": "object"
}
RealizedPathRequestParameter (type)
{
"description": "Realized path for which state/realized entities would be fetched.",
"id": "RealizedPathRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"realized_path": {
"description": "Realized path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the realized object",
"type": "string"
}
},
"title": "Parameter to filter realized entities by realized path",
"type": "object"
}
RealizedSecurityGroup (type)
{
"experimental": true,
"extends": {
"$ref": "RealizedGroup
},
"id": "RealizedSecurityGroup",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "RealizedSecurityGroup"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evaluations": {
"description": "Reference to the evaluted members of the Security Group.",
"items": {
"$ref": "RealizedSecurityGroupMemberEvaluation
},
"maxItems": 500,
"readonly": true,
"required": false,
"title": "Evaluated members of Security Group",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedNSGroup",
"RealizedSecurityGroup"
],
"required": true,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Network and Security Group",
"type": "object"
}
RealizedSecurityGroupListRequestParameters (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RealizedSecurityGroupListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized Security Group list request parameters",
"type": "object"
}
RealizedSecurityGroupListResult (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ListResult
},
"id": "RealizedSecurityGroupListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RealizedSecurityGroup,
"title": "Security Group list results"
},
"readonly": true,
"required": false,
"title": "Paged Collection of realized Security Groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RealizedSecurityGroupMemberEvaluation (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedSecurityGroupMemberEvaluation",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"member_count": {
"readonly": true,
"required": false,
"title": "Count of the members added to this Security Group",
"type": "integer"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"virtual_machines": {
"items": {
"$ref": "RealizedVirtualMachine
},
"readonly": true,
"required": false,
"title": "list of virtual machines",
"type": "array"
}
},
"title": "Realized Security Group member evaluation",
"type": "object"
}
RealizedService (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedService",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"RealizedNSService"
],
"required": true,
"title": "Realized services",
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Service",
"type": "object"
}
RealizedServices (type)
{
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedServices",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"realized_services": {
"items": {
"$ref": "RealizedService
},
"readonly": true,
"required": false,
"title": "List of realized services",
"type": "array"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized services",
"type": "object"
}
RealizedStateRequestParameter (type)
{
"description": "Request parameter that represents a binding between an intent path and enforcement point path. A request on the realized state can be parameterized with this pair and will be evaluted as follows: - {intent_path}: the request is evaluated on all enforcement points for the given intent. - {intent_path, enforcement_point_path}: the request is evaluated only on the given enforcement point for the given intent.",
"id": "RealizedStateRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the intent object",
"type": "string"
}
},
"title": "Binding between Intent and Enforcement Point Paths",
"type": "object"
}
RealizedVirtualMachine (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedVirtualMachine",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"compute_ids": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_id": {
"readonly": true,
"required": false,
"title": "Id of the host on which the vm exists.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"local_id_on_host": {
"readonly": true,
"required": false,
"title": "Id of the vm unique within the host.",
"type": "string"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"deprecated": true,
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"deprecated": true,
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"power_state": {
"enum": [
"VM_RUNNING",
"VM_STOPPED",
"VM_SUSPENDED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current power state of this virtual machine in the system.",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"publish_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "This is the time when our system detects that data has been pushed to the transport nodes. This is based on a poll mechanism and hence this is not the accurate time when the intent was published at the data path. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the publish_time will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for publish_time",
"readonly": true,
"title": "Publish time of the intent"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_taken_for_realization": {
"description": "This is an approximate time taken for the realization of the intent to the data path. The actual time taken could be lesser than what is reported here. The value of -1 indicates that either the publishing is still in progress or the runtime status is UNKNOWN and hence not available. The Runtime status can be UNKNOWN if one or more hosts are down and the rules could not be sent to those hosts. When the host comes up, the runtime status will change to SUCCESS but the time taken for realization will show the value of the last realization time. Any new configuration change after this will start reflecting the proper value for time_taken_for_realization",
"title": "Appoximate time taken in milliseconds for end to end realization.",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Virtual Machine",
"type": "object"
}
RealizedVirtualMachineListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RealizedVirtualMachineListRequestParameters",
"module_id": "PolicyGroupStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realized Virtual Machine list request parameters",
"type": "object"
}
RealizedVirtualMachineListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RealizedVirtualMachineListResult",
"module_id": "PolicyGroupStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RealizedVirtualMachine,
"title": "Virtual machine list result"
},
"required": false,
"title": "Paged Collection of VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RecommendedFeaturePermission (type)
{
"id": "RecommendedFeaturePermission",
"module_id": "AAA",
"properties": {
"recommended_permissions": {
"items": {
"type": "string"
},
"required": true,
"title": "Permission",
"type": "array"
},
"src_features": {
"items": {
"type": "string"
},
"required": true,
"title": "List of source features",
"type": "array"
},
"target_feature": {
"required": true,
"title": "Feature",
"type": "string"
}
},
"title": "Recommended Feature Permission",
"type": "object"
}
RecommendedFeaturePermissionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RecommendedFeaturePermissionListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RecommendedFeaturePermission
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RedirectionPolicy (type)
{
"additionalProperties": false,
"description": "Ordered list of rules long with the path of PolicyServiceInstance to which the traffic needs to be redirected. | Please note that the scope property must be provided for NS redirection | policy if redirect to is a service chain. For NS, when redirect to is not | to the service chain, and scope is specified on RedirectionPolicy, it | will be ignored. The scope will be determined from redirect to path | instead. For EW policy, scope must not be supplied in the request. | Path to either Tier0 or Tier1 is allowed as the scope. Only 1 path | can be specified as a scope. | Also, note that, if stateful flag is not sent, it will be treated as true. If statelessness is intended, false must be sent explicitly as the value | for stateful field.",
"extends": {
"$ref": "Policy
},
"id": "RedirectionPolicy",
"module_id": "PolicyServiceInsertion",
"policy_hierarchical_children": [
"ChildRedirectionRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"north_south": {
"description": "This is the read only flag which will state the direction of this | redirection policy. True denotes that it is NORTH-SOUTH and false | value means it is an EAST-WEST redirection policy.",
"readonly": true,
"title": "Flag to denote whether it is north south policy",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"redirect_to": {
"description": "Paths to which traffic will be redirected to. As of now, only 1 is | supported. Paths allowed are | 1. Policy Service Instance | 2. Service Instance Endpoint | 3. Virtual Endpoint | 4. Policy Service Chain",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "List of redirect to target paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_POLICY_SERVICE_INSTANCE_RELATIONSHIP",
"rightType": [
"PolicyServiceInstance"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_POLICY_SERVICE_INSTANCE_ENDPOINT_RELATIONSHIP",
"rightType": [
"ServiceInstanceEndpoint"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_VIRTUAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"VirtualEndpoint"
]
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"description": "Redirection rules that are a part of this RedirectionPolicy. At max, there can be 1000 rules in a given RedirectPolicy.",
"items": {
"$ref": "RedirectionRule
},
"maxItems": 1000,
"required": false,
"title": "Redirection rules that are a part of this RedirectionPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of rules and path to PolicyServiceInstance\n",
"type": "object"
}
RedirectionPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "RedirectionPolicyListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RedirectionPolicy
},
"required": true,
"title": "Redirection policy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Redirection Policies",
"type": "object"
}
RedirectionRule (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRule
},
"id": "RedirectionRule",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services",
"enum": [
"REDIRECT",
"DO_NOT_REDIRECT"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "It define redirection rule for service insertion",
"type": "object"
}
RedirectionRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RuleListRequestParameters
},
"id": "RedirectionRuleListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "RedirectionRule list request parameters",
"type": "object"
}
RedirectionRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "RedirectionRuleListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RedirectionRule
},
"required": true,
"title": "RedirectionRule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of RedirectionRules",
"type": "object"
}
RedistributionConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "RedistributionConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bgp_enabled": {
"default": false,
"required": false,
"title": "Flag to enable redistribution for BGP as destination protocol",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
RedistributionProtocols (type)
{
"additionalProperties": false,
"description": "Types of route to redistribute over routing protocols. STATIC type is deprecated, use T0_STATIC instead. T0_STATIC type should be used to redistribute user added static routes. NSX_CONNECTED type is deprecated, use T0_CONNECTED instead. For backward compatibility when NSX_CONNECTED is selected, we will redistribute downlink port subnets for TIER0 LR. T0_CONNECTED type should be used to redistribute all port subnets including uplink, downlink, CSP and loopback for TIER0 LR. NSX_STATIC type is deprecated, use T1_STATIC instead. For backward compatibility when NSX_STATIC is selected, we will redistribute static, CSP and downlink port subnets advertised by TIER1 LR. T1_STATIC type should be used to redistribute static subnets advertised by TIER1 LR. T0_UPLINK type should be used to redistribute uplink port subnets on TIER0 LR. T0_DOWNLINK type should be used to redistribute downlink port subnets on TIER0 LR. T0_ROUTER_LINK type should be used to redistribute router link port subnets on TIER0 LR T0_CSP type should be used to redistribute centralised service port subnets on TIER0 LR. T0_LOOPBACK type should be used to redistribute loopback port subnets on TIER0 LR. T0_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder subnets on TIER0 LR. T0_IPSEC_LOCAL_IP type should be used to redistribute IPSec subnets on TIER0 LR. TIER0_NAT type is deprecated, use T0_NAT instead. T0_NAT type should be used to redistribute NAT IPs owned by TIER0 logical router. TIER1_NAT type is deprecated, use T1_NAT instead. T1_NAT type should be used to redistribute NAT IP subnets advertised by TIER1 LR. TIER1_LB_VIP type is deprecated,use T1_LB_VIP instead. T1_LB_VIP type should be used to redistribute LB VIP IP subnets advertised by TIER1 LR. TIER1_LB_SNAT type is deprecated, use T1_NAT instead. T1_LB_SNAT type should be used to redistribute LB SNAT IP subnets advertised by TIER1 LR. T1_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder subnets advertised by TIER1 LR. T1_CONNECTED type should be used to redistribute downlink and CSP port subnets advertised by TIER1 LR. T1_DOWNLINK type should be used to redistribute downlink port subnets advertised by TIER1 LR. T1_CSP type should be used to redistribute centralised service port subnets advertised by TIER1 LR. BGP type should be used to redistribute routes learned via BGP. T1_IPSEC_LOCAL_IP type should be used to redistribute IPSec VPN local endpoint subnets advertised by TIER1 LR. T0_EVPN_TEP_IP type should be used to redistribute EVPN local endpoint subnets on Tier0 LR.",
"enum": [
"STATIC",
"T0_STATIC",
"NSX_CONNECTED",
"T0_CONNECTED",
"NSX_STATIC",
"T1_STATIC",
"T0_UPLINK",
"T0_DOWNLINK",
"T0_ROUTER_LINK",
"T0_CSP",
"T0_LOOPBACK",
"T0_DNS_FORWARDER_IP",
"T0_IPSEC_LOCAL_IP",
"TIER0_NAT",
"T0_NAT",
"TIER1_NAT",
"T1_NAT",
"TIER1_LB_VIP",
"T1_LB_VIP",
"TIER1_LB_SNAT",
"T1_LB_SNAT",
"T1_DNS_FORWARDER_IP",
"T1_CONNECTED",
"T1_DOWNLINK",
"T1_CSP",
"BGP",
"T1_IPSEC_LOCAL_IP",
"T0_EVPN_TEP_IP"
],
"id": "RedistributionProtocols",
"module_id": "Routing",
"title": "Redistribution Protocols",
"type": "string"
}
RedistributionRule (type)
{
"additionalProperties": false,
"id": "RedistributionRule",
"module_id": "Routing",
"properties": {
"address_family": {
"default": "IPV4_AND_IPV6",
"enum": [
"IPV4",
"IPV6",
"IPV4_AND_IPV6"
],
"readonly": true,
"required": false,
"title": "Address family for Route Redistribution",
"type": "string"
},
"description": {
"maxLength": 1024,
"required": false,
"title": "Description",
"type": "string"
},
"destination": {
"$ref": "RedistributionProtocols,
"required": false,
"title": "Destination redistribution protocol"
},
"display_name": {
"maxLength": 255,
"required": false,
"title": "Display name",
"type": "string"
},
"route_map_id": {
"required": false,
"title": "RouteMap Id for the filter",
"type": "string"
},
"sources": {
"items": {
"$ref": "RedistributionProtocols
},
"required": true,
"title": "Array of redistribution protocols",
"type": "array"
}
},
"type": "object"
}
RedistributionRuleList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "RedistributionRuleList",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"default": [],
"items": {
"$ref": "RedistributionRule
},
"maxItems": 5,
"minItems": 0,
"required": false,
"title": "List of redistribution rules.\nUser needs to re-order rules to change the priority.\n",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
RegTokenQuery (type)
{
"id": "RegTokenQuery",
"module_id": "RegistrationTokenEndPoint",
"properties": {
"token": {
"description": "Get roles from registration token",
"required": true,
"sensitive": true,
"title": "Registration token",
"type": "string"
}
},
"title": "Registration token",
"type": "object"
}
RegistrationToken (type)
{
"id": "RegistrationToken",
"module_id": "RegistrationTokenEndPoint",
"properties": {
"roles": {
"items": {
"type": "string"
},
"required": true,
"title": "List results",
"type": "array"
},
"token": {
"required": true,
"sensitive": true,
"title": "Access token",
"type": "string"
},
"user": {
"required": false,
"title": "User delegated by token",
"type": "string"
}
},
"title": "Appliance registration access token",
"type": "object"
}
RelatedApiError (type)
{
"id": "RelatedApiError",
"module_id": "Common",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
}
},
"title": "Detailed information about a related API error",
"type": "object"
}
RelatedAttribute (type)
{
"additionalProperties": false,
"description": "Related attribute on the target resource for conditional constraints based on related attribute value. Example - destinationGroups/service/action is related attribute of sourceGroups in communcation entry.",
"id": "RelatedAttribute",
"module_id": "PolicyConstraints",
"properties": {
"attribute": {
"required": true,
"title": "Related attribute name on the target entity.",
"type": "string"
}
},
"title": "Related attribute details.",
"type": "object"
}
RelatedAttributeConditionalExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level type expression to express constraint as value of realted attribute to the target. Example - Constraint traget attribute 'X' (example in Constraint), if destinationGroups contains 'vCeneter' then allow only values \"HTTPS\", \"HTTP\" for attribute X. { \"target\":{ \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"services\", \"path_prefix\": \"/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/\" }, \"constraint_expression\": { \"resource_type\": \"RelatedAttributeConditionalExpression\", \"related_attribute\":{ \"attribute\":\"destinationGroups\" }, \"condition\" : { \"operator\":\"INCLUDES\", \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\"], \"value_constraint\": { \"resource_type\": \"ValueConstraintExpression\", \"operator\":\"INCLUDES\", \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"] } } } }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "RelatedAttributeConditionalExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "RelatedAttributeConditionalExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"$ref": "ConditionalValueConstraintExpression,
"description": "Conditional value expression for target based on realted attribute value.",
"required": true,
"title": "Conditiona value constraint expression."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"related_attribute": {
"$ref": "RelatedAttribute,
"required": true,
"title": "Related attribute."
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the leaf level type expression to express constraint as\nvalue of realted attribute to the target. Uses\nConditionalValueConstraintExpression to constrain the target value\nbased on the related attribute value on the same resource.\n",
"type": "object"
}
RemainingSupportBundleNode (type)
{
"additionalProperties": false,
"id": "RemainingSupportBundleNode",
"properties": {
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"node_ip": {
"readonly": true,
"required": true,
"title": "IPv4 address of node",
"type": "string"
},
"node_ipv6": {
"readonly": true,
"required": true,
"title": "IPv6 address of node",
"type": "string"
},
"status": {
"enum": [
"PENDING",
"PROCESSING"
],
"readonly": true,
"required": true,
"title": "Status of node",
"type": "string"
}
},
"type": "object"
}
RemoteBundleUrl (type)
{
"additionalProperties": false,
"description": "URL of remote bundle which needs to be uploaded.",
"id": "RemoteBundleUrl",
"module_id": "FileUploadFramework",
"properties": {
"url": {
"description": "URL for uploading remote bundle",
"readonly": false,
"required": true,
"title": "URL of remote bundle",
"type": "string"
}
},
"title": "URL of remote bundle",
"type": "object"
}
RemoteFileServer (type)
{
"additionalProperties": false,
"id": "RemoteFileServer",
"module_id": "BackupConfiguration",
"properties": {
"directory_path": {
"pattern": "^\\/[\\w\\-.\\+~\\/]+$",
"required": true,
"title": "Remote server directory to copy bundle files to",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.directory_path_pattern.message"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "FileTransferProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote file server",
"type": "object"
}
RemoteServerFingerprint (type)
{
"additionalProperties": false,
"id": "RemoteServerFingerprint",
"module_id": "BackupConfiguration",
"properties": {
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"title": "Remote server",
"type": "object"
}
RemoteServerFingerprintRequest (type)
{
"additionalProperties": false,
"id": "RemoteServerFingerprintRequest",
"module_id": "BackupConfiguration",
"properties": {
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote server",
"type": "object"
}
RemoteSiteCompatibilityInfo (type)
{
"id": "RemoteSiteCompatibilityInfo",
"module_id": "SiteManagerModule",
"properties": {
"is_compatible": {
"title": "are the 2 sites compatible",
"type": "boolean"
},
"local_site": {
"$ref": "SiteCompatibilityInfo,
"title": "local site compatibility"
},
"remote_site": {
"$ref": "SiteCompatibilityInfo,
"title": "remote site compatibility"
}
},
"type": "object"
}
RemoteSiteCredential (type)
{
"description": "Contains the information needed to communicate with another site.",
"id": "RemoteSiteCredential",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"required": true,
"title": "Address of the site (IPv4:port)",
"type": "string"
},
"password": {
"required": true,
"sensitive": true,
"title": "Password of the site",
"type": "string"
},
"thumbprint": {
"required": true,
"sensitive": true,
"title": "Sha256 thumbprint of API certificate of the remote site",
"type": "string"
},
"username": {
"required": true,
"title": "Username of the site",
"type": "string"
}
},
"title": "Credential of remote site",
"type": "object"
}
RemoteTransportNodeStatusParametersWithDataSource (type)
{
"description": "Query parameters that may be used to select which transport nodes status to return in a query. The tunnel_status and bfd_diagnostic_code parameters are ANDed together if both are provided.",
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "RemoteTransportNodeStatusParametersWithDataSource",
"module_id": "Heatmap",
"properties": {
"bfd_diagnostic_code": {
"description": "The BFD diagnostic code of Tunnel as defined in RFC 5880. If specified, only the status for transport nodes connected via tunnels having the specified BFD diagnostic code are returned.",
"enum": [
"0",
"NO_DIAGNOSTIC",
"1",
"CONTROL_DETECTION_TIME_EXPIRED",
"2",
"ECHO_FUNCTION_FAILED",
"3",
"NEIGHBOR_SIGNALED_SESSION_DOWN",
"4",
"FORWARDING_PLANE_RESET",
"5",
"PATH_DOWN",
"6",
"CONCATENATED_PATH_DOWN",
"7",
"ADMINISTRATIVELY_DOWN",
"8",
"REVERSE_CONCATENATED_PATH_DOWN"
],
"title": "BFD diagnostic code of Tunnel",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_dfw_heap_stats": {
"default": false,
"description": "If true, DFW heap stats information will be returned in API",
"required": false,
"title": "Include DFW Heap stats information",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"tunnel_status": {
"description": "If specified, only the status for transport nodes connected via tunnels having the specified tunnel status are returned.",
"enum": [
"UP",
"DOWN"
],
"title": "Tunnel Status",
"type": "string"
}
},
"type": "object"
}
RemoteTunnelEndpoint (type)
{
"extends": {
"$ref": "Endpoint
},
"id": "RemoteTunnelEndpoint",
"module_id": "TransportNode",
"properties": {
"default_gateway": {
"$ref": "IPAddress,
"readonly": true,
"title": "Gateway IP"
},
"device_name": {
"readonly": true,
"title": "Name of the virtual tunnel endpoint",
"type": "string"
},
"ip": {
"$ref": "IPAddress,
"description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.",
"readonly": true,
"title": "IP Address of this virtual tunnel endpoint"
},
"ipv6": {
"$ref": "IPv6EndPoint,
"nsx_feature": "L2Ipv6",
"readonly": true,
"required": false,
"title": "IPv6 endpoint"
},
"label": {
"readonly": true,
"required": false,
"title": "Unique label for this Endpoint",
"type": "int"
},
"mac": {
"$ref": "MACAddress,
"readonly": true,
"title": "MAC address"
},
"subnet_mask": {
"$ref": "IPAddress,
"readonly": true,
"title": "Subnet mask"
},
"vlan": {
"$ref": "VlanID,
"readonly": true,
"title": "Vlan id"
}
},
"title": "Remote tunnel endpoint",
"type": "object"
}
RemoteTunnelEndpointConfigState (type)
{
"id": "RemoteTunnelEndpointConfigState",
"module_id": "TransportNode",
"properties": {
"endpoints": {
"items": {
"$ref": "RemoteTunnelEndpoint
},
"readonly": true,
"title": "List of remote tunnel endpoints which are configured on this node",
"type": "array"
}
},
"title": "Remote tunnel endpoint configuration state",
"type": "object"
}
RemoteTunnelStatistics (type)
{
"additionalProperties": false,
"id": "RemoteTunnelStatistics",
"module_id": "AggSvcInterSite",
"properties": {
"rx": {
"$ref": "InterSitePortCounters,
"description": "Total received data from remote tunnel.",
"readonly": true,
"title": "Received data counters"
},
"tunnel_destination_address": {
"$ref": "IPAddress,
"description": "Ip address of remote tunnel destination.",
"readonly": true,
"title": "Remote tunnel destination address"
},
"tunnel_source_address": {
"$ref": "IPAddress,
"description": "Ip address of remote tunnel source.",
"readonly": true,
"title": "Remote tunnel source address"
},
"tx": {
"$ref": "InterSitePortCounters,
"description": "Total sent data to remote tunnel.",
"readonly": true,
"title": "Sent data counters"
}
},
"type": "object"
}
RemoteTunnelStatisticsPerSite (type)
{
"additionalProperties": false,
"id": "RemoteTunnelStatisticsPerSite",
"module_id": "AggSvcInterSite",
"properties": {
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"required": true,
"title": "Remote site"
},
"rx": {
"$ref": "InterSitePortCounters,
"description": "Total received data from remote site.",
"readonly": true,
"title": "Received data counters"
},
"stats_per_tunnel": {
"description": "Statistics per remote tunnel.",
"items": {
"$ref": "RemoteTunnelStatistics
},
"readonly": true,
"title": "Statistics per remote tunnel",
"type": "array"
},
"tx": {
"$ref": "InterSitePortCounters,
"description": "Total sent data to remote site.",
"readonly": true,
"title": "Sent data counters"
}
},
"type": "object"
}
RenderConfiguration (type)
{
"additionalProperties": false,
"description": "Render configuration to be applied to the widget.",
"id": "RenderConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"color": {
"description": "The color to use when rendering an entity. For example, set color as 'RED' to render a portion of donut in red.",
"title": "Color of the entity",
"type": "string"
},
"condition": {
"description": "If the condition is met then the rendering specified for the condition will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"display_value": {
"description": "If specified, overrides the field value. This can be used to display a meaningful value in situations where field value is not available or not configured.",
"maxLength": 255,
"title": "Overridden value to display, if any",
"type": "string"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"minItems": 0,
"title": "Icons",
"type": "array"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the UI element if the condition is met.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
}
},
"title": "Render Configuration",
"type": "object"
}
ReorderMigrationRequest (type)
{
"additionalProperties": false,
"id": "ReorderMigrationRequest",
"module_id": "Migration",
"properties": {
"id": {
"readonly": false,
"required": true,
"title": "id of the migration unit group/migration unit before/after which the migration unit group/migration unit is to be placed",
"type": "string"
},
"is_before": {
"default": true,
"readonly": false,
"required": false,
"title": "flag indicating whether the migration unit group/migration unit is to be placed before or after the specified migration unit group/migration unit",
"type": "boolean"
}
},
"type": "object"
}
ReorderRequest (type)
{
"additionalProperties": false,
"id": "ReorderRequest",
"module_id": "Upgrade",
"properties": {
"id": {
"readonly": false,
"required": true,
"title": "id of the upgrade unit group/upgrade unit before/after which the upgrade unit group/upgrade unit is to be placed",
"type": "string"
},
"is_before": {
"default": true,
"readonly": false,
"required": false,
"title": "flag indicating whether the upgrade unit group/upgrade unit is to be placed before or after the specified upgrade unit group/upgrade unit",
"type": "boolean"
}
},
"type": "object"
}
RepoSyncStatusReport (type)
{
"id": "RepoSyncStatusReport",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"failure_code": {
"description": "In case of repo sync related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case if repo sync fails due to some issue, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the repo sync operation on the single nsx-manager",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"FAILED",
"SUCCESS"
],
"required": true,
"title": "Repository Synchronization Status",
"type": "string"
},
"status_message": {
"description": "Describes the steps which repo sync operation is performing currently.",
"required": false,
"title": "Status message",
"type": "string"
}
},
"type": "object"
}
RequiredTransportNodeIdParameters (type)
{
"extends": {
"$ref": "DataSourceParameters
},
"id": "RequiredTransportNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
ReservationInfo (type)
{
"description": "CPU and Memory resource configuration is defined per Edge VM form factor. These resources are reserved 100 percent by default with Normal VM importance. Resource reservation tuning provides a means to optimize resource utilization and workaround hard resource limits. This solution should be used as a temporary workaround. It is recommended to add more resources to the compute cluster and change the reservation back to 100 percent for optimal performance.",
"id": "ReservationInfo",
"module_id": "FabricNode",
"properties": {
"cpu_reservation": {
"$ref": "CPUReservation,
"description": "Specify a reservation if you need to guarantee that the minimum required amount of CPU is always available for the virtual machine.",
"required": false,
"title": "Guaranteed minimum allocation of CPU resources."
},
"memory_reservation": {
"$ref": "MemoryReservation,
"description": "Specify a reservation if you need to guarantee that the minimum required amount of memory is always available for the virtual machine.",
"required": false,
"title": "Guaranteed minimum allocation of memory resources."
}
},
"type": "object"
}
ResetIdsStatsRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents an enforcement point path and category. A request on statistics can be parameterized with this enforcement point path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point.",
"extends": {
"$ref": "StatisticsRequestParameters
},
"id": "ResetIdsStatsRequestParameters",
"module_id": "PolicyIDSStats",
"properties": {
"category": {
"default": "IDPSDFW",
"description": "Aggregation statistic category to perform reset operation. If not provided it will be considered as IDPSDFW.",
"enum": [
"IDPSDFW",
"IDPSEDGE"
],
"required": false,
"title": "Aggregation statistic category",
"type": "string"
},
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Reset Statistics Request Parameters",
"type": "object"
}
ResetNodeUserOwnPasswordProperties (type)
{
"additionalProperties": false,
"id": "ResetNodeUserOwnPasswordProperties",
"properties": {
"old_password": {
"description": "If the old_password is not given, a 400 BAD REQUEST is returned with an error message.",
"required": true,
"sensitive": true,
"title": "The old password of the user",
"type": "string"
},
"password": {
"required": true,
"sensitive": true,
"title": "The new password for user",
"type": "string"
}
},
"type": "object"
}
ResetStatsParameters (type)
{
"id": "ResetStatsParameters",
"module_id": "FirewallStatsRule",
"properties": {
"category": {
"description": "Aggregation statistic category to perform reset operation.",
"enum": [
"L3DFW",
"L3EDGE",
"L3BRIDGEPORT"
],
"required": true,
"title": "Aggregation statistic category",
"type": "string"
}
},
"type": "object"
}
ResetStatsRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents an enforcement point path and category. A request on statistics can be parameterized with this enforcement point path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point.",
"extends": {
"$ref": "StatisticsRequestParameters
},
"id": "ResetStatsRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"category": {
"description": "Aggregation statistic category to perform reset operation.",
"enum": [
"DFW",
"EDGE"
],
"required": true,
"title": "Aggregation statistic category",
"type": "string"
},
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Reset Statistics Request Parameters",
"type": "object"
}
Resource (type)
{
"abstract": true,
"id": "Resource",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "Base class for resources",
"type": "object"
}
ResourceAllocation (type) (Deprecated)
{
"deprecated": true,
"description": "Specify limit, shares and reservation for all kinds of traffic. Values for limit and reservation are expressed in percentage. And for shares, the value is expressed as a number between 1-100. The overall reservation among all traffic types should not exceed 75%. Otherwise, the API request will be rejected.",
"id": "ResourceAllocation",
"module_id": "NiocProfile",
"nsx_feature": "Nioc",
"properties": {
"limit": {
"default": -1.0,
"description": "The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API.",
"maximum": 100,
"minimum": -1,
"required": true,
"title": "Maximum bandwidth percentage",
"type": "number"
},
"reservation": {
"default": 0.0,
"maximum": 75,
"minimum": 0,
"required": true,
"title": "Minimum guaranteed bandwidth percentage",
"type": "number"
},
"shares": {
"default": 50,
"maximum": 100,
"minimum": 1,
"required": true,
"title": "Shares",
"type": "int"
},
"traffic_type": {
"$ref": "HostInfraTrafficType,
"required": true,
"title": "Resource allocation traffic type"
}
},
"title": "Resource allocation information for a host infrastructure traffic type",
"type": "object"
}
ResourceAssignment (type)
{
"description": "Amount of memory and CPU allocated to the Edge VM.",
"id": "ResourceAssignment",
"module_id": "FabricNode",
"properties": {
"cpu_count": {
"description": "CPU count.",
"minimum": 0,
"readonly": true,
"required": false,
"title": "CPU count.",
"type": "int"
},
"memory_allocation_in_mb": {
"description": "Memory allocation in MB.",
"minimum": 0,
"readonly": true,
"required": false,
"title": "Memory allocation in MB.",
"type": "int"
}
},
"type": "object"
}
ResourceFieldPointer (type)
{
"additionalProperties": false,
"description": "Resource Field Pointer representing the exact value within a policy object.",
"id": "ResourceFieldPointer",
"module_id": "PolicyReaction",
"properties": {
"field_pointer": {
"description": "Field Pointer referencing the exact field within the policy object.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"path": {
"description": "Policy Path referencing a policy object. If not supplied, the field pointer will be applied to the event source.",
"title": "Resource Path",
"type": "string"
}
},
"title": "Resource Field Pointer",
"type": "object"
}
ResourceInfo (type)
{
"additionalProperties": false,
"description": "It represents the resource information which could identify resource.",
"id": "ResourceInfo",
"module_id": "PolicyTag",
"properties": {
"resource_ids": {
"description": "It will represent resource identifiers. For example, policy objects will be represented with paths and virtual machine will be represented with external ids.",
"items": {
"type": "string"
},
"required": true,
"title": "Resource identifiers",
"type": "array"
},
"resource_type": {
"description": "It will represent resource type on which tag bulk operation to be performed. Supported resource type is VirtualMachine.",
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "Represents resources information",
"type": "object"
}
ResourceInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ResourceInfoListResult",
"module_id": "PolicyFineTuning",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFineTuningResourceInfo
},
"required": true,
"title": "Resource info list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of resource info objects",
"type": "object"
}
ResourceInfoSearchParameters (type)
{
"additionalProperties": false,
"description": "This object presents additional search capabilities over any API through free text query string. e.g. type=\"FirewallRuleDto\".",
"experimental": true,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ResourceInfoSearchParameters",
"module_id": "PolicyFineTuning",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"required": false,
"title": "Type query",
"type": "string"
}
},
"title": "Represents search object that provides additional search capabilities",
"type": "object"
}
ResourceLink (type)
{
"additionalProperties": false,
"id": "ResourceLink",
"module_id": "Common",
"properties": {
"action": {
"readonly": true,
"title": "Optional action",
"type": "string"
},
"href": {
"readonly": true,
"required": true,
"title": "Link to resource",
"type": "string"
},
"rel": {
"description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)",
"readonly": true,
"required": true,
"title": "Link relation type",
"type": "string"
}
},
"title": "A link to a related resource",
"type": "object"
}
ResourceObject (type)
{
"additionalProperties": false,
"description": "A ResourceObject contains the path and properties of the resource that needs to be shared.",
"id": "ResourceObject",
"module_id": "PolicyShare",
"properties": {
"include_children": {
"default": false,
"description": "Whether the children of the shared resource_path are shared (true) or just the entity represented by the path is shared (false). The default value is false.",
"required": false,
"title": "Denotes if the children of the shared path are also shared",
"type": "boolean"
},
"resource_path": {
"description": "Represents the path of the resource to be shared. The entity represented by this shared resources is shared with all the Orgs or Projects contexts that the Share container references.",
"required": true,
"title": "Path of the resource to be shared",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SharedResource"
],
"relationshipType": "SHARED_RESOURCE_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Policy resource object for sharing",
"type": "object"
}
ResourceOperation (type)
{
"additionalProperties": false,
"description": "Resource Operation is an Event Source that represents a resource that is being changed at very specific points of time, with regard to its interaction with dao layer.",
"extends": {
"$ref": "Source
},
"id": "ResourceOperation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ResourceOperation"
},
"properties": {
"operation_types": {
"description": "Operation types.",
"items": {
"$ref": "ResourceOperationType
},
"minItems": 1,
"required": true,
"title": "Operation Types",
"type": "array"
},
"resource_pointer": {
"description": "Regex path representing a regex expression on resources. This regex is used to identify the object(s) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.",
"required": true,
"title": "Resource Pointer",
"type": "string"
},
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Resource Operation",
"type": "object"
}
ResourceOperationType (type)
{
"additionalProperties": false,
"description": "Resource Operation Type represents a change in state of a resource with regard to the interaction with DAO layer: POST_CREATE: post-create change event. POST_UPDATE: post-update change event. PRE_DELETE: pre-delete change event.",
"enum": [
"POST_CREATE",
"POST_UPDATE",
"PRE_DELETE"
],
"id": "ResourceOperationType",
"module_id": "PolicyReaction",
"title": "Resource Operation Type",
"type": "string"
}
ResourceReference (type)
{
"description": "A weak reference to an NSX resource.",
"id": "ResourceReference",
"module_id": "Common",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
ResourceTagStatus (type)
{
"additionalProperties": false,
"description": "It represents tag operation status for a resource and details of the failure if any.",
"id": "ResourceTagStatus",
"module_id": "PolicyTag",
"properties": {
"details": {
"title": "Details about the error if any",
"type": "string"
},
"resource_display_name": {
"title": "Resource display name",
"type": "string"
},
"resource_id": {
"required": true,
"title": "Resource id",
"type": "string"
},
"tag_status": {
"enum": [
"Success",
"Error"
],
"required": true,
"title": "Status of tag apply or remove operation",
"type": "string"
}
},
"title": "Tag operation status for a resource",
"type": "object"
}
ResourceTypeTagStatus (type)
{
"additionalProperties": false,
"description": "Tag operation status for particular resource type and resource ids.",
"id": "ResourceTypeTagStatus",
"module_id": "PolicyTag",
"properties": {
"resource_tag_status": {
"description": "List of resources on which tag needs to be applied.",
"items": {
"$ref": "ResourceTagStatus
},
"title": "List of resources on which tag needs to be applied",
"type": "array"
},
"resource_type": {
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "Tag operation status for particular resource type and resource ids.",
"type": "object"
}
RestoreConfiguration (type)
{
"additionalProperties": false,
"id": "RestoreConfiguration",
"module_id": "BackupConfiguration",
"properties": {
"passphrase": {
"sensitive": true,
"title": "Passphrase used to encrypt backup files.",
"type": "secure_string"
},
"remote_file_server": {
"$ref": "RemoteFileServer,
"required": true,
"title": "The server from which backup files will be retrieved for restore."
}
},
"title": "Configuration where backup files are stored for restore",
"type": "object"
}
RestoreStep (type)
{
"id": "RestoreStep",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "Restore step description",
"type": "string"
},
"status": {
"$ref": "PerStepRestoreStatus
},
"step_number": {
"readonly": true,
"required": true,
"title": "Restore step number",
"type": "integer"
},
"value": {
"readonly": true,
"required": true,
"title": "Restore step value",
"type": "string"
}
},
"title": "Restore step info",
"type": "object"
}
RevisionedResource (type)
{
"abstract": true,
"extends": {
"$ref": "Resource
},
"id": "RevisionedResource",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "A base class for types that track revisions",
"type": "object"
}
Role (type)
{
"id": "Role",
"module_id": "AAA",
"properties": {
"role": {
"description": "Short identifier for the role. Must be all lower case with no spaces.",
"pattern": "^[_a-z0-9-]+$",
"required": true,
"title": "Role identifier",
"type": "string"
},
"role_display_name": {
"description": "A short, human-friendly display name of the role.",
"required": false,
"title": "Display name for role",
"type": "string"
}
},
"title": "Role",
"type": "object"
}
RoleAssignmentPermissionConfig (type)
{
"description": "Configuration that controls whether project admins and VPC admins can do role assignment to other users.",
"id": "RoleAssignmentPermissionConfig",
"module_id": "AAA",
"properties": {
"allow_role_assignment": {
"required": false,
"title": "Specifies whether user with this role is allowed to assign roles to other users.",
"type": "boolean"
}
},
"title": "Role Assignment Permission config.",
"type": "object"
}
RoleBinding (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "RoleBinding",
"module_id": "AAA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"identity_source_id": {
"description": "The ID of the external identity source that holds the referenced external entity. Currently, only external LDAP and OIDC servers are allowed.",
"required": false,
"title": "ID of the external identity source",
"type": "string"
},
"identity_source_type": {
"default": "VIDM",
"enum": [
"VIDM",
"LDAP",
"OIDC",
"CSP"
],
"required": false,
"title": "Identity source type",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "User/Group's name",
"type": "string"
},
"read_roles_for_paths": {
"description": "Set this property to true to cause the user's role definition to be read from the roles_for_paths property. Set it to false to cause the user's role definition to be read from the roles property.",
"readonly": false,
"required": false,
"title": "Read from roles_for_paths instead of roles",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"roles": {
"deprecated": true,
"deprecation_advice": "This property is deprecated in favour of roles_for_paths.",
"items": {
"$ref": "Role
},
"readonly": true,
"required": false,
"title": "Roles",
"type": "array"
},
"roles_for_paths": {
"description": "The roles that are associated with the user, limiting them to a path. In case the path is '/', the roles apply everywhere i.e. it is same as the deprecated property roles.",
"items": {
"$ref": "RolesForPath
},
"readonly": false,
"required": false,
"title": "Roles for Paths",
"type": "array"
},
"stale": {
"description": "Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings",
"enum": [
"TRUE",
"FALSE",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Stale in vIDM",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"description": "Indicates the type of the user. remote_user - This is a user which is external to NSX. remote_group - This is a group of users which is external to NSX. local_user - This is a user local to NSX. These are linux users. principal_identity - This is a principal identity user. remote - The the principal is remote but whether it is a user or group is not known. Currently this is applicable only to LDAP identity_source_type.",
"enum": [
"remote_user",
"remote_group",
"local_user",
"principal_identity",
"remote"
],
"readonly": true,
"required": true,
"title": "Type",
"type": "string"
},
"user_id": {
"description": "Local user's numeric id on the system.",
"readonly": true,
"required": false,
"title": "Local user's numeric id",
"type": "string"
}
},
"title": "User/Group's role binding",
"type": "object"
}
RoleBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleBindingListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RoleBinding
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RoleBindingRequestParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of users/groups.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "RoleBindingRequestParameters",
"module_id": "AAA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"identity_source_id": {
"description": "If provided, only return role bindings for the given identity source. Currently only supported for LDAP and OIDC identity source types.",
"required": false,
"title": "Identity source ID",
"type": "string"
},
"identity_source_type": {
"enum": [
"VIDM",
"LDAP",
"OIDC"
],
"required": false,
"title": "Identity source type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"name": {
"required": false,
"title": "User/Group name",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"path": {
"required": false,
"title": "Exact path of the context",
"type": "string"
},
"role": {
"required": false,
"title": "Role ID",
"type": "string"
},
"root_path": {
"required": false,
"title": "Prefix path of the context",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"enum": [
"remote_user",
"remote_group",
"local_user",
"principal_identity"
],
"required": false,
"title": "Type",
"type": "string"
}
},
"title": "Parameters to filter list of role bindings.",
"type": "object"
}
RoleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Role
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RoleWithFeatures (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "RoleWithFeatures",
"module_id": "AAA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "Features",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"description": "Short identifier for the role. Must be all lower case with no spaces.",
"pattern": "^[_a-z0-9-]+$",
"readonly": true,
"required": true,
"title": "Role identifier",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Role",
"type": "object"
}
RoleWithFeaturesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleWithFeaturesListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RoleWithFeatures
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RolesForPath (type)
{
"description": "The roles that are limited only to the path specified. In case the path is null, the roles apply everywhere.",
"id": "RolesForPath",
"module_id": "AAA",
"properties": {
"delete_path": {
"default": false,
"description": "Flag to delete the path in role-binding update operation. If false then path will not be deleted while updating the role-binding. If true then path will be deleted while updating the role-binding. Please note: This flag will be used only in role-binding PUT api.",
"required": false,
"title": "Flag to delete the path in role-binding update operation.",
"type": "boolean"
},
"path": {
"description": "Path of the entity in parent hierarchy.",
"readonly": false,
"required": true,
"title": "Path",
"type": "string"
},
"roles": {
"description": "Applicable roles.",
"items": {
"$ref": "Role
},
"readonly": false,
"required": true,
"title": "Roles",
"type": "array"
}
},
"title": "Roles for path",
"type": "object"
}
RolesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "RolesListRequestParameters",
"module_id": "AAA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope": {
"enum": [
"ROOT",
"ORG",
"PROJECT",
"VPC"
],
"required": false,
"title": "List only the roles which are applicable for this scope.",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Roles list request parameters",
"type": "object"
}
RollbackRequestParameters (type)
{
"description": "Rollback request parameters.",
"extends": {
"$ref": "WorkflowRequestParameters
},
"id": "RollbackRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"workflow_resource": {
"$ref": "WorkflowResource,
"description": "Workflow resource.",
"readonly": false,
"required": true,
"title": "Workflow resource"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "Rollback request parameters",
"type": "object"
}
RouteAdvertisementRule (type)
{
"additionalProperties": false,
"id": "RouteAdvertisementRule",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"default": "PERMIT",
"description": "Action to advertise filtered routes to the connected Tier0 gateway. PERMIT: Enables the advertisment DENY: Disables the advertisement",
"enum": [
"PERMIT",
"DENY"
],
"required": true,
"title": "Action to advertise routes",
"type": "string"
},
"name": {
"description": "Display name should be unique.",
"required": true,
"title": "Display name for rule",
"type": "string"
},
"prefix_operator": {
"default": "GE",
"description": "Prefix operator to filter subnets. GE prefix operator filters all the routes with prefix length greater than or equal to the subnets configured. EQ prefix operator filter all the routes with prefix length equal to the subnets configured.",
"enum": [
"GE",
"EQ"
],
"required": false,
"title": "Prefix operator to match subnets",
"type": "string"
},
"route_advertisement_types": {
"description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.",
"items": {
"$ref": "Tier1RouteAdvertisentTypes
},
"required": false,
"title": "Enable different types of route advertisements",
"type": "array"
},
"subnets": {
"description": "Network CIDRs to be routed.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"required": false,
"title": "Network CIDRs",
"type": "array"
}
},
"title": "Route advertisement rules and filtering",
"type": "object"
}
RouteAggregationEntry (type)
{
"additionalProperties": false,
"id": "RouteAggregationEntry",
"module_id": "PolicyConnectivity",
"properties": {
"prefix": {
"description": "CIDR of aggregate address",
"format": "ip-cidr-block",
"required": true,
"title": "CIDR of aggregate address",
"type": "string"
},
"summary_only": {
"default": true,
"description": "Send only summarized route. Summarization reduces number of routes advertised by representing multiple related routes with prefix property.",
"required": false,
"title": "Send only summarized route",
"type": "boolean"
}
},
"title": "List of routes to be aggregated",
"type": "object"
}
RouteBasedIPSecVPNSession (type)
{
"additionalProperties": false,
"description": "A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"extends": {
"$ref": "IPSecVPNSession
},
"id": "RouteBasedIPSecVPNSession",
"module_id": "IPSecVPN",
"polymorphic-type-descriptor": {
"type-identifier": "RouteBasedIPSecVPNSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipsec_vpn_service_id": {
"description": "Identifier of VPN Service linked with local endpoint.",
"readonly": true,
"title": "IPSec VPN service identifier",
"type": "string"
},
"local_endpoint_id": {
"description": "Local endpoint identifier.",
"required": true,
"title": "Local endpoint identifier",
"type": "string"
},
"peer_endpoint_id": {
"description": "Peer endpoint identifier.",
"required": true,
"title": "Peer endpoint identifier",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVPNSessionResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMssClamping,
"required": false
},
"tunnel_ports": {
"description": "IP Tunnel ports.",
"items": {
"$ref": "TunnelPortConfig
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP Tunnel ports",
"type": "array"
}
},
"search_dsl_name": [
"route based ip sec vpn session (manager)"
],
"title": "Route based VPN session",
"type": "object"
}
RouteBasedIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"extends": {
"$ref": "IPSecVpnSession
},
"id": "RouteBasedIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "RouteBasedIPSecVpnSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "If true the default firewall rule Action is set to DROP, otherwise set to ALLOW. This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field.",
"required": false,
"title": "Flag to add default whitelisting Gateway Policy rule for the VTI interface.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"$ref": "IPAddress,
"description": "Public IPV4 or IPV6 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. Please note that configuring peer_address as IPv6 address is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"required": false,
"title": "IPV4 or IPV6 address of peer endpoint on remote site"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "secure_string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_interfaces": {
"description": "IP Tunnel interfaces. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"items": {
"$ref": "IPSecVpnTunnelInterface
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IP Tunnel interfaces",
"type": "array"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Route based VPN session",
"type": "object"
}
RouteBasedL3VpnSession (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.",
"extends": {
"$ref": "L3VpnSession
},
"id": "RouteBasedL3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "RouteBasedL3VpnSession"
},
"properties": {
"default_rule_logging": {
"default": false,
"description": "Indicates if logging should be enabled for the default whitelisting rule for the VTI interface.",
"required": false,
"title": "Enable logging for whitelisted rule for the VTI interface",
"type": "boolean"
},
"force_whitelisting": {
"default": false,
"description": "The default firewall rule Action is set to DROP if true otherwise set to ALLOW.",
"required": false,
"title": "Flag to add default whitelisting FW rule for the VTI interface.",
"type": "boolean"
},
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
},
"routing_config_path": {
"deprecated": true,
"description": "This is a deprecated field. Any specified value is not saved and will be ignored.",
"title": "Routing configuration policy path",
"type": "string"
},
"tunnel_subnets": {
"description": "Virtual tunnel interface (VTI) port IP subnets to be used to configure route-based L3Vpn session. A max of one tunnel subnet is allowed.",
"items": {
"$ref": "TunnelSubnet
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Virtual Tunnel Interface (VTI) IP subnets",
"type": "array",
"uniqueItems": true
}
},
"title": "Route based L3Vpn Session",
"type": "object"
}
RouteDetails (type)
{
"additionalProperties": false,
"description": "BGP route details.",
"id": "RouteDetails",
"module_id": "AggSvcLogicalRouter",
"properties": {
"as_path": {
"description": "BGP AS path attribute.",
"readonly": true,
"required": false,
"title": "AS path",
"type": "string"
},
"local_pref": {
"description": "BGP Local Preference attribute.",
"readonly": true,
"required": false,
"title": "Local preference",
"type": "integer"
},
"med": {
"description": "BGP Multi Exit Discriminator attribute.",
"readonly": true,
"required": false,
"title": "Multi Exit Discriminator",
"type": "integer"
},
"network": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address.",
"readonly": true,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop IP address.",
"readonly": true,
"required": false,
"title": "Next hop IP address"
},
"weight": {
"description": "BGP Weight attribute.",
"readonly": true,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "BGP route details",
"type": "object"
}
RouteMap (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "RouteMap",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequences": {
"items": {
"$ref": "RouteMapSequence
},
"maxItems": 1000,
"minItems": 1,
"required": true,
"title": "Ordered list of routeMap sequences",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
RouteMapEntry (type)
{
"additionalProperties": false,
"id": "RouteMapEntry",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"description": "Action for the route map entry",
"enum": [
"PERMIT",
"DENY"
],
"required": true,
"title": "Action for the route map entry",
"type": "string"
},
"community_list_matches": {
"description": "Community list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.",
"items": {
"$ref": "CommunityMatchCriteria
},
"required": false,
"title": "Community list match criteria",
"type": "array"
},
"prefix_list_matches": {
"description": "Prefix list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.",
"items": {
"type": "string"
},
"maxItems": 500,
"required": false,
"title": "Prefix list match criteria",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0RouteMap"
],
"relationshipType": "ROUTEMAP_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
},
"set": {
"$ref": "RouteMapEntrySet,
"description": "Set criteria for route map entry",
"required": false,
"title": "Set criteria for route map entry"
}
},
"title": "Route map entry",
"type": "object"
}
RouteMapEntrySet (type)
{
"additionalProperties": false,
"id": "RouteMapEntrySet",
"module_id": "PolicyConnectivity",
"properties": {
"as_path_prepend": {
"description": "AS path prepend to influence route selection.",
"required": false,
"title": "AS path prepend to influence route selection",
"type": "string"
},
"community": {
"description": "Set BGP regular or large community for matching routes. A maximum of one value for each community type separated by space. Well-known community name, community value in aa:nn (2byte:2byte) format for regular community and community value in aa:bb:nn (4byte:4byte:4byte) format for large community are supported.",
"required": false,
"title": "Set BGP community",
"type": "string"
},
"local_preference": {
"default": 100,
"description": "Local preference indicates the degree of preference for one BGP route over other BGP routes. The path with highest local preference is preferred.",
"maximum": 4294967295,
"title": "Local preference to set for matching BGP routes",
"type": "integer"
},
"med": {
"description": "Multi exit descriminator (MED) is a hint to BGP neighbors about the preferred path into an autonomous system (AS) that has multiple entry points. A lower MED value is preferred over a higher value.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Multi exit descriminator",
"type": "int"
},
"prefer_global_v6_next_hop": {
"description": "For incoming and import route_maps on receiving both v6 global and v6 link-local address for the route, prefer to use the global address as the next hop. By default, it prefers the link-local next hop.",
"required": false,
"title": "Prefer global v6 next hop over local next hop",
"type": "boolean"
},
"weight": {
"description": "Weight is used to select a route when multiple routes are available to the same network. Route with the highest weight is preferred.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Weight used to select certain path",
"type": "int"
}
},
"title": "Set criteria for route map entry",
"type": "object"
}
RouteMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RouteMapListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RouteMap
},
"required": true,
"title": "Paginated list of RouteMaps",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RouteMapSequence (type)
{
"additionalProperties": false,
"id": "RouteMapSequence",
"module_id": "Routing",
"properties": {
"action": {
"$ref": "RoutingFilterAction,
"required": true,
"title": "Action for the Sequence"
},
"match_criteria": {
"$ref": "RouteMapSequenceMatch,
"required": true,
"title": "Match Criteria for the RouteMap Sequence"
},
"set_criteria": {
"$ref": "RouteMapSequenceSet,
"required": false,
"title": "Set Criteria for the RouteMap Sequence"
}
},
"type": "object"
}
RouteMapSequenceMatch (type)
{
"additionalProperties": false,
"description": "Match sequence in route map which is used for matching routes. IP prefix lists and match community expression are mutually exclusive fields, one of them must be provided.",
"id": "RouteMapSequenceMatch",
"module_id": "Routing",
"properties": {
"ip_prefix_lists": {
"items": {
"type": "string"
},
"maxItems": 500,
"minItems": 1,
"title": "IPPrefixList Identifiers for RouteMap Sequence Match Criteria",
"type": "array"
},
"match_community_expression": {
"$ref": "CommunityMatchExpression,
"description": "It supports conjunction operator (AND) and five operators within singular community match expression (MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE, MATCH_REGEX).",
"title": "Expression to match BGP communities"
}
},
"type": "object"
}
RouteMapSequenceSet (type)
{
"additionalProperties": false,
"id": "RouteMapSequenceSet",
"module_id": "Routing",
"properties": {
"as_path_prepend": {
"required": false,
"title": "As Path Prepending to influence path selection",
"type": "string"
},
"community": {
"description": "Set normal BGP community either well-known community name or community value in aa:nn(2byte:2byte) format.",
"required": false,
"title": "Set normal BGP community",
"type": "string"
},
"large_community": {
"description": "Set large BGP community, community value shoud be in aa:bb:nn format where aa, bb, nn are unsigned integers with range [1-4294967295].",
"required": false,
"title": "Set large BGP community",
"type": "string"
},
"local_preference": {
"description": "Local preference indicates the degree of preference for one BGP route over other BGP routes. The path/route with highest local preference value is preferred/selected. If local preference value is not specified then it will be considered as 100 by default.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Local preference number",
"type": "integer"
},
"multi_exit_discriminator": {
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Multi Exit Discriminator (MED)",
"type": "integer"
},
"prefer_global_v6_next_hop": {
"default": false,
"description": "For incoming and import route_maps on receiving both v6 global and v6 link-local address for the route, prefer to use the global address as the next hop. By default, it prefers the link-local next hop.",
"required": false,
"title": "Prefer global v6 next hop over local next hop",
"type": "boolean"
},
"weight": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Weight used to select certain path",
"type": "int"
}
},
"type": "object"
}
RouterLinkRuntimeRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RouterLinkRuntimeRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point. It is mandantory for router link interface statistics and ARP-table APIs.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"tier1_path": {
"description": "Policy path of tier1.",
"required": true,
"title": "Policy path of tier1",
"type": "string"
}
},
"title": "Router link runtime status request parameters",
"type": "object"
}
RouterNexthop (type)
{
"additionalProperties": false,
"id": "RouterNexthop",
"module_id": "PolicyConnectivity",
"properties": {
"admin_distance": {
"default": 1,
"description": "Cost associated with next hop route",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Cost associated with next hop route",
"type": "int"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Next hop gateway IP address",
"required": false,
"title": "Next hop gateway IP address"
},
"scope": {
"description": "Interface path associated with current route. For example: specify a policy path referencing the IPSec VPN Session. Should not be provided while creating routes under VPC.",
"items": {
"type": "string"
},
"minItems": 1,
"required": false,
"title": "Interface path associated with current route",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"StaticRoutes"
],
"relationshipType": "PROVIDER_INTERFACE_STATIC_ROUTE_RELATIONSHIP",
"rightType": [
"IPSecVpnSession",
"Tier1Interface",
"Tier0Interface",
"Segment",
"LocaleServices",
"Tier0"
]
}
]
}
},
"title": "Next hop configuration for network",
"type": "object"
}
RoutesPerTransportNode (type)
{
"additionalProperties": false,
"description": "BGP routes per transport node.",
"id": "RoutesPerTransportNode",
"module_id": "AggSvcLogicalRouter",
"properties": {
"routes": {
"description": "Array of BGP neighbor route details for this transport node.",
"items": {
"$ref": "RouteDetails
},
"readonly": true,
"required": false,
"title": "BGP neighbor route details",
"type": "array"
},
"source_address": {
"$ref": "IPAddress,
"description": "BGP neighbor source address.",
"readonly": true,
"required": false,
"title": "BGP neighbor source address"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "Transport node id",
"type": "string"
}
},
"title": "Routes per transport node",
"type": "object"
}
RoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "RoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"component_type": {
"description": "Component type define to take the route from CCP.",
"enum": [
"DR_ROUTES"
],
"title": "Define the DR routes.",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_id": {
"description": "UUID of edge node. Edge should be member of enforcement point.",
"title": "UUID of edge node",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_prefix": {
"$ref": "IPAddressOrCIDRBlock,
"description": "IPAddress or CIDR network address to filter entries in the table.",
"title": "Network address filter parameter"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"route_source": {
"description": "Filter routes based on the source from which route is learned.",
"enum": [
"BGP",
"STATIC",
"CONNECTED",
"OSPF"
],
"title": "Filter routes based on the source from which route is learned",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
RoutingConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "RoutingConfig",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"forwarding_up_timer": {
"description": "Defines the extra time the router must wait before sending the UP notification after the first BGP session is established. Default means forward immediately. For TIER0/TIER1 logical router, default is 0. VRF logical router will set it same as parent logical router.",
"required": false,
"title": "Forwarding up timer",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
RoutingEntry (type)
{
"additionalProperties": false,
"description": "Routing table entry.",
"id": "RoutingEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"admin_distance": {
"description": "Admin distance.",
"readonly": true,
"title": "Admin distance",
"type": "int"
},
"black_hole": {
"description": "Value of this field will be true if given routes are null routes",
"readonly": true,
"required": false,
"title": "BlackHole",
"type": "boolean"
},
"interface": {
"required": false,
"title": "The policy path of the interface which is used as the next hop",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"description": "Network CIDR.",
"readonly": true,
"title": "Network CIDR",
"type": "string"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop address.",
"readonly": true,
"title": "Next hop address"
},
"next_hop_gateway": {
"required": false,
"title": "Next hop gateway path",
"type": "string"
},
"route_type": {
"description": "Route type in routing table. t0c - Tier-0 Connected t0s - Tier-0 Static b - BGP t0n - Tier-0 NAT t1s - Tier-1 Static t1c - Tier-1 Connected t1n: Tier-1 NAT t1l: Tier-1 LB VIP t1ls: Tier-1 LB SNAT t1d: Tier-1 DNS FORWARDER t1ipsec: Tier-1 IPSec isr: Inter-SR",
"readonly": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"title": "Routing table entry",
"type": "object"
}
RoutingFilterAction (type)
{
"additionalProperties": false,
"enum": [
"PERMIT",
"DENY"
],
"id": "RoutingFilterAction",
"module_id": "Routing",
"title": "Action for Filters in Routing",
"type": "string"
}
RoutingGlobalConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GlobalConfigs
},
"id": "RoutingGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "RoutingGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_changing_vdr_mac_in_use": {
"default": false,
"description": "When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has \"nested_nsx\" property being true, the MAC in \"vdr_mac_nested\" is used; otherwise the MAC in \"vdr_mac\" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose \"nested_nsx\" property is true but is in an OVERLAY transport zone, the first way is updating the \"vdr_mac\" property. The 2nd way is updating one of the OVERLAY tranport zones joined by the host switch to set \"nested_nsx\" property true which will make the host switch use the VDR MAC in \"vdr_mac_nested\". The third way is directly updating the transport node to add an OVERLAY transport zone whose \"nested_nsx\" property is true into the host switch which will also make the host switch use the VDR MAC in \"vdr_mac_nested\". If the host switch is in some OVERLAY transport zone(s) whose \"nested_nsx\" property is true, the first way is updating the \"vdr_mac_nested\" property. The 2nd way is updating all those OVERLAY tranport zones to set \"nested_nsx\" property false which will make the host switch use the VDR MAC in \"vdr_mac\". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in \"vdr_mac\". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage!",
"title": "A flag to indicate if changing the VDR MAC being used is allowed",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l3_forwarding_mode": {
"default": "IPV4_ONLY",
"description": "This setting does not restrict configuration as per other modes. But the forwarding will only work as per the mode set here.",
"enum": [
"IPV4_ONLY",
"IPV4_AND_IPV6"
],
"required": true,
"title": "L3 forwarding mode",
"type": "string"
},
"logical_uplink_mtu": {
"default": 1500,
"description": "This is the global default MTU for all the logical uplinks in a NSX domain. Currently logical uplink MTU can only be set globally and applies to the entire NSX domain. There is no option to override this value at transport zone level or transport node level. If this value is not set, the default value of 1500 will be used.",
"readonly": false,
"title": "MTU for the logical uplinks",
"type": "int"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vdr_mac": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:52",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has \"nested_nsx\" property being true.",
"title": "The MAC address of the Virtual Distributed Router (VDR) port"
},
"vdr_mac_nested": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:53",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. All transport zones in such a nested NSX system will have the \"nested_nsx\" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose \"nested_nsx\" property is true.",
"title": "The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment."
}
},
"title": "NSX global configs for Routing",
"type": "object"
}
RoutingPolicy (type)
{
"additionalProperties": false,
"description": "Routing policy details.",
"id": "RoutingPolicy",
"module_id": "LogicalRouterPorts",
"properties": {
"next_hop_prefix_lists_mappings": {
"description": "Array of next hop to prefix lists mapping.",
"items": {
"$ref": "NextHopPrefixListsMapping
},
"minItems": 1,
"required": true,
"title": "Next hop to prefix lists mappings",
"type": "array"
},
"routing_policy_type": {
"default": "PROXIMITY_ROUTING",
"description": "Routing policy type.",
"enum": [
"PROXIMITY_ROUTING"
],
"readonly": true,
"required": false,
"title": "Routing policy type",
"type": "string"
}
},
"title": "Routing policy",
"type": "object"
}
RoutingTable (type)
{
"additionalProperties": false,
"description": "Routing table.",
"id": "RoutingTable",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"count": {
"description": "Entry count.",
"readonly": true,
"title": "Entry count",
"type": "int"
},
"edge_node": {
"description": "Transport node ID.",
"readonly": true,
"title": "Transport node ID",
"type": "string"
},
"error_message": {
"description": "Routing table fetch error message, populated only if status if failure.",
"readonly": true,
"title": "Routing table fetch error.",
"type": "string"
},
"route_entries": {
"description": "Route entries.",
"items": {
"$ref": "RoutingEntry
},
"required": true,
"title": "Route entries",
"type": "array"
},
"status": {
"description": "Routing table fetch status from Transport node.",
"enum": [
"SUCCESS",
"FAILURE",
"NOT_FOUND"
],
"readonly": true,
"title": "Routing table fetch status.",
"type": "string"
}
},
"title": "Routing table",
"type": "object"
}
RoutingTableListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoutingTableListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Routes per transport node ID.",
"items": {
"$ref": "RoutingTable,
"title": "Routing table"
},
"required": false,
"title": "Paged Collection of Routes per transport node ID",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RowListField (type)
{
"additionalProperties": false,
"description": "Root of the api result set for forming rows.",
"id": "RowListField",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Short name or alias of row list field, if any. If unspecified, the row list field can be referenced by its index in the array of row list fields as $<index> (for example, $0).",
"maxLength": 255,
"title": "Alias Name",
"type": "string"
},
"path": {
"description": "JSON path to the root of the api result set for forming rows.",
"maxLength": 1024,
"required": true,
"title": "JSON path",
"type": "string"
}
},
"title": "List of fields from which rows are formed",
"type": "object"
}
RpAddressMulticastRanges (type)
{
"additionalProperties": false,
"description": "Static IPv4 multicast address and assciated multicast group ranges.",
"id": "RpAddressMulticastRanges",
"module_id": "PolicyMulticast",
"properties": {
"multicast_ranges": {
"description": "Assciated multicast group ranges configuration.",
"items": {
"$ref": "IPCIDRBlock
},
"required": false,
"title": "Assciated multicast group ranges configuration",
"type": "array"
},
"rp_address": {
"$ref": "IPAddress,
"description": "Static IPv4 multicast address configuration.",
"required": true,
"title": "Static IPv4 multicast address configuration"
}
},
"title": "Static IPv4 multicast address and assciated multicast group ranges",
"type": "object"
}
Rule (type)
{
"additionalProperties": false,
"description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "Rule",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services The JUMP_TO_APPLICATION action is only supported for rules created in the Environment category. Once a match is hit then the rule processing will jump to the rules present in the Application category, skipping all further rules in the Environment category. If no rules match in the Application category then the default application rule will be hit. This is applicable only for DFW.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"JUMP_TO_APPLICATION"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the security policy rule between the workload groups",
"type": "object"
}
RuleInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a rule w.r.t to another one in the same security policy. If the rule specified in the anchor_path belongs to another security policy an error will be thrown.",
"extends": {
"$ref": "PolicyInsertParameters
},
"id": "RuleInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule needs to be placed",
"type": "object"
}
RuleListRequestParameters (type)
{
"additionalProperties": false,
"description": "By default, if sort_by is missing, then rules will be sorted based on sequence_number and then on rule_id as second level sorting criteria.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RuleListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Rule list request parameters",
"type": "object"
}
RuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "RuleListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Rule
},
"required": true,
"title": "Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
RuleState (type)
{
"extends": {
"$ref": "DSRuleState
},
"id": "RuleState",
"module_id": "Firewall",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Pending changes to be realized.",
"items": {
"$ref": "PendingChange
},
"maxItems": 100,
"title": "List of pending changes",
"type": "array"
},
"revision_desired": {
"description": "This attribute represents revision number of rule's desired state.",
"readonly": true,
"required": false,
"title": "Desired state revision number",
"type": "integer"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
RuleStatistics (type)
{
"extends": {
"$ref": "Resource
},
"id": "RuleStatistics",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"internal_rule_id": {
"description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.",
"readonly": true,
"required": false,
"title": "NSX internal rule id",
"type": "string"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Edge FW.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum Sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of rule",
"type": "integer"
},
"rule": {
"description": "Path of the rule.",
"readonly": true,
"required": false,
"title": "Rule path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total Sessions count",
"type": "integer"
}
},
"type": "object"
}
RuleStatisticsForEnforcementPoint (type)
{
"description": "Rule statistics for a specfic enforcement point.",
"id": "RuleStatisticsForEnforcementPoint",
"module_id": "Policy",
"properties": {
"container_cluster_path": {
"description": "Rule statistics for a single container cluster",
"readonly": true,
"required": false,
"title": "Cluster container path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"enforcement_point": {
"description": "Rule statistics for a single enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"statistics": {
"$ref": "RuleStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Rule Statistics"
}
},
"title": "Rule statistics for an enforcement point",
"type": "object"
}
RuleStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RuleStatisticsListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RuleStatisticsForEnforcementPoint
},
"required": true,
"title": "RuleStatistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of rule statistics",
"type": "object"
}
RuntimeInterfaceOperationalStatus (type)
{
"id": "RuntimeInterfaceOperationalStatus",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"interface_index": {
"readonly": true,
"required": true,
"title": "Index of the interface",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"required": true,
"title": "The Operational status of the interface",
"type": "string"
}
},
"type": "object"
}
RuntimeInterfaceStatistics (type)
{
"extends": {
"$ref": "SIAggregatedDataCounterEx
},
"id": "RuntimeInterfaceStatistics",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"dropped_by_security_packets": {
"$ref": "SIPacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"interface_index": {
"readonly": true,
"required": true,
"title": "Index of the interface",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"mac_learning": {
"$ref": "SIMacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
RuntimeState (type)
{
"additionalProperties": false,
"description": "Runtime State.",
"enum": [
"UNINITIALIZED",
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED",
"SUCCESS",
"FAILURE",
"IN_PROGRESS"
],
"id": "RuntimeState",
"module_id": "PolicyRealizationStatus",
"title": "Runtime State",
"type": "string"
}
SHAPredefinedPluginProfileData (type)
{
"additionalProperties": false,
"description": "Describes a config item for System Health profile.",
"id": "SHAPredefinedPluginProfileData",
"module_id": "SystemHealthAgent",
"properties": {
"check_interval": {
"description": "The interval of plugin to check the status.",
"title": "The check interval",
"type": "integer"
},
"report_interval": {
"description": "The interval of plugin to report the status.",
"title": "The report interval",
"type": "integer"
},
"smallest_report_interval_if_change": {
"description": "The smallest report interval if the status is changed. The value of smallest_report_interval_if_change should be less than the value of report_interval",
"title": "The smallest report interval",
"type": "integer"
}
},
"title": "System Health Config Item",
"type": "object"
}
SIAggregatedDataCounter (type)
{
"id": "SIAggregatedDataCounter",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"rx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
SIAggregatedDataCounterEx (type)
{
"extends": {
"$ref": "SIAggregatedDataCounter
},
"id": "SIAggregatedDataCounterEx",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"dropped_by_security_packets": {
"$ref": "SIPacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"mac_learning": {
"$ref": "SIMacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "SIDataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
SIDataCounter (type)
{
"id": "SIDataCounter",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"dropped": {
"required": false,
"title": "The dropped packets or bytes",
"type": "integer"
},
"multicast_broadcast": {
"required": false,
"title": "The multicast and broadcast packets or bytes",
"type": "integer"
},
"total": {
"required": true,
"title": "The total packets or bytes",
"type": "integer"
}
},
"type": "object"
}
SIErrorClass (type)
{
"id": "SIErrorClass",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"error_id": {
"readonly": true,
"required": false,
"type": "integer"
},
"error_message": {
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "Error class for all the Service Insertion related errors.",
"type": "object"
}
SIExcludeList (type)
{
"description": "List of entities where Service Insertion will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es).",
"extends": {
"$ref": "DSExcludeList
},
"id": "SIExcludeList",
"module_id": "ServiceInsertionExcludeList",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"member_count": {
"description": "Total number of members present in Exclude List.",
"readonly": true,
"required": false,
"title": "Total Member Count",
"type": "integer"
},
"members": {
"description": "List of members in Exclusion List",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "Member list",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Exclusion List",
"type": "object"
}
SIExcludeListRequestParams (type)
{
"description": "Parameter used to remove member from Exclude List.",
"id": "SIExcludeListRequestParams",
"module_id": "ServiceInsertionExcludeList",
"properties": {
"object_id": {
"maxLength": 64,
"required": true,
"title": "Identifier of the object",
"type": "string"
}
},
"title": "Parameter for the exclude list",
"type": "object"
}
SIMacLearningCounters (type)
{
"id": "SIMacLearningCounters",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"mac_not_learned_packets_allowed": {
"description": "The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.",
"required": false,
"title": "Number of dispatched packets with unknown source MAC address.",
"type": "integer"
},
"mac_not_learned_packets_dropped": {
"description": "The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.",
"required": false,
"title": "Number of dropped packets with unknown source MAC address.",
"type": "integer"
},
"macs_learned": {
"required": false,
"title": "Number of MACs learned",
"type": "integer"
}
},
"type": "object"
}
SIPacketTypeAndCounter (type)
{
"id": "SIPacketTypeAndCounter",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"counter": {
"required": true,
"title": "The number of packets.",
"type": "integer"
},
"packet_type": {
"required": true,
"title": "The type of the packets",
"type": "string"
}
},
"type": "object"
}
SIPacketsDroppedBySecurity (type)
{
"id": "SIPacketsDroppedBySecurity",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"bpdu_filter_dropped": {
"required": false,
"title": "The number of packets dropped by \"BPDU filter\".",
"type": "integer"
},
"dhcp_client_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_client_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"spoof_guard_dropped": {
"items": {
"$ref": "SIPacketTypeAndCounter
},
"required": false,
"title": "The packets dropped by \"Spoof Guard\"; supported packet types are IPv4, IPv6, ARP, ND, non-IP.",
"type": "array"
}
},
"type": "object"
}
SIServiceProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SIServiceProfileListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-Insertion Services. The list has to be homogenous.",
"items": {
"$ref": "BaseServiceProfile
},
"readonly": true,
"required": true,
"title": "Service list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Insertion Service Profile List",
"type": "object"
}
SVMConfigureIssue (type)
{
"description": "Type of issue and detailed description of the issues in case of post-VM deployment configuration failure.",
"id": "SVMConfigureIssue",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"errors": {
"description": "List of errors along with details like errorId and error messages.",
"items": {
"$ref": "SIErrorClass
},
"required": false,
"title": "List of errors",
"type": "array"
},
"service_instance_id": {
"description": "The ID of service instance which was deployed.",
"required": false,
"title": "Service Instance ID",
"type": "string"
}
},
"title": "Service VM configuration issue",
"type": "object"
}
SVMDeploymentSpec (type)
{
"description": "Deployment Specs holds information required to deploy the Service-VMs.i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF(Open Virtualization Format) can be deployed, Form factor to name a few.",
"id": "SVMDeploymentSpec",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"host_type": {
"description": "Host Type on which the specified OVF can be deployed.",
"enum": [
"ESXI",
"RHELKVM",
"UBUNTUKVM"
],
"readonly": false,
"required": true,
"title": "HostType",
"type": "string"
},
"min_host_version": {
"default": "6.5",
"description": "Minimum host version supported by this ovf. If a host in the deployment cluster is having version less than this, then service deployment will not happen on that host.",
"readonly": false,
"required": false,
"title": "Minimum Host Version",
"type": "string"
},
"name": {
"description": "Deployment Spec name for ease of use, since multiple DeploymentSpec can be specified.",
"readonly": false,
"required": false,
"title": "name",
"type": "string"
},
"ovf_url": {
"description": "Location of the partner VM OVF to be deployed.",
"readonly": false,
"required": true,
"title": "OVF url",
"type": "string"
},
"service_form_factor": {
"default": "MEDIUM",
"description": "Supported ServiceInsertion Form Factor for the OVF deployment. The default FormFactor is Medium.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE"
],
"readonly": false,
"required": false,
"title": "Service Form Factor",
"type": "string"
},
"svm_version": {
"default": "1.0",
"description": "Partner needs to specify the Service VM version which will get deployed.",
"required": false,
"title": "Partner Service-VM version.",
"type": "string"
}
},
"title": "Service-VM Deployment Spec",
"type": "object"
}
SamlTokenLoginCredential (type)
{
"additionalProperties": false,
"description": "Details of saml token based credential to login to server.",
"extends": {
"$ref": "LoginCredential
},
"id": "SamlTokenLoginCredential",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "SamlTokenLoginCredential"
},
"properties": {
"credential_type": {
"description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential', 'SessionLoginCredential'.",
"required": true,
"title": "Login credential, for example username-password-thumbprint, certificate or session based, etc",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of the server.",
"readonly": false,
"required": false,
"title": "Thumbprint of the server",
"type": "string"
},
"token": {
"description": "The saml token to login to server.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "The saml token to login to server",
"type": "secure_string"
}
},
"title": "A login credential specifying saml token",
"type": "object"
}
SamplingArgument (type)
{
"abstract": true,
"id": "SamplingArgument",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "sampling_type"
},
"properties": {
"sampling_type": {
"enum": [
"FirstNSampling",
"PacketNumberSampling",
"IntervalSampling"
],
"required": true,
"title": "Sampling type",
"type": "string"
}
},
"type": "object"
}
SandboxRequestParameters (type)
{
"additionalProperties": false,
"id": "SandboxRequestParameters",
"module_id": "SandboxVisibility",
"properties": {
"intent_path": {
"description": "Intent path",
"required": false,
"title": "intent path",
"type": "string"
},
"site_path": {
"description": "Site path",
"required": false,
"title": "site path",
"type": "string"
}
},
"title": "Sandbox request parameters",
"type": "object"
}
SandboxedResource (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SandboxedResource",
"module_id": "SandboxVisibility",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_path": {
"description": "Intent path",
"title": "intent path",
"type": "string"
},
"local_entity_paths": {
"items": {
"type": "string"
},
"required": false,
"title": "Local Entity Paths",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"number_of_reference_path": {
"description": "Number of reference path",
"title": "number of reference path",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"referenced_paths": {
"items": {
"type": "string"
},
"required": false,
"title": "Referenced Paths",
"type": "array"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"require": false,
"title": "Site Id",
"type": "string"
},
"site_path": {
"description": "Site path",
"title": "site path",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Sandbox resource",
"type": "object"
}
SandboxedResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SandboxedResourceListResult",
"module_id": "SandboxVisibility",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SandboxedResource
},
"readonly": true,
"required": false,
"title": "list of sandbox resources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Sandbox resource list result",
"type": "object"
}
ScimSearchListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ScimSearchListResult",
"module_id": "CertificateManager",
"nsx_feature": "OIDC",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ScimSearchResult
},
"required": true,
"title": "Search results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SCIM search list result",
"type": "object"
}
ScimSearchRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ScimSearchRequestParameters",
"module_id": "CertificateManager",
"nsx_feature": "OIDC",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_string": {
"description": "Search for users and groups whose name or login ID begins with the given string. If the string contains any special characters such as ' ' or '/', they must be escaped by replacing the special character with '%XX', where XX is a two-digit hexadecimal number.",
"required": true,
"title": "Search filter\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SCIM search request parameters",
"type": "object"
}
ScimSearchResult (type)
{
"description": "One user or group entry in a list of SCIM search results",
"id": "ScimSearchResult",
"module_id": "CertificateManager",
"nsx_feature": "OIDC",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "User's Full Name Or User Group's Display Name",
"type": "string"
},
"domain": {
"readonly": true,
"required": true,
"title": "Domain name information",
"type": "string"
},
"name": {
"description": "The unique name of the user or group.",
"readonly": true,
"required": true,
"title": "User name or group name",
"type": "string"
},
"type": {
"enum": [
"remote_user",
"remote_group"
],
"readonly": true,
"required": true,
"title": "Type",
"type": "string"
}
},
"title": "SCIM search result",
"type": "object"
}
ScopeAssociation (type)
{
"extends": {
"$ref": "DiscoveredResourceAssociation
},
"id": "ScopeAssociation",
"module_id": "InventoryAssociations",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being configured.",
"enum": [
"VirtualMachine",
"ComputeCollection"
],
"required": true,
"title": "Type of the discovered resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External id of the discovered resource for which association is being configured.",
"required": true,
"title": "External id of the discovered resource",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope_id": {
"description": "Id of the scope that is being associated with the discovered resource.",
"required": false,
"title": "Id of the associated scope",
"type": "string"
},
"scope_type": {
"description": "Type of the scope that is being associated with the discovered resource.",
"enum": [
"VPC",
"Project"
],
"required": false,
"title": "Type of the associated scope",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Scope association for discovered resource",
"type": "object"
}
ScopeAssociationList (type)
{
"additionalProperties": false,
"id": "ScopeAssociationList",
"module_id": "InventoryAssociations",
"properties": {
"associations": {
"items": {
"$ref": "ScopeAssociation
},
"required": true,
"title": "List of scope associations for discovered resources",
"type": "array"
}
},
"type": "object"
}
ScopeAssociationListRequestParameters (type)
{
"extends": {
"$ref": "DiscoveredResourceAssociationListRequestParameters
},
"id": "ScopeAssociationListRequestParameters",
"module_id": "InventoryAssociations",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_resource_external_id": {
"description": "External id of the discovered resource for which association is being queried.",
"required": false,
"title": "External id of the discovered resource",
"type": "string"
},
"discovered_resource_type": {
"description": "Type of the discovered resource for which association is being queried.",
"enum": [
"VirtualMachine",
"ComputeCollection"
],
"required": false,
"title": "Type of the discovered resource",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope_id": {
"description": "Id of the scope the associations for which are being queried.",
"required": false,
"title": "Id of the associated scope",
"type": "string"
},
"scope_type": {
"description": "Type of the scope the associations for which are being queried.",
"enum": [
"VPC",
"Project"
],
"required": false,
"title": "Type of the associated scope",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters for scope associations for discovered resources",
"type": "object"
}
ScopeAssociationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ScopeAssociationListResult",
"module_id": "InventoryAssociations",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ScopeAssociation
},
"required": false,
"title": "List of scope associations for discovered resources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ScpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "ScpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "scp"
},
"properties": {
"authentication_scheme": {
"$ref": "PasswordAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"host_key_algorithms": {
"default": [
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521"
],
"description": "Supported host key algorithms for SSH/SFTP connection.<br /> <i>Algorithms are preferred in the order they are specified in list.</i>",
"items": {
"$ref": "HostKeyAlgorithms
},
"minItems": 1,
"required": false,
"title": "Host key algorithms",
"type": "array"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
SearchQueryRequest (type)
{
"additionalProperties": false,
"description": "Search query request.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "SearchQueryRequest",
"module_id": "Search",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"query": {
"description": "The syntax of query is described in Search API documentation.",
"required": true,
"title": "Search query",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SearchQueryRequest",
"type": "object"
}
SearchResponse (type)
{
"additionalProperties": false,
"description": "Search response",
"extends": {
"$ref": "ListResult
},
"id": "SearchResponse",
"module_id": "Search",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of records matching the search query.",
"items": {
"type": "object"
},
"readonly": true,
"title": "Search results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SearchResponse",
"type": "object"
}
SectionQueryParameters (type)
{
"extends": {
"$ref": "DSSectionQueryParameters
},
"id": "SectionQueryParameters",
"module_id": "Firewall",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete of this object to all it's child objects.",
"type": "boolean"
}
},
"title": "Section query parameters",
"type": "object"
}
SecurityCertificate (type)
{
"additionalProperties": false,
"id": "SecurityCertificate",
"properties": {
"pem_encoded": {
"description": "The certificate must include the enclosing \"-----BEGIN CERTIFICATE-----\" and \"-----END CERTIFICATE-----\"",
"display": {
"order": 1
},
"minLength": 52,
"readonly": false,
"required": true,
"title": "PEM encoded X.509 certificate",
"type": "string"
},
"ssh_public_key": {
"display": {
"order": 4
},
"readonly": true,
"type": "string"
},
"text": {
"display": {
"order": 5
},
"minLength": 52,
"readonly": true,
"title": "X.509 certificate in text form",
"type": "string"
},
"valid_from": {
"display": {
"order": 2
},
"readonly": true,
"title": "The time when the certificate starts being valid",
"type": "string"
},
"valid_to": {
"display": {
"order": 3
},
"readonly": true,
"title": "The time when the certificate stops being valid",
"type": "string"
}
},
"type": "object"
}
SecurityFeature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SecurityFeatureBase
},
"id": "SecurityFeature",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - activate the feature, false - deactivate the feture",
"required": true,
"title": "Flag to activate/deactivate",
"type": "boolean"
},
"feature": {
"$ref": "SecurityFeaturesSupported,
"required": true
}
},
"title": "T1 Security feature entity with feature details",
"type": "object"
}
SecurityFeatureBase (type)
{
"additionalProperties": false,
"id": "SecurityFeatureBase",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - activate the feature, false - deactivate the feture",
"required": true,
"title": "Flag to activate/deactivate",
"type": "boolean"
}
},
"title": "Security Feature feature entity",
"type": "object"
}
SecurityFeatureParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SecurityFeatureParameters",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"feature": {
"$ref": "SecurityFeaturesSupported
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "T1 Security Feature parameters",
"type": "object"
}
SecurityFeatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "SecurityFeature
},
"required": true,
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "T1 Security features entity with feature details",
"type": "object"
}
SecurityFeaturesSupported (type)
{
"description": "Feature to be activated/deactivated. IDPS - Intrusion Detection System TLS - Transport Layer Security Inspection MALWAREPREVENTION - Malware Prevention GFW_MULTICAST - Multicast on GFW Use any one of this to enable/disabe it.",
"enum": [
"MALWAREPREVENTION",
"IDFW",
"IDPS",
"TLS"
],
"id": "SecurityFeaturesSupported",
"module_id": "PolicyGatewaySecurityFeature",
"readonly": true,
"required": false,
"title": "Collection of T1 supported security features",
"type": "string"
}
SecurityGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs
},
"id": "SecurityGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "SecurityGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"ca_signed_only": {
"default": false,
"description": "When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. Since this check has now moved to the compliance-report, enabling this check is no longer required if the NDcPP Security alarms have been enabled.",
"title": "A flag to indicate whether the server certs are only allowed to be ca-signed.",
"type": "boolean"
},
"crl_checking_enabled": {
"default": true,
"description": "When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not.",
"title": "A flag to indicate whether the Java trust-managers check certificate revocation",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"eku_checking_enabled": {
"default": true,
"description": "When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. Since this check has now moved to the compliance-report, enabling/disabling this flag no longer has any effect when applying certificates.",
"title": "A flag to indicate whether the Extended Key Usage extension in the certificate is checked.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for security purposes, like trust store and trust manager.",
"type": "object"
}
SecurityLicenseUsageCSVRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "SecurityLicenseUsageCSVRecord",
"module_id": "SecurityLicenseUsage",
"properties": {
"dpu_core_count_all_editions": {
"readonly": true,
"title": "dpu core count all editions",
"type": "string"
},
"edge_number_of_edge_node_cpu_cores": {
"description": "Telemetry info about the 'edge_number_of_edge_node_cpu_cores'",
"readonly": true,
"title": "Number of Edge node cores",
"type": "string"
},
"host_number_of_host_node_cpu_cores": {
"description": "Telemetry info about the 'host_number_of_host_node_cpu_cores'",
"readonly": true,
"title": "Number of Host node cores",
"type": "string"
},
"intelligence_deployed": {
"description": "Telemetry info about the 'k8s_deployed'",
"readonly": true,
"title": "intelligence deployed",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"license_edition_type": {
"description": "Telemetry info about the 'license_edition_type'",
"readonly": true,
"title": "license edition types",
"type": "string"
},
"license_key": {
"description": "Telemetry info about the 'license_key'",
"readonly": true,
"title": "license keys",
"type": "string"
},
"licensed_edge_core_count_gateway_firewall": {
"readonly": true,
"title": "Licensed edge core count used by gateway firewall stateful rules",
"type": "string"
},
"licensed_edge_core_count_gateway_idps": {
"readonly": true,
"title": "Licensed edge core count gateway idps",
"type": "string"
},
"licensed_edge_core_count_gateway_mps": {
"readonly": true,
"title": "Licensed edge core count gateway idps",
"type": "string"
},
"licensed_edge_core_count_gateway_tls": {
"readonly": true,
"title": "Licensed edge core count used by gateway tls",
"type": "string"
},
"licensed_host_core_count_distributed_baremetal": {
"readonly": true,
"title": "Licensed host core count used by dfw baremetal agent",
"type": "string"
},
"licensed_host_core_count_distributed_firewall": {
"readonly": true,
"title": "Licensed host core count used by distributed firewall",
"type": "string"
},
"licensed_host_core_count_distributed_idps": {
"readonly": true,
"title": "Licensed host core count used by distributed idps",
"type": "string"
},
"licensed_host_core_count_distributed_intelligence": {
"readonly": true,
"title": "Licensed host core count used by intelligence",
"type": "string"
},
"licensed_host_core_count_distributed_intelligence_baremetal": {
"readonly": true,
"title": "Licensed host core count used by distributed intelligence baremetal feature",
"type": "string"
},
"licensed_host_core_count_distributed_ipfix": {
"readonly": true,
"title": "Licensed host core count used by dfw ipfix",
"type": "string"
},
"licensed_host_core_count_distributed_ipfix_baremetal": {
"readonly": true,
"title": "Licensed host core count used by dfw ipfix baremetal feature",
"type": "string"
},
"licensed_host_core_count_distributed_mps": {
"readonly": true,
"title": "Licensed host core count used by distributed mps",
"type": "string"
},
"licensed_host_core_count_ndr": {
"readonly": true,
"title": "Licensed host core count used by ndr",
"type": "string"
},
"licensed_total_core_count_firewall_atp_edition": {
"readonly": true,
"title": "licensed total core count on firewall atp edition",
"type": "string"
},
"licensed_total_core_count_firewall_edition": {
"readonly": true,
"title": "licensed total core count on firewall edition",
"type": "string"
},
"max_raw_core_count_per_host": {
"readonly": true,
"title": "Max raw cores count found on host.",
"type": "string"
},
"max_raw_core_count_per_socket": {
"readonly": true,
"title": "Max raw cores per socket count found on host.",
"type": "string"
},
"max_socket_count_per_host": {
"readonly": true,
"title": "Max socket count found on host.",
"type": "string"
},
"mps_number_of_dfw_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_dfw_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of dfw ids rules with custom mps profiles",
"type": "string"
},
"mps_number_of_gateway_ids_rules_with_custom_mps_profiles": {
"description": "Telemetry info about the 'mps_number_of_gateway_ids_rules_with_custom_mps_profiles'",
"readonly": true,
"title": "mps number of gateway ids rules with custom mps profiles",
"type": "string"
},
"mps_total_number_of_profiles": {
"description": "Telemetry info about the 'mps_total_number_of_profiles'",
"readonly": true,
"title": "Total number of mps custom and default profiles.",
"type": "string"
},
"napp_appliance_version": {
"description": "Telemetry info about the 'napp_appliance_version'",
"readonly": true,
"title": "napp version",
"type": "string"
},
"nsx_deployment_id": {
"description": "Telemetry info about the 'deployment_id'",
"readonly": true,
"title": "deployment id",
"type": "string"
},
"nsx_manager_version": {
"description": "Telemetry info about the 'version'",
"readonly": true,
"title": "nsx manager version",
"type": "string"
},
"nsx_site_id": {
"description": "NSX default site id.",
"readonly": true,
"title": "nsx site id",
"type": "string"
},
"nta_enabled": {
"default": "UNAVAILABLE",
"description": "true if value of any one of \"nta_detectorstate_*\" events in SSP telemetry is enabled. UNAVAILABLE if unable to get events.",
"readonly": true,
"title": "nta enabled",
"type": "string"
},
"num_edge_baremetal_at_minimum_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 8-24 cores.",
"type": "string"
},
"num_edge_baremetal_at_recommended_cores": {
"readonly": true,
"title": "Number of edge baremetals cores between 25-80 cores.",
"type": "string"
},
"num_edge_large_factor": {
"readonly": true,
"title": "Number of edges with 8 cores.",
"type": "string"
},
"num_edge_medium_factor": {
"readonly": true,
"title": "Number of edges with 4 cores.",
"type": "string"
},
"num_edge_small_factor": {
"readonly": true,
"title": "Number of edges with 2 cores.",
"type": "string"
},
"num_edge_xlarge_factor": {
"readonly": true,
"title": "Number of edges with 16 cores.",
"type": "string"
},
"number_of_dfw_rules": {
"description": "Telemetry info about the 'number_of_dfw_rules'",
"readonly": true,
"title": "number of dfw rules",
"type": "string"
},
"number_of_firewall_rules": {
"description": "Telemetry info about the 'number_of_firewall_rules'. This includes DFW, edge and bridge rules.",
"readonly": true,
"title": "number of firewall rules",
"type": "string"
},
"number_of_ids_gateway_rules": {
"description": "Telemetry info about the 'number_of_ids_gateway_rules'",
"readonly": true,
"title": "number of ids gateway rules",
"type": "string"
},
"number_of_ids_security_policies": {
"description": "Telemetry info about the 'number_of_ids_security_policies'",
"readonly": true,
"title": "number of ids security policies",
"type": "string"
},
"number_of_nsgroups": {
"description": "Telemetry info about the 'number_of_nsgroup'",
"readonly": true,
"title": "number of NSGroup",
"type": "string"
},
"number_of_prepared_hosts": {
"description": "Telemetry info about the 'number_of_prepared_hosts'",
"readonly": true,
"title": "number of prepared hosts",
"type": "string"
},
"number_of_tier_0_gateways": {
"description": "Telemetry info about the 'tier0_gateways'",
"readonly": true,
"title": "number of tier 0 gateways",
"type": "string"
},
"number_of_tier_1_gateways": {
"description": "Telemetry info about the 'tier1_gateways'",
"readonly": true,
"title": "count of number of vms used by this feature",
"type": "string"
},
"number_of_virtual_machines": {
"description": "Telemetry info about the 'number_of_virtual_machines'",
"readonly": true,
"title": "number of virtual machines",
"type": "string"
},
"raw_edge_core_count_gateway_firewall": {
"readonly": true,
"title": "Raw edge core count used by gateway firewall stateful rules",
"type": "string"
},
"raw_edge_core_count_gateway_idps": {
"readonly": true,
"title": "raw edge core count gateway idps",
"type": "string"
},
"raw_edge_core_count_gateway_mps": {
"readonly": true,
"title": "raw edge core count gateway idps",
"type": "string"
},
"raw_edge_core_count_gateway_tls": {
"readonly": true,
"title": "Raw edge core count used by gateway tls",
"type": "string"
},
"raw_host_core_count_distributed_baremetal": {
"readonly": true,
"title": "Raw host core count used by dfw baremetal agent",
"type": "string"
},
"raw_host_core_count_distributed_firewall": {
"readonly": true,
"title": "Raw host core count used by distributed firewall",
"type": "string"
},
"raw_host_core_count_distributed_idps": {
"readonly": true,
"title": "Raw host core count used by distributed idps",
"type": "string"
},
"raw_host_core_count_distributed_intelligence": {
"readonly": true,
"title": "Raw host core count used by intelligence",
"type": "string"
},
"raw_host_core_count_distributed_intelligence_baremetal": {
"readonly": true,
"title": "Raw host core count used by distributed intelligence baremetal feature",
"type": "string"
},
"raw_host_core_count_distributed_ipfix": {
"readonly": true,
"title": "Raw host core count used by dfw ipfix",
"type": "string"
},
"raw_host_core_count_distributed_ipfix_baremetal": {
"readonly": true,
"title": "Raw host core count used by dfw ipfix baremetal feature",
"type": "string"
},
"raw_host_core_count_distributed_mps": {
"readonly": true,
"title": "Raw host core count used by distributed mps",
"type": "string"
},
"raw_host_core_count_ndr": {
"readonly": true,
"title": "Raw host core count used by ndr",
"type": "string"
},
"recommendation_sessions_total": {
"description": "Telemetry info about the 'recommendation_sessions_total'",
"readonly": true,
"title": "recommendation sessions total",
"type": "string"
},
"total_firewall_ipfix_profiles": {
"description": "Telemetry info about the 'total_firewall_ipfix_profiles'",
"readonly": true,
"title": "total firewall ipfix profiles",
"type": "string"
}
},
"type": "object"
}
SecurityLicenseUsageReport (type)
{
"additionalProperties": false,
"id": "SecurityLicenseUsageReport",
"module_id": "SecurityLicenseUsage",
"properties": {
"additional_metadata": {
"$ref": "AdditionalMetadata,
"description": "Additional metadata.",
"readonly": true,
"required": false,
"title": "Additional metadata"
},
"core_count_by_edition": {
"description": "Raw core counts grouped by edition including cores by types.",
"items": {
"$ref": "CoreCountByEdition
},
"readonly": true,
"required": false,
"title": "Raw Core Count by license editions",
"type": "array"
},
"core_count_by_feature": {
"$ref": "CoreCountByFeature,
"description": "Raw Core count by features.",
"readonly": true,
"required": false,
"title": "Raw Core count by features"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
}
},
"type": "object"
}
SecurityLicenseUsageReportInCSV (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "SecurityLicenseUsageReportInCSV",
"module_id": "SecurityLicenseUsage",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "SecurityLicenseUsageCSVRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
SecurityPolicy (type)
{
"description": "Ordered list of Rules.",
"extends": {
"$ref": "Policy
},
"id": "SecurityPolicy",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildRule",
"ChildSecurityPolicyContainerCluster"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"application_connectivity_strategy": {
"description": "This field indicates the application connectivity policy for the security policy.",
"items": {
"$ref": "ApplicationConnectivityStrategy
},
"maxItems": 3,
"required": false,
"title": "List of Application Connectivity strategy for this SecurityPolicy",
"type": "array"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"connectivity_preference": {
"description": "This field indicates the default connectivity policy for the security policy. Based on the connectivity preference, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity preference. If NONE is selected or no connectivity preference is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_preference without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. ALLOWLIST - Adds a default drop rule. Administrator can then use \"allow\" rules to allow traffic between groups DENYLIST - Adds a default allow rule. Admin can then use \"drop\" rules to block traffic between groups ALLOWLIST_ENABLE_LOGGING - Allowlisting with logging enabled DENYLIST_ENABLE_LOGGING - Denylisting with logging enabled NONE - No default rule is created.",
"enum": [
"ALLOWLIST",
"DENYLIST",
"ALLOWLIST_ENABLE_LOGGING",
"DENYLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity preference applicable for this SecurityPolicy",
"type": "string"
},
"connectivity_strategy": {
"deprecated": true,
"description": "This field indicates the default connectivity policy for the security policy. Based on the connectivity strategy, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity strategy. If NONE is selected or no connectivity strategy is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_strategy without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. This property is deprecated. Use the type connectivity_preference instead. WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rule is created.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy applicable for this SecurityPolicy",
"type": "string"
},
"default_rule_id": {
"description": "Based on the value of the connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule.",
"readonly": true,
"required": false,
"title": "Default rule ID associated with the connectivity_preference",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"logging_enabled": {
"default": false,
"deprecated": true,
"description": "This property is deprecated. Flag to enable logging for all the rules in the security policy. If the value is true then logging will be enabled for all the rules in the security policy. If the value is false, then the rule level logging value will be honored.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule
},
"required": false,
"title": "Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules",
"type": "object"
}
SecurityPolicyContainerCluster (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SecurityPolicyContainerCluster",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"container_cluster_path": {
"description": "Path to the container cluster entity in NSX",
"required": true,
"title": "Path to the container cluster entity in NSX",
"type": "string"
},
"container_cluster_type": {
"default": "ANTREA",
"description": "Type of the container cluster where the security policy will be realized",
"enum": [
"ANTREA"
],
"title": "Type of the controller where the SecurityPolicy will be realized",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Indicates the container cluster where the security policy will be realized.",
"type": "object"
}
SecurityPolicyContainerClusterListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SecurityPolicyContainerClusterListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SecurityPolicyContainerCluster
},
"required": false,
"title": "List of container clusters for a security policy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Security Policy Container Clusters",
"type": "object"
}
SecurityPolicyInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a security policy w.r.t to another one.",
"extends": {
"$ref": "PolicyInsertParameters
},
"id": "SecurityPolicyInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where security policy needs to be placed",
"type": "object"
}
SecurityPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SecurityPolicyListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_rule_count": {
"default": false,
"description": "If true, populate the rule_count field with the count of rules in the particular policy. By default, rule_count will not be populated.",
"required": false,
"title": "Include the count of rules in policy",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SecurityPolicy list request parameters",
"type": "object"
}
SecurityPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "SecurityPolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SecurityPolicy
},
"required": true,
"title": "SecurityPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of security policies",
"type": "object"
}
SecurityPolicyStatistics (type)
{
"description": "Aggregate statistics of all the rules in a security policy.",
"id": "SecurityPolicyStatistics",
"module_id": "Policy",
"properties": {
"internal_section_id": {
"description": "Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created.",
"readonly": true,
"required": false,
"title": "NSX internal section id",
"type": "string"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Gateway Firewall.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string"
},
"result_count": {
"description": "Total count for rule statistics",
"readonly": true,
"required": true,
"title": "Rule stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics.",
"items": {
"$ref": "RuleStatistics
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Statistics for all rules",
"type": "array"
}
},
"title": "Security policy statistics",
"type": "object"
}
SecurityPolicyStatisticsForEnforcementPoint (type)
{
"description": "Aggregate statistics of all the rules in a security policy for a specific enforcement point.",
"id": "SecurityPolicyStatisticsForEnforcementPoint",
"module_id": "Policy",
"properties": {
"container_cluster_path": {
"description": "Security Policy statistics for a single container cluster",
"readonly": true,
"required": false,
"title": "Cluster container path",
"type": "string"
},
"enforcement_point": {
"description": "Enforcement point to fetch the statistics from.",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "SecurityPolicyStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Security Policy Statistics"
}
},
"title": "Security policy statistics for an enforcement point",
"type": "object"
}
SecurityPolicyStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SecurityPolicyStatisticsListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SecurityPolicyStatisticsForEnforcementPoint
},
"required": true,
"title": "Security Policy statistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Security Policy statistics",
"type": "object"
}
SecurityProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base security profile binding map",
"type": "object"
}
Segment (type)
{
"additionalProperties": false,
"description": "Segment configuration to attach workloads.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Segment",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildDhcpStaticBindingConfig",
"ChildSegmentConnectionBindingMap",
"ChildSegmentDiscoveryProfileBindingMap",
"ChildSegmentMonitoringProfileBindingMap",
"ChildSegmentPort",
"ChildSegmentQoSProfileBindingMap",
"ChildSegmentSecurityProfileBindingMap",
"ChildStaticARPConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"deprecated": true,
"description": "Static address binding used for the Segment. This field is deprecated and will be removed in a future release. Please use address_bindings in SegmentPort to configure static bindings.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 512,
"required": false,
"title": "Address bindings for the Segment",
"type": "array"
},
"admin_state": {
"default": "UP",
"description": "Admin state represents desired state of segment. It does not reflect the state of other logical entities connected/attached to the segment.",
"enum": [
"UP",
"DOWN"
],
"required": false,
"title": "Represents Desired state of the Segment",
"type": "string"
},
"advanced_config": {
"$ref": "SegmentAdvancedConfig,
"description": "Advanced configuration for Segment.",
"required": false,
"title": "Advanced configuration for Segment"
},
"bridge_profiles": {
"description": "Multiple distinct L2 bridge profiles can be configured.",
"items": {
"$ref": "BridgeProfileConfig
},
"title": "Bridge Profile Configuration",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connectivity_path": {
"description": "Policy path to the connecting Tier-0 or Tier-1 or label of type Tier0. Valid only for segments created under Infra. This field can only be used for overlay segments. VLAN backed segments cannot have connectivity path set.",
"required": false,
"title": "Policy path to the connecting Tier-0 or Tier-1 or label of type Tier0",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "NETWORK_INFRA_SEGMENT_RELATIONSHIP",
"rightType": [
"Tier1"
]
},
{
"leftType": [
"Segment"
],
"relationshipType": "PROVIDER_INFRA_SEGMENT_RELATIONSHIP",
"rightType": [
"Tier0"
]
},
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_TIER0_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_path": {
"description": "Policy path to DHCP server or relay configuration to use for all IPv4 & IPv6 subnets configured on this segment.",
"required": false,
"title": "Policy path to DHCP configuration",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Segment"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"required": false,
"title": "DNS domain name",
"type": "string"
},
"evpn_segment": {
"description": "Flag to indicate if the Segment is a Child-Segment of type EVPN.",
"readonly": true,
"title": "Evpn Segment Flag.",
"type": "boolean"
},
"evpn_tenant_config_path": {
"description": "Policy path to the EvpnTenantConfig resource. Supported only for Route-Server Evpn Mode. Supported only for Overlay Segments. This will be populated for both Parent and Child segments participating in Evpn Route-Server Mode.",
"required": false,
"title": "Policy path to the EvpnTenantConfig",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_EVPN_TENANT_CONFIG_RELATIONSHIP",
"rightType": [
"EvpnTenantConfig"
]
}
]
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by segment ports in the Segment.",
"items": {
"$ref": "SegmentExtraConfig
},
"required": false,
"title": "Extra configs on Segment",
"type": "array"
},
"federation_config": {
"$ref": "FederationConnectivityConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l2_extension": {
"$ref": "L2Extension,
"required": false,
"title": "Configuration for extending Segment through L2 VPN"
},
"ls_id": {
"deprecated": true,
"description": "This property is deprecated. The property will continue to work as expected for existing segments. The segments that are newly created with ls_id will be ignored. Sepcify pre-creted logical switch id for Segment.",
"required": false,
"title": "Pre-created logical switch id for Segment",
"type": "string"
},
"mac_pool_id": {
"description": "Mac pool id that associated with a Segment.",
"required": false,
"title": "Allocation mac pool associated with the Segment",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"metadata_proxy_paths": {
"description": "Policy path to metadata proxy configuration. Multiple distinct MD proxies can be configured.",
"items": {
"type": "string"
},
"title": "Metadata Proxy Configuration Paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_METADATA_PROXY_RELATIONSHIP",
"rightType": [
"MetadataProxyConfig"
]
}
]
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overlay_id": {
"description": "Used for overlay connectivity of segments. The overlay_id should be allocated from the pool as definied by enforcement-point. If not provided, it is auto-allocated from the default pool on the enforcement-point.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Overlay connectivity ID for this Segment",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"replication_mode": {
"default": "MTEP",
"description": "If this field is not set for overlay segment, then the default of MTEP will be used.",
"enum": [
"MTEP",
"SOURCE"
],
"required": false,
"title": "Replication mode of the Segment",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"items": {
"$ref": "SegmentSubnet
},
"required": false,
"title": "Subnet configuration. Max 1 subnet",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to the transport zone. Supported for VLAN backed segments as well as Overlay Segments. - This field is required for VLAN backed Segments. - For overlay Segments, it is auto assigned if only one transport zone exists in the enforcement point. Default transport zone is auto assigned for overlay segments if none specified.",
"required": false,
"title": "Policy path to the transport zone",
"type": "string"
},
"type": {
"description": "Segment type based on configuration.",
"enum": [
"ROUTED",
"EXTENDED",
"ROUTED_AND_EXTENDED",
"DISCONNECTED"
],
"readonly": true,
"title": "Segment type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vlan_ids": {
"description": "VLAN ids for a VLAN backed Segment. Can be a VLAN id or a range of VLAN ids specified with '-' in between.",
"items": {
"type": "string"
},
"required": false,
"title": "VLAN ids for VLAN backed Segment",
"type": "array"
}
},
"title": "Segment configuration",
"type": "object"
}
SegmentAdvancedConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConnectivityAdvancedConfig
},
"id": "SegmentAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"address_pool_paths": {
"description": "Policy path to IP address pools.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Policy path to IP address pools",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "IP_POOL_CONSUMER_RELATIONSHIP",
"rightType": [
"IpAddressPool"
]
}
]
},
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
},
"hybrid": {
"default": false,
"description": "When set to true, all the ports created on this segment will behave in a hybrid fashion. The hybrid port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This property is only applicable for segment created with transport zone type OVERLAY_STANDARD. This property cannot be modified after segment is created.",
"required": false,
"title": "Flag to identify a hybrid logical switch",
"type": "boolean"
},
"inter_router": {
"default": false,
"description": "When set to true, any port attached to this logical switch will not be visible through VC/ESX UI",
"required": false,
"title": "Flag to indicate if the logical switch will provide inter-router connectivity",
"type": "boolean"
},
"local_egress": {
"default": false,
"description": "This property is used to enable proximity routing with local egress. When set to true, logical router interface (downlink) connecting Segment to Tier0/Tier1 gateway is configured with prefix-length 32.",
"required": false,
"title": "Flag to enable local egress",
"type": "boolean"
},
"local_egress_routing_policies": {
"description": "An ordered list of routing policies to forward traffic to the next hop.",
"items": {
"$ref": "LocalEgressRoutingEntry
},
"minItems": 1,
"required": false,
"title": "Local egress routing policies",
"type": "array"
},
"multicast": {
"description": "Enable multicast on the downlink LRP created to connect the segment to Tier0/Tier1 gateway.",
"required": false,
"title": "Enable multicast on the downlink",
"type": "boolean"
},
"ndra_profile_path": {
"description": "This profile is applie dto the downlink logical router port created while attaching this semgnet to tier-0 or tier-1. If this field is empty, NDRA profile of the router is applied to the newly created port.",
"required": false,
"title": "Policy path of Neighbor Discovery Router Advertisement profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
}
]
},
"node_local_switch": {
"description": "A behaviour required for Firewall As A Service (FaaS) where the segment BUM traffic is confined within the edge node that this segment belongs to.",
"required": false,
"title": "Prevent BUM (broadcast, unknown-unicast and multicast) traffic from reaching the other spanned edges",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source DVPG. Currently, only DVPortgroups are identified as Discovered Segments. The origin_id is the identifier of DVPortgroup from the source vCenter server.",
"required": false,
"title": "ID of the discovered Segment representing a network managed by non-NSX entity.",
"type": "string"
},
"origin_type": {
"description": "The type of source from where the DVPortgroup is discovered",
"enum": [
"VCENTER"
],
"title": "The DVPortgroup origin type",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "The name of the switching uplink teaming policy for the Segment. This name corresponds to one of the switching uplink teaming policy names listed in TransportZone associated with the Segment. See transport_zone_path property above for more details. When this property is not specified, the segment will not have a teaming policy associated with it and the host switch's default teaming policy will be used by MP.",
"title": "Uplink Teaming Policy Name",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"description": "This URPF mode is applied to the downlink logical router port created while attaching this segment to tier-0 or tier-1.",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Advanced configuration for Segment",
"type": "object"
}
SegmentAndBridgeProfileWorkflowResource (type)
{
"additionalProperties": false,
"description": "Segment and bridge profile workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "SegmentAndBridgeProfileWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentAndBridgeProfileWorkflowResource"
},
"properties": {
"bridge_profile_path": {
"description": "Bridge profile path.",
"readonly": false,
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "Segment and bridge profile workflow resource",
"type": "object"
}
SegmentConfigurationState (type)
{
"additionalProperties": false,
"description": "Segment state on specific Enforcement Point. The details section in SegmentConfigurationState contains the list of out of sync hosts which are present in the transport zone that is associated with the segment. Out of Sync hosts are the host transport nodes which are not fully synced.",
"extends": {
"$ref": "ConfigurationState
},
"id": "SegmentConfigurationState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"segment_path": {
"readonly": true,
"required": false,
"title": "Segment path",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Segment state on specific Enforcement Point",
"type": "object"
}
SegmentConfigurationStateListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentConfigurationStateListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Segment State on specific Enforcement Point",
"items": {
"$ref": "SegmentConfigurationState
},
"required": false,
"title": "Paged Collection of Segment State on specific Enforcement Point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
SegmentConnectionBindingMap (type)
{
"additionalProperties": false,
"description": "Segment with this binding map indicates the connection between this segment and another one to enable advances in IPAM, Routing, and NAT for Kubernetes workloads with Antrea",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SegmentConnectionBindingMap",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_path": {
"description": "Path of the parent segment with VIF port",
"required": true,
"title": "Policy path to the segment",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentConnectionBindingMap"
],
"relationshipType": "SEGMENT_CONNECTION_BINDING_MAP_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vlan_traffic_tag": {
"$ref": "VlanID,
"description": "VLAN ID used to identify traffic between segment and parent segment",
"required": true,
"title": "VLAN id indicates which connected segment the package should be forwarded"
}
},
"title": "Vendor specific configuration on Segment for Kubernetes workloads with Antrea",
"type": "object"
}
SegmentConnectionBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentConnectionBindingMapListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentConnectionBindingMap
},
"required": true,
"title": "Segment connection binding map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SegmentConnectionBindingMaps",
"type": "object"
}
SegmentCrossSiteTrafficStats (type)
{
"additionalProperties": false,
"id": "SegmentCrossSiteTrafficStats",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the l2 forwarder statistics was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"rx_stats": {
"$ref": "InterSitePortCounters,
"description": "Total received data counters.",
"readonly": true,
"title": "Received data counters"
},
"segment_path": {
"description": "Policy path of Segment to attach interface.",
"readonly": true,
"required": true,
"title": "Policy path of Segment to attach interface",
"type": "string"
},
"tx_stats": {
"$ref": "InterSitePortCounters,
"description": "Total sent data counters.",
"readonly": true,
"title": "Sent data counters"
}
},
"type": "object"
}
SegmentDeleteRequestParameters (type)
{
"additionalProperties": false,
"id": "SegmentDeleteRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cascade": {
"default": false,
"description": "When the flag is true, all segment ports associated with this segment are detached and deleted.",
"required": false,
"title": "Flag to specify whether to delete related segment ports",
"type": "boolean"
}
},
"title": "Segment delete request parameters",
"type": "object"
}
SegmentDhcpConfig (type)
{
"abstract": true,
"additionalProperties": false,
"description": "DHCP IPv4 and IPv6 configurations are extended from this abstract class.",
"id": "SegmentDhcpConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
}
},
"title": "DHCP configuration for segment subnet",
"type": "object"
}
SegmentDhcpV4Config (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SegmentDhcpConfig
},
"id": "SegmentDhcpV4Config",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentDhcpV4Config"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"options": {
"$ref": "DhcpV4Options,
"description": "IPv4 DHCP options for segment subnet.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
}
},
"title": "DHCP configuration of IPv4 subnet in a segment",
"type": "object"
}
SegmentDhcpV6Config (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SegmentDhcpConfig
},
"id": "SegmentDhcpV6Config",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentDhcpV6Config"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"domain_names": {
"description": "Domain names for subnet.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names for subnet",
"type": "array"
},
"excluded_ranges": {
"description": "Excluded addresses to define dynamic ip allocation ranges.",
"items": {
"$ref": "IPElement
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Excluded range of IPv6 addresses",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"preferred_time": {
"description": "The length of time that a valid address is preferred. When the preferred lifetime expires, the address becomes deprecated.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
},
"sntp_servers": {
"description": "IPv6 address of SNTP servers for subnet.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"required": false,
"title": "SNTP servers for subnet",
"type": "array"
}
},
"title": "DHCP configuration of IPv6 subnet in a segment",
"type": "object"
}
SegmentDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Segment. Using this entity, user can specify intent for applying discovery profile to particular segments.",
"extends": {
"$ref": "DiscoveryProfileBindingMap
},
"id": "SegmentDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_discovery_profile_path": {
"description": "PolicyPath of associated IP Discovery Profile",
"required": false,
"title": "IP Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentDiscoveryProfileBindingMap"
],
"relationshipType": "SEGMENT_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
}
]
},
"mac_discovery_profile_path": {
"description": "PolicyPath of associated Mac Discovery Profile",
"required": false,
"title": "Mac Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentDiscoveryProfileBindingMap"
],
"relationshipType": "SEGMENT_BINDINGMAP_MACDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"MacDiscoveryProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Segment Discovery Profile binding map",
"type": "object"
}
SegmentDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment Discovery Profile Binding Map list request parameters",
"type": "object"
}
SegmentDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentDiscoveryProfileBindingMap
},
"required": true,
"title": "Segment Discovery Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment Discovery Profile Binding Maps",
"type": "object"
}
SegmentExtraConfig (type)
{
"additionalProperties": false,
"description": "Segment extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either segment or segment port.",
"id": "SegmentExtraConfig",
"module_id": "PolicyConnectivity",
"properties": {
"config_pair": {
"$ref": "UnboundedKeyValuePair,
"description": "Key value pair in string for the configuration.",
"required": true,
"title": "Key value pair in string for the configuration"
}
},
"title": "Vendor specific configuration on segment or Segment port",
"type": "object"
}
SegmentIpSubnets (type)
{
"description": "IP subnets of a segment, one IPv4 subnet or one IPv6 subnet for single IP-stack, an IPv4 subnet and an IPv6 subnet for dual IP-stack.",
"id": "SegmentIpSubnets",
"module_id": "OverlayAdoption",
"properties": {
"subnets": {
"description": "An array with one IPv4 subnet and/or one IPv6 subnet.",
"items": {
"$ref": "IPCIDRBlock
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "An IP-subnet array of size two.",
"type": "array",
"uniqueItems": true
}
},
"title": "IP subnets of a segment",
"type": "object"
}
SegmentL2ForwarderSiteSpanInfo (type)
{
"additionalProperties": false,
"experimental": true,
"id": "SegmentL2ForwarderSiteSpanInfo",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"inter_site_forwarder_status": {
"description": "Inter-site forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode
},
"readonly": true,
"title": "Inter-site forwarder status per node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the L2 forwarder remote mac addresses was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"remote_macs_per_site": {
"description": "L2 forwarder remote mac addresses per site for logical switch.",
"items": {
"$ref": "L2ForwarderRemoteMacsPerSite
},
"readonly": true,
"title": "L2 forwarder remote mac addresses per site",
"type": "array"
},
"segment_path": {
"description": "Policy path of a segment.",
"readonly": true,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"type": "object"
}
SegmentListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_type": {
"enum": [
"DVPortgroup",
"ALL"
],
"title": "Segment type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment list request parameters",
"type": "object"
}
SegmentListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Segment
},
"required": true,
"title": "Segment list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segments",
"type": "object"
}
SegmentMacAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentMacAddressListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
SegmentMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Segment. Using this entity, you can specify intent for applying monitoring profile to particular segment.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "SegmentMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXL2Profile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Segment Monitoring Profile binding map",
"type": "object"
}
SegmentMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment Monitoring Profile Binding Map list request parameters",
"type": "object"
}
SegmentMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentMonitoringProfileBindingMap
},
"required": true,
"title": "Segment Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment Monitoring Profile Binding Maps",
"type": "object"
}
SegmentPort (type)
{
"additionalProperties": false,
"description": "Policy port will create LogicalPort on LogicalSwitch corresponding to the Segment. Address bindings cannot be removed after realization.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SegmentPort",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildPortDiscoveryProfileBindingMap",
"ChildPortMonitoringProfileBindingMap",
"ChildPortQoSProfileBindingMap",
"ChildPortSecurityProfileBindingMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"description": "Static address binding used for the port.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 512,
"required": false,
"title": "Address bindings for the port",
"type": "array"
},
"admin_state": {
"default": "UP",
"enum": [
"UP",
"DOWN"
],
"required": false,
"title": "Represents desired state of the segment port",
"type": "string"
},
"attachment": {
"$ref": "PortAttachment,
"description": "Only VIF attachment is supported",
"required": false,
"title": "VIF attachment"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs. Segment port setting will override segment setting if the same key was set on both segment and segment port.",
"items": {
"$ref": "SegmentExtraConfig
},
"required": false,
"title": "Extra configs on segment port",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignored_address_bindings": {
"description": "IP Discovery module uses various mechanisms to discover address bindings being used on each segment port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 16,
"minItems": 0,
"required": false,
"title": "Address bindings to be ignored by IP Discovery module",
"type": "array"
},
"init_state": {
"description": "Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation, and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host.",
"enum": [
"UNBLOCKED_VLAN",
"RESTORE_VIF"
],
"required": false,
"title": "Initial state of this logical ports",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source Distributed Virtual Port and the corresponding Distributed Virtual Switch. This ID is populated only for ports attached to discovered segments.",
"readonly": true,
"title": "ID of the distributed virtual port and the distributed virtual switch in the source vCenter",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_site_id": {
"description": "This field will refer to the source site on which the segment port is discovered. This field is populated by GM, when it receives corresponding notification from LM.",
"readonly": true,
"title": "source site(LM) id.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy port object for segment",
"type": "object"
}
SegmentPortAttachmentState (type)
{
"additionalProperties": false,
"id": "SegmentPortAttachmentState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"attachers": {
"items": {
"$ref": "PortAttacher
},
"readonly": true,
"required": false,
"title": "VM or vmknic entities that are attached to the Segment Port",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "VIF ID",
"type": "string"
},
"state": {
"description": "A segment port must be in one of following states. FREE - If there are no active attachers. The port may or may not have an attachment ID configured on it. This state is applicable only to port of static type. ATTACHED - Segment port has exactly one active attacher and no further configuration is pending. ATTACHED_PENDING_CONF - Segment port has exactly one attacher, however it may not have been configured completely. Additional configuration will be provided by other nsx components. ATTACHED_IN_MOTION - Segment port has multiple active attachers. This state represents a scenario where VM is moving from one location (host or storage) to another (e.g. vmotion, vSphere HA) DETACHED - A temporary state after all port attachers have been detached. This state is applicable only to a port of ephemeral type and the port will soon be deleted.",
"enum": [
"FREE",
"ATTACHED",
"ATTACHED_PENDING_CONF",
"ATTACHED_IN_MOTION",
"DETACHED"
],
"readonly": true,
"required": true,
"title": "State of the VIF attached to Segment Port",
"type": "string"
}
},
"title": "VIF attachment state of a segment port",
"type": "object"
}
SegmentPortListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentPortListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SegmentPort list request parameters",
"type": "object"
}
SegmentPortListResult (type)
{
"additionalProperties": false,
"description": "List SegmentPort objects",
"extends": {
"$ref": "ListResult
},
"id": "SegmentPortListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Place holder for the list result",
"items": {
"$ref": "SegmentPort
},
"required": true,
"title": "SegmentPort list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SegmentPort",
"type": "object"
}
SegmentPortMacAddressCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "SegmentPortMacAddressCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "SegmentPortMacTableCsvEntry
},
"required": false,
"type": "array"
}
},
"type": "object"
}
SegmentPortMacAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentPortMacAddressListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentPortMacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
SegmentPortMacTableCsvEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "SegmentPortMacTableCsvEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
SegmentPortMacTableEntry (type)
{
"additionalProperties": false,
"id": "SegmentPortMacTableEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
SegmentPortState (type)
{
"additionalProperties": false,
"description": "Contains realized state of the segment port. For example: transport node on which the port is located, discovered and realized address bindings of the port.",
"id": "SegmentPortState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"attachment": {
"$ref": "SegmentPortAttachmentState,
"readonly": true,
"required": false,
"title": "Segment port attachment state"
},
"discovered_bindings": {
"description": "Contains the list of address bindings for a segment port that were automatically dicovered using various snooping methods like ARP, DHCP etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Segment port bindings discovered automatically",
"type": "array"
},
"duplicate_bindings": {
"description": "If any address binding discovered on the port is also found on other port on the same segment, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts.",
"items": {
"$ref": "DuplicateAddressBindingEntry
},
"title": "Duplicate segment port address bindings",
"type": "array"
},
"realized_bindings": {
"description": "List of segment port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Realized segment port bindings",
"type": "array"
},
"transport_node_ids": {
"items": {
"type": "string"
},
"required": false,
"title": "Identifiers of the transport nodes where the port is located",
"type": "array"
}
},
"title": "Realized state of the segment port on enforcement point",
"type": "object"
}
SegmentPortStatistics (type)
{
"additionalProperties": false,
"description": "Segment port statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalPortStatistics
},
"id": "SegmentPortStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"title": "Segment port statistics on specific Enforcement Point",
"type": "object"
}
SegmentPortStatus (type)
{
"additionalProperties": false,
"description": "Segment port status on specific Enforcement Point.",
"extends": {
"$ref": "LogicalPortOperationalStatus
},
"id": "SegmentPortStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"required": true,
"title": "The Operational status of the logical port",
"type": "string"
}
},
"title": "Segment port status on specific Enforcement Point",
"type": "object"
}
SegmentQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between qos profile and Segment. Using this entity, you can specify intent for applying qos profile to particular segment.",
"extends": {
"$ref": "QoSProfileBindingMap
},
"id": "SegmentQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"qos_profile_path": {
"description": "PolicyPath of associated QoS Profile",
"required": false,
"title": "QoS Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentQoSProfileBindingMap"
],
"relationshipType": "QOS_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"QoSProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"segment qos profile binding map"
],
"title": "Segment QoS Profile binding map",
"type": "object"
}
SegmentQoSProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SegmentQoSProfileBindingMapListRequestParameters",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment QoS Profile Binding Map list request parameters",
"type": "object"
}
SegmentQoSProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentQoSProfileBindingMapListResult",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentQoSProfileBindingMap
},
"required": true,
"title": "Segment QoS Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment QoS Profile Binding Maps",
"type": "object"
}
SegmentRequestParameter (type)
{
"additionalProperties": false,
"description": "Segment request parameter, used in hierarchical API.",
"extends": {
"$ref": "PolicyRequestParameter
},
"id": "SegmentRequestParameter",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentRequestParameter"
},
"properties": {
"force": {
"required": true,
"title": "Force segment update.",
"type": "boolean"
},
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Segment request rarameter for HAPI",
"type": "object"
}
SegmentSecurityProfile (type)
{
"additionalProperties": false,
"description": "Security features extended by policy operations for securing logical segments.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SegmentSecurityProfile",
"module_id": "PolicySegmentSecurity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bpdu_filter_allow": {
"description": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering. List of allowed MACs - 01:80:c2:00:00:00, 01:80:c2:00:00:01, 01:80:c2:00:00:02, 01:80:c2:00:00:03, 01:80:c2:00:00:04, 01:80:c2:00:00:05, 01:80:c2:00:00:06, 01:80:c2:00:00:07, 01:80:c2:00:00:08, 01:80:c2:00:00:09, 01:80:c2:00:00:0a, 01:80:c2:00:00:0b, 01:80:c2:00:00:0c, 01:80:c2:00:00:0d, 01:80:c2:00:00:0e, 01:80:c2:00:00:0f, 00:e0:2b:00:00:00, 00:e0:2b:00:00:04, 00:e0:2b:00:00:06, 01:00:0c:00:00:00, 01:00:0c:cc:cc:cc, 01:00:0c:cc:cc:cd, 01:00:0c:cd:cd:cd, 01:00:0c:cc:cc:c0, 01:00:0c:cc:cc:c1, 01:00:0c:cc:cc:c2, 01:00:0c:cc:cc:c3, 01:00:0c:cc:cc:c4, 01:00:0c:cc:cc:c5, 01:00:0c:cc:cc:c6, 01:00:0c:cc:cc:c7",
"items": {
"$ref": "MACAddress
},
"maxItems": 32,
"minItems": 0,
"required": false,
"title": "Deactivate BPDU filtering on this allowlist",
"type": "array"
},
"bpdu_filter_enable": {
"default": true,
"description": "Indicates whether BPDU filter is enabled. BPDU filtering is enabled by default.",
"required": false,
"title": "BPDU filtering status",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_client_block_enabled": {
"default": false,
"description": "Filters DHCP server and/or client traffic. DHCP server blocking is activated and client blocking is deactivated by default.",
"required": false,
"title": "Enable DHCP client block",
"type": "boolean"
},
"dhcp_client_block_v6_enabled": {
"default": false,
"description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is deactivated by default.",
"required": false,
"title": "Enable DHCP client block v6",
"type": "boolean"
},
"dhcp_server_block_enabled": {
"default": true,
"description": "Filters DHCP server and/or client traffic. DHCP server blocking is activated and client blocking is deactivated by default.",
"required": false,
"title": "Enable DHCP server block",
"type": "boolean"
},
"dhcp_server_block_v6_enabled": {
"default": true,
"description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is deactivated by default.",
"required": false,
"title": "Enable DHCP server block v6",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"non_ip_traffic_block_enabled": {
"default": false,
"description": "A flag to block all traffic except IP/(G)ARP/BPDU.",
"required": false,
"title": "Enable non IP traffic block",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"ra_guard_enabled": {
"default": false,
"description": "Activate or deactivate Router Advertisement Guard.",
"required": false,
"title": "Enable Router Advertisement Guard",
"type": "boolean"
},
"rate_limits": {
"$ref": "TrafficRateLimits,
"description": "Allows configuration of rate limits for broadcast and multicast traffic. Rate limiting is deactivated by default",
"required": false,
"title": "Rate limiting configuration"
},
"rate_limits_enabled": {
"default": false,
"description": "Activate or deactivate Rate Limits",
"required": false,
"title": "Enable Rate Limits",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"security segment profile"
],
"title": "Segment Security Profile",
"type": "object"
}
SegmentSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Contains the binding relationship between segment and security profile.",
"extends": {
"$ref": "SecurityProfileBindingMap
},
"id": "SegmentSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_security_profile_path": {
"description": "The policy path of the asscociated Segment Security profile",
"required": false,
"title": "Segment Security Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentSecurityProfileBindingMap"
],
"relationshipType": "SEGMENT_SECURITY_BINDING_MAP_SEGMENT_SECURITY_RELATIONSHIP",
"rightType": [
"SegmentSecurityProfile"
]
}
]
},
"spoofguard_profile_path": {
"description": "The policy path of the asscociated SpoofGuard profile",
"required": false,
"title": "SpoofGuard Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentSecurityProfileBindingMap"
],
"relationshipType": "SEGMENT_SECURITY_BINDING_MAP_SPOOFGUARD_RELATIONSHIP",
"rightType": [
"SpoofGuardProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Security profile binding map for segment",
"type": "object"
}
SegmentSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SegmentSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment security profile binding map request parameters",
"type": "object"
}
SegmentSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentSecurityProfileBindingMapListResult",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentSecurityProfileBindingMap
},
"required": true,
"title": "Segment security profile binding map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of segment security profile binding maps",
"type": "object"
}
SegmentSecurityProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentSecurityProfileListRequestParameters",
"module_id": "PolicySegmentSecurity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment security profile request parameters",
"type": "object"
}
SegmentSecurityProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentSecurityProfileListResult",
"module_id": "PolicySegmentSecurity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentSecurityProfile
},
"required": true,
"title": "Segment Security profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of segment security profiles",
"type": "object"
}
SegmentStateRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a segment path and enforcement_point_path.",
"extends": {
"$ref": "PolicyRuntimeRequestParameters
},
"id": "SegmentStateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"configuration_state": {
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown"
],
"required": false,
"title": "Configuration state of the segment on enforcement point",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Metadata Proxy Runtime Information",
"type": "object"
}
SegmentStatistics (type)
{
"additionalProperties": false,
"description": "Segment statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalSwitchStatistics
},
"id": "SegmentStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"nsxt_fp": {
"$ref": "FpCounters,
"description": "ENS/FC module for DP packet processing",
"readonly": true,
"required": false
},
"nsxt_swsec": {
"$ref": "SwsecCounters,
"description": "Switch Security provides stateless L2 and L3 security by checking, traffic to the logical switch and dropping unauthorized packets sent, from VMs",
"readonly": true,
"required": false
},
"nsxt_vdl2": {
"$ref": "Vdl2Counters,
"description": "Overlay Layer-2 module responsible for workload connectivity",
"readonly": true,
"required": false
},
"nsxt_vdrb": {
"$ref": "VdrbCounters,
"description": "Virtual Distributed Routing (VDR) routes packets on every ESX",
"readonly": true,
"required": false
},
"nsxt_vsip": {
"$ref": "VsipCounters,
"description": "VSIP provides Distributed Firewall capability",
"readonly": true,
"required": false
},
"nsxt_vswitch": {
"$ref": "VswitchCounters,
"description": "Virtual Switch is responsible for providing switching functionality",
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"title": "Segment statistics on specific Enforcement Point",
"type": "object"
}
SegmentSubnet (type)
{
"additionalProperties": false,
"id": "SegmentSubnet",
"module_id": "PolicyConnectivity",
"properties": {
"dhcp_config": {
"$ref": "SegmentDhcpConfig,
"description": "Additional DHCP configuration for current subnet.",
"required": false,
"title": "Additional DHCP configuration"
},
"dhcp_ranges": {
"description": "DHCP address ranges are used for dynamic IP allocation. Supports address range and CIDR formats. First valid host address from the first value is assigned to DHCP server IP address. Existing values cannot be deleted or modified, but additional DHCP ranges can be added.",
"items": {
"$ref": "IPElement
},
"maxItems": 99,
"minItems": 1,
"required": false,
"title": "DHCP address ranges for dynamic IP allocation",
"type": "array"
},
"gateway_address": {
"description": "Gateway IP address in CIDR format for both IPv4 and IPv6.",
"format": "ip-cidr-block",
"title": "Gateway IP address.",
"type": "string"
},
"network": {
"description": "Network CIDR for this subnet calculated from gateway_addresses and prefix_len.",
"readonly": true,
"title": "Network CIDR for subnet",
"type": "string"
}
},
"title": "Subnet configuration for segment",
"type": "object"
}
SegmentToDvpgsMapping (type)
{
"additionalProperties": false,
"description": "Segment to DVPGs mapping. Information about the segment and DVPGs that it has been bridged to.",
"id": "SegmentToDvpgsMapping",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_mapping_list": {
"description": "Mapping information of the DVPGs to which this segment has been bridged.",
"items": {
"$ref": "DvpgMappingInfo
},
"readonly": true,
"required": true,
"title": "DVPG mapping info list",
"type": "array"
},
"segment_path": {
"description": "Segment path.",
"readonly": true,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "Segment to DVPGs mapping",
"type": "object"
}
SegmentToDvpgsMappingRequestParameters (type)
{
"description": "Segment to DVPGs mapping request parameters.",
"id": "SegmentToDvpgsMappingRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"title": "Segment to DVPGs mapping request parameters",
"type": "object"
}
SegmentWorkflowResource (type)
{
"additionalProperties": false,
"description": "Segment workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "SegmentWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentWorkflowResource"
},
"properties": {
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "Segment workflow resource",
"type": "object"
}
SelectableResourceReference (type)
{
"extends": {
"$ref": "ResourceReference
},
"id": "SelectableResourceReference",
"module_id": "ClusterRestore",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"selected": {
"required": true,
"title": "Set to true if this resource has been selected to be acted upon",
"type": "boolean"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Resources to take action on",
"type": "object"
}
SelectiveSyncSettings (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SelectiveSyncSettings",
"module_id": "DirectoryService",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enabled": {
"required": true,
"title": "Enable or disable SelectiveSync",
"type": "boolean"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"selected_org_units": {
"description": "If SelectiveSync is enabled, this contains 1 or more OrgUnits, which NSX will synchronize with in LDAP server. The full distiguished name (DN) should be used for OrgUnit. If SelectiveSync is disabled, do not define this or specify an empty list.",
"items": {
"type": "string"
},
"required": false,
"title": "Selected OrgUnits for SelectiveSync",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Directory domain selective sync settings",
"type": "object"
}
SelfResourceLink (type)
{
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"extends": {
"$ref": "ResourceLink
},
"id": "SelfResourceLink",
"module_id": "Common",
"properties": {
"action": {
"readonly": true,
"title": "Optional action",
"type": "string"
},
"href": {
"readonly": true,
"required": true,
"title": "Link to resource",
"type": "string"
},
"rel": {
"description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)",
"readonly": true,
"required": true,
"title": "Link relation type",
"type": "string"
}
},
"title": "Link to this resource",
"type": "object"
}
SelfSignedActionParameter (type)
{
"additionalProperties": false,
"id": "SelfSignedActionParameter",
"module_id": "CertificateManager",
"properties": {
"days_valid": {
"default": 825,
"required": true,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
}
},
"type": "object"
}
ServerAuthType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server authentication could be REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is disabled by default. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.",
"enum": [
"REQUIRED",
"IGNORE"
],
"id": "ServerAuthType",
"module_id": "LoadBalancer",
"title": "server authentication mode",
"type": "string"
}
ServerSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "ServerSslProfileBinding",
"module_id": "LoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "authentication depth is used to set the verification depth in the server certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "the maximum traversal depth of server certificate chain",
"type": "integer"
},
"client_certificate_id": {
"description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding",
"required": false,
"title": "client certificate identifier",
"type": "string"
},
"server_auth": {
"$ref": "ServerAuthType,
"default": "IGNORE",
"title": "server authentication mode"
},
"server_auth_ca_ids": {
"description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA identifier list to verify server certificate",
"type": "array"
},
"server_auth_crl_ids": {
"description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL identifier list to verify server certificate",
"type": "array"
},
"ssl_profile_id": {
"description": "Server SSL profile defines reusable, application-independent server side SSL properties.",
"required": false,
"title": "server SSL profile identifier",
"type": "string"
}
},
"type": "object"
}
Service (type)
{
"description": "Used while defining a CommunicationEntry. A service may have multiple service entries.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Service",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildServiceEntry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "The flag, if true, indicates that service is created in the system by default. Such default services can't be modified/deleted.",
"readonly": true,
"title": "Flag for default services",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_entries": {
"description": "Service entries for this service",
"items": {
"$ref": "ServiceEntry
},
"title": "Service type",
"type": "array"
},
"service_type": {
"title": "Type of service, ETHER or NON_ETHER",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains the information related to a service",
"type": "object"
}
ServiceAssociationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceAssociationListResult",
"module_id": "GroupingObjectsProviders",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "service_type"
},
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"service_type": {
"enum": [
"FireWallServiceAssociationListResult",
"IpfixServiceAssociationListResult"
],
"required": true,
"type": "string"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ServiceAttachment (type)
{
"description": "A ServiceAttachment represents a point on NSX entity (Example - Edge Router) to which ServiceInstance can be connected through an InstanceEndpoint. Example - In VMWare Hybric Cloud Extention (HCX) use case, HCX appliances connect to this Service Attachment Point. We do not handle the lifecycle of these appliance/s.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceAttachment",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attachment_status": {
"default": "UP",
"description": "UP - A Service Attachment will have its Service Port - UP and with a configured IP address. DOWN - An Inactive ServiceAttachment has its Service Port - DOWN. It can be used to connect set of appliances that do not need to exchange traffic to/from/through the Edge node.",
"enum": [
"UP",
"DOWN"
],
"readonly": false,
"required": false,
"title": "Attachment Status",
"type": "string"
},
"deployed_to": {
"$ref": "ResourceReference,
"description": "NSX Resource where we want to create Service Attachment Point. Ex. T0 LR Edge in case of north-south ServiceInsertion and a TransportZone (which is used to define the service plane) in case of east-west service insertion.",
"readonly": false,
"required": true,
"title": "Deployed-to object"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_ips": {
"description": "Local IPs associated with this Service Attachment.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Local IPs",
"type": "array"
},
"logical_routers": {
"description": "List of LogicalRouters to be connected to the ServicePlane logical switch via a ServiceLink.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Logical Router list",
"type": "array"
},
"logical_switch": {
"$ref": "ResourceReference,
"description": "Logical Switch gets created as a part of Service Attachment creation.",
"readonly": true,
"required": false,
"title": "Logical Switch"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_port": {
"$ref": "ResourceReference,
"description": "Service Port gets created as a part of Service Attachment creation. It is a Logical Router Port of type CentralizedServicePort. It does not participate in distributed routing. Stateless Policy Based Routing service can be applied on this port.",
"readonly": true,
"required": false,
"title": "Service Port (Logical Router Centralized Service Port)"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Logical Attachment Point for a 3rd Party Service",
"type": "object"
}
ServiceAttachmentListResult (type)
{
"description": "List of Service Attachments.",
"extends": {
"$ref": "ListResult
},
"id": "ServiceAttachmentListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service Attachments.",
"items": {
"$ref": "ServiceAttachment
},
"readonly": true,
"required": true,
"title": "Service-Attachment list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Attachment List",
"type": "object"
}
ServiceBinding (type)
{
"additionalProperties": false,
"id": "ServiceBinding",
"module_id": "LogicalRouterPorts",
"properties": {
"service_id": {
"$ref": "ResourceReference,
"description": "Identifier of Logical Service",
"required": true,
"title": "UUID of Service"
}
},
"type": "object"
}
ServiceCapability (type)
{
"description": "Service capabilities that will be inherited by service VMs created using a service definition that contains this service capability.",
"id": "ServiceCapability",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"can_decrement_si": {
"default": false,
"description": "Indicating whether service is configured to decrement SI field in NSH metadata.",
"readonly": true,
"required": false,
"title": "SI decrement flag",
"type": "boolean"
},
"nsh_liveness_support_enabled": {
"default": false,
"description": "Indicating whether service supports NSH liveness detection.",
"readonly": false,
"required": false,
"title": "NSH liveness support flag",
"type": "boolean"
}
},
"title": "Service capabilities",
"type": "object"
}
ServiceChain (type)
{
"description": "Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceChain",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"forward_path_service_profiles": {
"description": "List of ServiceInsertionServiceProfiles that constitutes the the service chain. The forward path service profiles are applied to ingress traffic.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 4,
"readonly": false,
"required": true,
"title": "Forward path service profiles",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"default": "ALLOW",
"description": "Failure policy for the service tells datapath, the action to take i.e to allow or block traffic during failure scenarios.",
"enum": [
"ALLOW",
"BLOCK"
],
"readonly": false,
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"path_selection_policy": {
"default": "LOCAL",
"description": "Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - means to prefer local service insances. REMOTE - preference is to redirect to the SVM co-located on the same host.",
"enum": [
"ANY",
"LOCAL",
"REMOTE"
],
"readonly": false,
"required": false,
"title": "Path Selection Policy",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"reverse_path_service_profiles": {
"description": "List of ServiceInsertionServiceProfiles id. Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 4,
"readonly": false,
"required": false,
"title": "Reverse path service profiles",
"type": "array"
},
"service_attachments": {
"description": "Service attachment specifies the scope i.e Service plane at which the SVMs are deployed.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Service Attachment list",
"type": "array"
},
"service_chain_id": {
"description": "A unique id generated for every service chain. This is not a uuid.",
"readonly": true,
"required": false,
"title": "Service chain id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Service Chain",
"type": "object"
}
ServiceChainListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceChainListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Chain list request parameters",
"type": "object"
}
ServiceChainListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServiceChainListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-Insertion Services. The list has to be homogenous.",
"items": {
"$ref": "ServiceChain
},
"readonly": true,
"required": true,
"title": "Service list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Chain List",
"type": "object"
}
ServiceChainMapping (type)
{
"description": "A ServiceInsertionServiceProfile can be part of multiple ServiceChains. ServiceChainMapping for a particular profile will contain a list of all the ServiceChains it's part of. Each Mapping will also contain some metadata to uniquely identify a profile from other profiles.",
"id": "ServiceChainMapping",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"direction": {
"description": "Each ServiceChain has forward_path_service_profiles and reverse_path_service_profiles. This property will indicate which of them being used. FORWARD - forward_path_service_profiles REVERSE - reverse_path_service_profiles",
"enum": [
"FORWARD",
"REVERSE"
],
"readonly": true,
"title": "Direction",
"type": "string"
},
"service_chain_id": {
"description": "A unique id generated for every ServiceChain. This is not a uuid.",
"readonly": true,
"title": "Service Chain id",
"type": "string"
},
"service_index": {
"description": "Service Index represents a numerical position of a ServiceInsertionServiceProfile in a ServiceChain. It will be in reverse order. Service Index can point to either forward_path_service_profiles or reverse_path_service_profiles indicated by direction property. Example - For a ServiceChain A-B-C, A will have index of 3, B will have index of 2 and C will have index of 1.",
"readonly": true,
"title": "Service Index",
"type": "integer"
}
},
"title": "Service Chain Mapping",
"type": "object"
}
ServiceChainMappingListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServiceChainMappingListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service Chain Mappings. The list has to be homogenous.",
"items": {
"$ref": "ServiceChainMapping
},
"readonly": true,
"required": true,
"title": "Service Chain Mapping List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Chain Mapping List",
"type": "object"
}
ServiceConfig (type)
{
"additionalProperties": false,
"description": "Service configs are groupings of profiles (i.e switch profiles) and configurations applied to resources or collection of resources(NSGroups).",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceConfig",
"module_id": "ServiceConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to": {
"description": "The list of entities that the configurations should be applied to. This can either be a NSGroup or any other entity like TransportNode, LogicalPorts etc.",
"items": {
"$ref": "ResourceReference
},
"required": false,
"title": "Entities on which the input profile will be applied",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"precedence": {
"description": "Every ServiceConfig has a priority based upon its precedence value. Lower the value of precedence, higher will be its priority. If user doesnt specify the precedence, it is generated automatically by system. The precedence is generated based upon the type of profile used in ServiceConfig. Precedence are auto-generated in decreasing order with difference of 100. Automatically generated precedence value will be 100 less than the current minimum value of precedence of ServiceConfig of a given profile type in system.There cannot be duplicate precedence for ServiceConfig of same profile type.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "The priority of the service config",
"type": "integer"
},
"profiles": {
"description": "These are the NSX Profiles which will be added to service config, which will be applied to entities/groups provided to applied_to field of service config.",
"items": {
"$ref": "NSXProfileReference
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Profiles to be added to service config",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Service Config for profile and common configuration",
"type": "object"
}
ServiceConfigList (type)
{
"additionalProperties": false,
"description": "List of Service config objects that needs to be either created or updated with the respective profiles and precedence.",
"id": "ServiceConfigList",
"module_id": "ServiceConfig",
"properties": {
"service_configs": {
"description": "An Array of ServiceConfig objects containing details of profiles to be applied, entities on which these profiles will be applied and precedence.",
"items": {
"$ref": "ServiceConfig
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "service config list results",
"type": "array"
}
},
"title": "List of Service Configs for batch operation",
"type": "object"
}
ServiceConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ServiceConfigListRequestParameters",
"module_id": "ServiceConfig",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"profile_type": {
"description": "It fetches ServiceConfig for the given profile_type. Only one type of supported profile type can be mentioned in a single API call. API will return all ServiceConfig if this field is not passed.",
"required": false,
"title": "Fetch ServiceConfig for the given attribute profile_type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NSProfile list request parameters.",
"type": "object"
}
ServiceConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceConfigListResult",
"module_id": "ServiceConfig",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceConfig
},
"required": true,
"title": "service config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of service configs",
"type": "object"
}
ServiceDefinition (type)
{
"description": "Registering a Service is the first step in the ServiceInsertion mechanism. A ServiceDefinition is used to create a service.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceDefinition",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attachment_point": {
"description": "The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP and MPS.",
"items": {
"enum": [
"TIER0_LR",
"TIER1_LR",
"SERVICE_PLANE"
],
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"readonly": false,
"required": false,
"title": "Attachment Point",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"functionalities": {
"description": "The capabilities provided by the services. Needs to be one or more of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion Detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | TLB - Transparent Load Balancer | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service) | MPS - Malware Prevention Solution",
"items": {
"enum": [
"NG_FW",
"IDS_IPS",
"NET_MON",
"HCX",
"BYOD",
"EPP",
"TLB",
"MPS"
],
"type": "string"
},
"minItems": 1,
"readonly": false,
"required": true,
"title": "Functionality Type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"implementations": {
"description": "This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter.",
"items": {
"enum": [
"NORTH_SOUTH",
"EAST_WEST"
],
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Implementation Type",
"type": "array"
},
"on_failure_policy": {
"default": "ALLOW",
"description": "Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) and MPS functionality.",
"enum": [
"ALLOW",
"BLOCK"
],
"readonly": false,
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_capability": {
"$ref": "ServiceCapability,
"description": "Service capability.",
"readonly": false,
"required": false,
"title": "Service capability"
},
"service_deployment_spec": {
"$ref": "ServiceDeploymentSpec,
"description": "Service Deployment Specification defines takes in information required to deploy and configure a partner appliance/service-vm.",
"readonly": false,
"required": false,
"title": "Service Deployment Specification"
},
"service_manager_id": {
"description": "ID of the service manager to which this service is attached with. This field is not set during creation of service. This field will be set explicitly when Service Manager is created successfully using this service.",
"readonly": true,
"required": false,
"title": "Service Manager Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transports": {
"description": "Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS.",
"items": {
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH"
],
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "array"
},
"vendor_id": {
"description": "Id which is unique to a vendor or partner for which the service is created.",
"readonly": false,
"required": true,
"title": "Vendor ID",
"type": "string"
}
},
"title": "Definition of a Service.",
"type": "object"
}
ServiceDefinitionListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceDefinitionListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service definition list request parameters",
"type": "object"
}
ServiceDeployment (type)
{
"description": "Used to provide the deployment specification for the service.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceDeployment",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"clustered_deployment_count": {
"default": 1,
"description": "Number of instances in case of clustered deployment.",
"maximum": 10,
"minimum": 1,
"readonly": false,
"required": false,
"title": "Clustered Deployment Count",
"type": "integer"
},
"deployed_to": {
"description": "List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion. Service Attachment in case of E-W ServiceInsertion.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"minItems": 1,
"readonly": false,
"required": false,
"title": "Deployed-to object list",
"type": "array"
},
"deployment_mode": {
"default": "STAND_ALONE",
"description": "Mode of deployment. Currently, only stand alone deployment is supported. It is a single VM deployed through this deployment spec. In future, HA configurations will be supported here.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"deployment_spec_name": {
"description": "Name of the deployment spec to be used for deployment, which specifies the OVF provided by the partner and the form factor.",
"readonly": false,
"required": true,
"title": "Deployment Spec Name",
"type": "string"
},
"deployment_type": {
"default": "CLUSTERED",
"description": "Specifies whether the service VM should be deployed on each host such that it provides partner service locally on the host, or whether the service VMs can be deployed as a cluster. If deployment_type is CLUSTERED, then the clustered_deployment_count should be provided.",
"enum": [
"HOSTLOCAL",
"CLUSTERED"
],
"readonly": false,
"required": false,
"title": "Deployment Type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"instance_deployment_template": {
"$ref": "DeploymentTemplate,
"description": "The deployment template to be used during the deployment to provide customized attributes to the service VM.",
"readonly": false,
"required": true,
"title": "Instance Deployment Template"
},
"perimeter": {
"default": "HOST",
"description": "This indicates the deployment perimeter, such as a VC cluster or a host.",
"enum": [
"CLUSTER",
"HOST"
],
"readonly": false,
"required": false,
"title": "Deployment perimeter",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_deployment_config": {
"$ref": "ServiceDeploymentConfig,
"description": "Deployment Config contains the deployment specification, such as the storage and network to be used along with the cluster where the service VM can be deployed.",
"readonly": false,
"required": true,
"title": "Service Deployment Config"
},
"service_id": {
"description": "The Service to which the service deployment is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Deployment details of a Service",
"type": "object"
}
ServiceDeploymentConfig (type)
{
"description": "The Deployment Config contains settings that are applied during install time.",
"id": "ServiceDeploymentConfig",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"compute_collection_id": {
"description": "Resource Pool or cluster Id.",
"readonly": false,
"required": true,
"title": "Compute Collection Id",
"type": "string"
},
"compute_manager_id": {
"description": "Context Id or VCenter Id.",
"readonly": false,
"required": true,
"title": "Compute Manager Id",
"type": "string"
},
"host_id": {
"description": "The service VM will be deployed on the specified host in the specified server within the cluster if host_id is specified. Note: You must ensure that storage and specified networks are accessible by this host.",
"readonly": false,
"required": false,
"title": "Host id",
"type": "string"
},
"storage_id": {
"description": "Moref of the datastore in VC. If it is to be taken from 'Agent VM Settings', then it should be empty.",
"readonly": false,
"required": false,
"title": "Storage Id",
"type": "string"
},
"vm_nic_info": {
"$ref": "VmNicInfo,
"description": "VM NIC information for VMs",
"readonly": false,
"required": false,
"title": "VM NIC information"
}
},
"title": "Service Deployment Config",
"type": "object"
}
ServiceDeploymentIssue (type)
{
"description": "Type of issue and detailed description of the issue in case of deployment failure.",
"id": "ServiceDeploymentIssue",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"issue_description": {
"description": "Description of issue encountered while service deployment.",
"required": false,
"title": "Description of issue encountered while service deployment",
"type": "string"
},
"issue_timestamp": {
"description": "Timestamp when issue was issue encountered while service deployment.",
"required": false,
"title": "Timestamp when issue was encountered while service deployment",
"type": "string"
},
"issue_type": {
"description": "Type of issue encountered while service deployment.",
"required": true,
"title": "Type of issue encountered while service deployment",
"type": "string"
}
},
"title": "Service deployment issue",
"type": "object"
}
ServiceDeploymentListResult (type)
{
"additionalProperties": false,
"description": "Result of List of ServiceDeployments",
"extends": {
"$ref": "ListResult
},
"id": "ServiceDeploymentListResult",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing ServiceDeployments in database",
"items": {
"$ref": "ServiceDeployment
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ServiceDeployment list result",
"type": "object"
}
ServiceDeploymentSpec (type)
{
"description": "ServiceDeployment Spec consists of information required to deploy and configure the partner appliances. viz. Deployment template, deployment spec and NIC metatdata.",
"id": "ServiceDeploymentSpec",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"deployment_specs": {
"description": "Deployment Specs holds information required to deploy the Service-VMs. i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF can be deployed, Form factor to name a few.",
"items": {
"$ref": "SVMDeploymentSpec
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service Deployment Spec List",
"type": "array"
},
"deployment_template": {
"description": "Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX Manager.",
"items": {
"$ref": "DeploymentTemplate
},
"readonly": false,
"required": true,
"title": "Service Deployment Template",
"type": "array"
},
"nic_metadata_list": {
"description": "NIC metadata associated with the deployment spec.",
"items": {
"$ref": "NicMetadata
},
"readonly": false,
"required": false,
"title": "NIC Metadata",
"type": "array"
},
"svm_version": {
"description": "Partner needs to specify the Service VM version which will get deployed.",
"required": false,
"title": "Partner Service-VM version.",
"type": "string"
}
},
"title": "Service Deployment Specification.",
"type": "object"
}
ServiceDeploymentStatus (type)
{
"id": "ServiceDeploymentStatus",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"deployment_issues": {
"description": "List of issue and detailed description of the issue in case of deployment failure.",
"items": {
"$ref": "ServiceDeploymentIssue
},
"readonly": true,
"required": false,
"title": "Service deployment issue",
"type": "array"
},
"deployment_status": {
"description": "Deployment status of NXGI Partner Service-VM on a compute collection. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment on a compute collection such as VC cluster.",
"enum": [
"UPGRADE_IN_PROGRESS",
"UPGRADE_FAILED",
"DEPLOYMENT_QUEUED",
"DEPLOYMENT_IN_PROGRESS",
"DEPLOYMENT_FAILED",
"DEPLOYMENT_SUCCESSFUL",
"UNDEPLOYMENT_QUEUED",
"UNDEPLOYMENT_IN_PROGRESS",
"UNDEPLOYMENT_FAILED",
"UNDEPLOYMENT_SUCCESSFUL",
"UPGRADE_QUEUED"
],
"readonly": true,
"required": false,
"title": "Compute collection deployment progress status",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"service_deployment_id": {
"description": "Id of service deployment.",
"readonly": true,
"required": false,
"title": "Service deployment id",
"type": "string"
},
"sva_current_version": {
"description": "Currently deployed Service Virtual Appliance version.",
"required": false,
"title": "Current deployed SVA version",
"type": "string"
},
"sva_max_available_version": {
"description": "Max available SVA version for upgrade",
"required": false,
"title": "Max available SVA version",
"type": "string"
}
},
"type": "object"
}
ServiceEndpoint (type)
{
"additionalProperties": false,
"id": "ServiceEndpoint",
"module_id": "ClusterManagement",
"properties": {
"certificate": {
"required": false,
"title": "Certificate or certificate chain",
"type": "string"
},
"certificate_sha256_thumbprint": {
"readonly": true,
"required": false,
"type": "string"
},
"entities_hosted": {
"items": {
"$ref": "HostedEntityInfo
},
"readonly": true,
"required": false,
"title": "List of entities hosted on accessible through the service endpoint",
"type": "array"
},
"fqdn": {
"readonly": true,
"required": false,
"type": "string"
},
"ip_address": {
"$ref": "IPv4Address,
"required": true
},
"ipv6_address": {
"$ref": "IPv6Address,
"required": false
},
"ipv6_fqdn": {
"readonly": true,
"required": false,
"type": "string"
},
"port": {
"maximum": 65535,
"minimum": 0,
"required": true,
"type": "integer"
},
"service_endpoint_uuid": {
"readonly": true,
"required": false,
"title": "Unique identifier of this service endpoint",
"type": "string"
}
},
"type": "object"
}
ServiceEntry (type)
{
"abstract": true,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A Service entry that describes traffic",
"type": "object"
}
ServiceEntryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceEntryListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service entry list request parameters",
"type": "object"
}
ServiceEntryListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceEntryListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceEntry
},
"required": true,
"title": "Service entry list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Service entries",
"type": "object"
}
ServiceGateway (type)
{
"description": "Service Gateway serves as the default gateway for VPC.",
"id": "ServiceGateway",
"module_id": "PolicyVpc",
"properties": {
"auto_snat": {
"default": true,
"description": "Auto plumb snat rule for private subnet, this will make sure private subnets are routable outside of VPC. There will be one snat rule per VPC, translated ip will be taken from external ip block. If enabled, user must also configure external ip block. This property is applicable only when service_gateway is enabled.",
"required": false,
"title": "Auto plumb snat rule",
"type": "boolean"
},
"disable": {
"default": false,
"description": "Flag to deactivate service gateway for connected subnets. If false then VPC will support the following services: NAT, gateway security policies, and gateway QoS profile. If true, VPC will support only distributed services i.e., EW security policy. Workload shall be protected using the same. All traffic from subnets will be routed through the distributed router to the connected gateway and eliminates the intermediate hop of the service gateway.",
"required": false,
"title": "Flag to indicate if Gateway Service support is required or not. By default, service gateway is enabled.",
"type": "boolean"
},
"qos_config": {
"$ref": "GatewayQosProfileConfig,
"description": "QoS Profile configuration for VPC connected to the gateway. The profiles must be pre-created at the project level.",
"required": false,
"title": "Gateway QoS Profile configuration"
}
},
"title": "Service Gateway configuration",
"type": "object"
}
ServiceInsertionContextType (type)
{
"description": "Types of Service Insertion contexts. \"east_west\" applies to trasport_nodes in data center. \"north_south\" applies to logical_routers (T0/T1) in data center.",
"enum": [
"east_west",
"north_south"
],
"id": "ServiceInsertionContextType",
"module_id": "ServiceInsertionStatus",
"title": "Service Insertion Context Type",
"type": "string"
}
ServiceInsertionDeleteParameters (type)
{
"id": "ServiceInsertionDeleteParameters",
"module_id": "ServiceInsertion",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete all the child objects, associated with it.",
"type": "boolean"
}
},
"title": "Service Insertion delete parameters",
"type": "object"
}
ServiceInsertionInsertParameters (type)
{
"extends": {
"$ref": "DSInsertParameters
},
"id": "ServiceInsertionInsertParameters",
"module_id": "ServiceInsertionRules",
"properties": {
"id": {
"maxLength": 64,
"required": false,
"title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters that indicate where rule/section need to be added All the params take rule/section Id",
"type": "object"
}
ServiceInsertionListRequestParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections/rules.",
"extends": {
"$ref": "DSListRequestParameters
},
"id": "ServiceInsertionListRequestParameters",
"module_id": "ServiceInsertionRules",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
}
},
"title": "Parameters to filter list of sections/rules",
"type": "object"
}
ServiceInsertionRule (type)
{
"description": "ServiceInsertion Rule.",
"extends": {
"$ref": "DSRule
},
"id": "ServiceInsertionRule",
"module_id": "ServiceInsertionRules",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_owner": {
"$ref": "OwnerResourceLink,
"readonly": true,
"title": "Owner of this resource"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"action": {
"description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DETECT - Detect IDS Signatures. ALLOW_CONTINUE - Allows rules to jump from this rule. Action on matching rules in the destination category will decide next step. Application is default destination until new categories are supported to jump to. DETECT_PREVENT - Detect and Prevent IDS Signatures.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"REDIRECT",
"DO_NOT_REDIRECT",
"DETECT",
"ALLOW_CONTINUE",
"DETECT_PREVENT"
],
"readonly": false,
"required": true,
"title": "Action",
"type": "string"
},
"applied_tos": {
"description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of the destinations. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Destination List",
"type": "array"
},
"destinations_excluded": {
"default": false,
"description": "Negation of the destination.",
"readonly": false,
"required": false,
"title": "Negation of destination",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"readonly": false,
"required": false,
"title": "Rule direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.",
"readonly": false,
"required": false,
"title": "Rule enable/disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"description": "Identifier of the resource",
"readonly": true,
"required": false,
"type": "string"
},
"ip_protocol": {
"default": "IPV4_IPV6",
"description": "Type of IP packet that should be matched while enforcing the rule.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "Flag to indicate whether rule is default.",
"readonly": true,
"required": false,
"title": "Default rule",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"notes": {
"description": "User notes specific to the rule.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Notes",
"type": "string"
},
"priority": {
"description": "Priority of the rule.",
"readonly": true,
"required": false,
"title": "Rule priority",
"type": "integer"
},
"redirect_tos": {
"description": "A rule can be redirected to ServiceInstance, InstanceEndpoint for North/South Traffic. A rule can be redirected to ServiceChain for East/West Traffic. For REDIRECT action, redirect_tos is mandatory. For DO_NOT_REDIRECT action, redirect_tos is optional.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 1,
"readonly": false,
"required": false,
"title": "Redirect_Tos List",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"readonly": false,
"required": false,
"title": "Tag",
"type": "string"
},
"section_id": {
"description": "ID of the section to which this rule belongs.",
"readonly": true,
"required": false,
"title": "Section Id",
"type": "string"
},
"services": {
"description": "List of the services. Null will be treated as any.",
"items": {
"$ref": "ServiceInsertionService
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service List",
"type": "array"
},
"sources": {
"description": "List of sources. Null will be treated as any.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Source List",
"type": "array"
},
"sources_excluded": {
"default": false,
"description": "Negation of the source.",
"readonly": false,
"required": false,
"title": "Negation of source",
"type": "boolean"
}
},
"title": "ServiceInsertion Rule",
"type": "object"
}
ServiceInsertionRuleList (type)
{
"description": "List of ServiceInsertion Rules.",
"id": "ServiceInsertionRuleList",
"module_id": "ServiceInsertionRules",
"properties": {
"rules": {
"description": "List of ServiceInsertion rules in the section. Only homogeneous rules are supported.",
"items": {
"$ref": "ServiceInsertionRule
},
"maxItems": 1000,
"required": true,
"title": "List of the ServiceInsertion rules",
"type": "array"
}
},
"title": "ServiceInsertion Section RuleList",
"type": "object"
}
ServiceInsertionRuleListResult (type)
{
"description": "List of ServiceInsertion Rules.",
"extends": {
"$ref": "ListResult
},
"id": "ServiceInsertionRuleListResult",
"module_id": "ServiceInsertionRules",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "ServiceInsertion rule list result with pagination support.",
"items": {
"$ref": "ServiceInsertionRule
},
"readonly": true,
"required": true,
"title": "ServiceInsertion rule list result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ServiceInsertion Section RuleList",
"type": "object"
}
ServiceInsertionSection (type)
{
"description": "A ServiceInsertion section composed of ServiceInsertion Rules.",
"extends": {
"$ref": "DSSection
},
"id": "ServiceInsertionSection",
"module_id": "ServiceInsertionRules",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"title": "ServiceInsertion Section",
"type": "object"
}
ServiceInsertionSectionFilterParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of sections.",
"extends": {
"$ref": "ServiceInsertionListRequestParameters
},
"id": "ServiceInsertionSectionFilterParameters",
"module_id": "ServiceInsertionRules",
"properties": {
"applied_tos": {
"description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "AppliedTo's referenced by this section or section's Distributed Service Rules .",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"destinations": {
"description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Destinations referenced by this section's Distributed Service Rules .",
"type": "string"
},
"exclude_applied_to_type": {
"$ref": "DSAppliedToType,
"description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections not having a specific AppliedTo type"
},
"filter_type": {
"default": "FILTER",
"description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.",
"enum": [
"FILTER",
"SEARCH"
],
"required": false,
"title": "Filter type",
"type": "string"
},
"include_applied_to_type": {
"$ref": "DSAppliedToType,
"description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter. Section filter only takes a single value for this param.",
"required": false,
"title": "Limit result to sections having a specific AppliedTo type"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"services": {
"description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "NSService referenced by this section's Distributed Service Rules .",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sources": {
"description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.",
"required": false,
"title": "Sources referenced by this section's Distributed Service Rules .",
"type": "string"
},
"type": {
"default": "L3REDIRECT",
"description": "Section Type with values L3REDIRECT.",
"enum": [
"L3REDIRECT"
],
"required": false,
"title": "Section Type",
"type": "string"
}
},
"title": "Parameters to filter section from list of sections",
"type": "object"
}
ServiceInsertionSectionListResult (type)
{
"description": "List of ServiceInsertion Sections.",
"extends": {
"$ref": "DSSectionListResult
},
"id": "ServiceInsertionSectionListResult",
"module_id": "ServiceInsertionRules",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the ServiceInsertion sections. The list has to be homogeneous.",
"items": {
"$ref": "ServiceInsertionSection
},
"readonly": true,
"required": true,
"title": "Section list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ServiceInsertion Section List",
"type": "object"
}
ServiceInsertionSectionQueryParameters (type)
{
"extends": {
"$ref": "DSSectionQueryParameters
},
"id": "ServiceInsertionSectionQueryParameters",
"module_id": "ServiceInsertionRules",
"properties": {
"cascade": {
"default": false,
"required": false,
"title": "Flag to cascade delete of this object to all it's child objects.",
"type": "boolean"
}
},
"title": "Section query parameters",
"type": "object"
}
ServiceInsertionSectionRuleList (type)
{
"description": "List of ServiceInsertion Rules.",
"extends": {
"$ref": "ServiceInsertionSection
},
"id": "ServiceInsertionSectionRuleList",
"module_id": "ServiceInsertionRules",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_tos": {
"description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "AppliedTo List",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.",
"readonly": true,
"required": false,
"title": "Default section flag",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "Number of rules in this section.",
"readonly": true,
"required": false,
"title": "Rule count",
"type": "integer"
},
"rules": {
"description": "List of Service Insertion rules in the section. Only homogeneous rules are supported.",
"items": {
"$ref": "ServiceInsertionRule
},
"maxItems": 1000,
"readonly": false,
"required": true,
"title": "List of the Service Insertion rules",
"type": "array"
},
"section_type": {
"description": "Type of the rules which a section can contain. Only homogeneous sections are supported.",
"enum": [
"LAYER2",
"LAYER3",
"L3REDIRECT",
"IDS"
],
"readonly": false,
"required": true,
"title": "Section Type",
"type": "string"
},
"stateful": {
"description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.",
"readonly": false,
"required": true,
"title": "Stateful nature of the distributed service rules in the section.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"default": false,
"description": "Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.",
"required": false,
"title": "TCP Strict",
"type": "boolean"
}
},
"title": "ServiceInsertion Section RuleList",
"type": "object"
}
ServiceInsertionService (type)
{
"description": "Protocol on which a particular ServiceInsertion Rule should apply to.",
"extends": {
"$ref": "DSService
},
"id": "ServiceInsertionService",
"module_id": "ServiceInsertionRules",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"service": {
"$ref": "NSServiceElement,
"description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.",
"readonly": false,
"required": false,
"title": "Distributed Service Network and Security Service element"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "ServiceInsertion Service",
"type": "object"
}
ServiceInsertionServiceListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServiceInsertionServiceListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-Insertion Services. The list has to be homogenous.",
"items": {
"$ref": "ServiceDefinition
},
"readonly": true,
"required": true,
"title": "Service list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service List",
"type": "object"
}
ServiceInsertionServiceProfile (type)
{
"description": "Service profile represents a specialization of vendor template.",
"extends": {
"$ref": "BaseServiceProfile
},
"id": "ServiceInsertionServiceProfile",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "ServiceInsertionServiceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to the NSX Manager. If a vendor template exposes configurables, then the values are specified here.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service profile attributes",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"redirection_action": {
"default": "PUNT",
"description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. The service insertion profile inherits the redirection action if already specified at the vendor template. However the service profile cannot overide the action specified at the vendor template.",
"enum": [
"PUNT",
"COPY"
],
"readonly": false,
"required": false,
"title": "Redirection action",
"type": "string"
},
"resource_type": {
"description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'",
"required": true,
"title": "Service Profile Resource type.",
"type": "string"
},
"service_id": {
"description": "The service to which the service profile belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vendor_template_id": {
"description": "Id of the vendor template to be used by the servive profile.",
"readonly": false,
"required": true,
"title": "Vendor template id",
"type": "string"
}
},
"title": "Service Profile for a Service",
"type": "object"
}
ServiceInsertionStatus (type)
{
"description": "It represents global status of Service Insertion for a particular context type. It shows whether a service insertion is enabled or not for a type.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceInsertionStatus",
"module_id": "ServiceInsertionStatus",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"context": {
"$ref": "ServiceInsertionContextType,
"description": "Type of service insertion contexts.",
"readonly": false,
"required": true,
"title": "Service Insertion Context Type"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_status": {
"$ref": "ServiceInsertionStatusType,
"description": "service insertion status for a context type (e.g. east_west traffic).",
"readonly": false,
"required": true,
"title": "Service Insertion Status Type"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Service Insertion Status",
"type": "object"
}
ServiceInsertionStatusListResult (type)
{
"description": "List of service insertion statuses for a context or all context",
"extends": {
"$ref": "ListResult
},
"id": "ServiceInsertionStatusListResult",
"module_id": "ServiceInsertionStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceInsertionStatus
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Insertion Statuses",
"type": "object"
}
ServiceInsertionStatusType (type)
{
"description": "Service Insertion status for a context type (e.g. east_west traffic).",
"enum": [
"DISABLED",
"ENABLED"
],
"id": "ServiceInsertionStatusType",
"module_id": "ServiceInsertionStatus",
"title": "Service Insertion Status Type",
"type": "string"
}
ServiceInstance (type)
{
"description": "The deployment of a registered service. Service instance is instantiation of service. It is the most used type of instance. It is a default instance to be used when NSX handles lifecycle of appliance. Deployment and appliance related all the information is necessary.",
"extends": {
"$ref": "BaseServiceInstance
},
"id": "ServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "ServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attachment_point": {
"description": "Attachment point to be used by this service instance for deploying the Service-VM.",
"enum": [
"TIER0_LR",
"TIER1_LR",
"SERVICE_PLANE",
"HOST"
],
"readonly": false,
"required": true,
"title": "Attachment Point",
"type": "string"
},
"deployed_to": {
"description": "List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion.",
"items": {
"$ref": "ResourceReference
},
"maxItems": 128,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Deployed-to object list",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": true,
"title": "Deployment Mode",
"type": "string"
},
"deployment_spec_name": {
"description": "Name of the deployment spec to be used by this service instance.",
"readonly": false,
"required": true,
"title": "Deployment Spec Name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"implementation_type": {
"description": "Implementation to be used by this service instance for deploying the Service-VM.",
"enum": [
"NORTH_SOUTH",
"EAST_WEST"
],
"readonly": false,
"required": true,
"title": "Implementation Type",
"type": "string"
},
"instance_deployment_config": {
"$ref": "InstanceDeploymentConfig,
"description": "Instance Deployment Config contains the information to be injected during Service-VM deployment. This field is optional if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"readonly": false,
"required": false,
"title": "Instance Deployment Config"
},
"instance_deployment_template": {
"$ref": "DeploymentTemplate,
"description": "The deployment template to be used by this service instance. The attribute values specific to this instance can be added.",
"readonly": false,
"required": true,
"title": "Instance Deployment Template"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType,
"required": true
},
"service_deployment_id": {
"description": "Id of the Service Deployment using which the instances were deployed. Its available only for instances that were deployed using service deployment API.",
"readonly": true,
"required": false,
"title": "Id of the Service Deployment using which the instances were deployed",
"type": "string"
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Normal Instance of a service",
"type": "object"
}
ServiceInstanceEndpoint (type)
{
"additionalProperties": false,
"description": "A ServiceInstanceEndpoint belongs to one ByodPolicyServiceInstance and is attached to one ServiceInterface. A ServiceInstanceEndpoint represents a redirection target for a RedirectionPolicy.",
"extends": {
"$ref": "BaseEndpoint
},
"id": "ServiceInstanceEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ServiceInstanceEndpoint"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"service_interface_path": {
"description": "Path of Service Interface to which this ServiceInstanceEndpoint is connected.",
"readonly": false,
"required": true,
"title": "Service Interface path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceInstanceEndpoint"
],
"relationshipType": "SERVICE_INSTANCE_ENDPOINT_SERVICE_INTERFACE_RELATIONSHIP",
"rightType": [
"ServiceInterface"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service EndPoint for Byod Policy Service Instance",
"type": "object"
}
ServiceInstanceEndpointListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceInstanceEndpointListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ServiceInstanceEndpoint list request parameters",
"type": "object"
}
ServiceInstanceEndpointListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceInstanceEndpointListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceInstanceEndpoint
},
"required": true,
"title": "ServiceInstanceEndpoint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of ServiceInstanceEndpoint",
"type": "object"
}
ServiceInstanceHealthStatus (type)
{
"description": "Health Status of a third party partner VM.",
"id": "ServiceInstanceHealthStatus",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"connect_timestamp": {
"description": "Latest timestamp when mux was connected to SVA.",
"required": false,
"title": "Timestamp when mux was connected to SVA",
"type": "string"
},
"is_stale": {
"description": "The parameter is set if the last received health status is older than the predefined interval.",
"readonly": true,
"required": false,
"title": "Flag is true when health status is stale",
"type": "boolean"
},
"is_sva_mux_incompatible": {
"description": "Protocol version might be different in both Mux and SVA.",
"required": false,
"title": "Flag is true when Mux and SVA are incompatible",
"type": "boolean"
},
"mux_connected_status": {
"description": "Status of multiplexer which forwards the events from guest virtual machines to the partner appliance.",
"required": false,
"title": "Context Multiplexer Status",
"type": "string"
},
"mux_incompatible_version": {
"description": "Mux version when Mux and SVA are incompatible",
"required": false,
"title": "Mux incompatible version",
"type": "string"
},
"solution_status": {
"description": "Status of third party partner solution application.",
"required": false,
"title": "Third party partner solution status",
"type": "string"
},
"solution_version": {
"description": "Version of third party partner solution application.",
"required": false,
"title": "Solution version of partner application",
"type": "string"
},
"sync_time": {
"description": "Latest timestamp when health status is received.",
"required": false,
"title": "Health status timestamp",
"type": "string"
}
},
"title": "Service instance health status",
"type": "object"
}
ServiceInstanceListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServiceInstanceListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-Insertion ServicesInstances. The list has to be homogenous.",
"items": {
"$ref": "BaseServiceInstance
},
"readonly": true,
"required": true,
"title": "Service-Instance list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Instance List",
"type": "object"
}
ServiceInstanceNSGroups (type)
{
"description": "ServiceInstanceNSGroups contains list of NS Groups referenced in North-South Service Insertion Rules for a particular Service Instance.",
"id": "ServiceInstanceNSGroups",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"nsroups": {
"description": "List of NSGroups Used in ServiceInsertion Rules.",
"items": {
"$ref": "NSGroupInfo
},
"readonly": true,
"required": false,
"title": "NSGroup List",
"type": "array"
}
},
"title": "NSGroups referenced in North-South Service Instance",
"type": "object"
}
ServiceInstanceQueryParameters (type)
{
"id": "ServiceInstanceQueryParameters",
"module_id": "ServiceInsertion",
"properties": {
"deployed_to": {
"description": "The deployed_to attribute in Service Instance. Currently only Logical Router id is supported as deployed_to value. Single value is supported in current release.",
"required": false,
"title": "Deployed_to referenced by service instances present in system",
"type": "string"
},
"service_deployment_id": {
"description": "Service Deployment Id using which the instances were deployed. Single value is supported in current release.",
"required": false,
"title": "Service Deployment Id using which the instances were deployed",
"type": "string"
}
},
"title": "Service Instance query parameters",
"type": "object"
}
ServiceInstanceResourceType (type)
{
"additionalProperties": false,
"description": "ServiceInstance is used when NSX handles the lifecyle of appliance. Deployment and appliance related all the information is necessary. ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX. VirtualServiceInstance is a a custom instance to be used when NSX is not handling the lifecycle of an appliance and when the user is not bringing their own appliance.",
"enum": [
"ServiceInstance",
"ByodServiceInstance",
"VirtualServiceInstance"
],
"id": "ServiceInstanceResourceType",
"module_id": "ServiceInsertionCommonTypes",
"title": "Resource types of Service Instance",
"type": "string"
}
ServiceInstanceStatus (type)
{
"id": "ServiceInstanceStatus",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"configuration_issue": {
"$ref": "SVMConfigureIssue,
"description": "This object contains the list of issues which might come during post deployment configuration for a particular service instance.",
"readonly": true,
"required": false,
"title": "Collection of configuration issues during service instance deployment"
},
"instance_deployment_status": {
"$ref": "ServiceDeploymentStatus,
"description": "Deployment status of NXGI Partner Service-VM.",
"readonly": true,
"required": false,
"title": "Deployment status of a Service Instance"
},
"instance_health_status": {
"$ref": "ServiceInstanceHealthStatus,
"description": "Health status of NXGI components on Partner Service-VM.",
"readonly": true,
"required": false,
"title": "Health status of a Service Instance"
},
"service_instance_id": {
"description": "Id of an instantiation of a registered service.",
"readonly": true,
"required": false,
"title": "Service instance id",
"type": "string"
}
},
"type": "object"
}
ServiceInterface (type)
{
"additionalProperties": false,
"description": "Service interface configuration for internal connectivity.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "ServiceInterface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service interface configuration",
"type": "object"
}
ServiceInterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceInterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceInterface
},
"required": true,
"title": "Service Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Service Interfaces",
"type": "object"
}
ServiceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"default_service": {
"description": "If set to true, then it will display only default services. If set to false, then it will display all user defined services. If it is not provided, then complete (default as well as user defined) list of services will be displayed.",
"title": "Fetch all default services",
"type": "boolean"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service list request parameters",
"type": "object"
}
ServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Service
},
"required": true,
"title": "Service list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Services",
"type": "object"
}
ServiceManager (type)
{
"description": "Partner console endpoint information for enabling NSX to callback with events and status.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceManager",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_scheme": {
"$ref": "CallbackAuthenticationScheme,
"description": "A CallbackAuthenticationScheme that describes how notification requests/callbacks from NSX, should authenticate to the server.",
"readonly": false,
"required": true,
"title": "Scheme to authenticate requests sent to the server"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"port": {
"description": "Integer port value to specify a standard/non-standard HTTPS port.",
"maximum": 65535,
"minimum": 0,
"readonly": false,
"required": true,
"title": "Integer port value to specify a HTTPS port",
"type": "integer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server": {
"description": "IP address or fully qualified domain name of the partner REST server.",
"readonly": false,
"required": true,
"title": "IP address or fully qualified domain name of server",
"type": "string"
},
"service_ids": {
"description": "The IDs of services, provided by partner.",
"items": {
"$ref": "ResourceReference
},
"readonly": false,
"required": true,
"title": "Service IDs",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Thumbprint (SHA-256 hash represented in lower case hex) for the certificate on the partner console. This will be required to establish secure communication with the console and to avoid man-in-the-middle attacks.",
"title": "Thumbprint of the certificate for partner console",
"type": "string"
},
"uri": {
"description": "URI on which notification requests should be made on the specified server.",
"readonly": false,
"required": true,
"title": "URI notification requests should be made on the server",
"type": "string"
},
"vendor_id": {
"description": "Id which is unique to a vendor or partner for which the service is created.",
"readonly": true,
"required": false,
"title": "Vendor ID",
"type": "string"
}
},
"title": "Definition of a Service Manager",
"type": "object"
}
ServiceManagerListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServiceManagerListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-managers.",
"items": {
"$ref": "ServiceManager
},
"readonly": true,
"required": true,
"title": "Service manager list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Manager List Result",
"type": "object"
}
ServicePath (type)
{
"description": "An instance of service chain that consists of forward and reverse service paths.",
"id": "ServicePath",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"forward_path": {
"$ref": "UnidirectionalServicePath,
"description": "Forward service path if available that applies to ingress traffic.",
"readonly": true,
"required": false,
"title": "Forward service path"
},
"reverse_path": {
"$ref": "UnidirectionalServicePath,
"description": "Reverse service path if available that applies to egress traffic.",
"readonly": true,
"required": false,
"title": "Reverse Service Path"
},
"service_chain_id": {
"description": "A unique id of a service chain.",
"readonly": true,
"required": false,
"title": "Service chain id",
"type": "integer"
},
"service_chain_uuid": {
"description": "Uuid of a service chain.",
"readonly": true,
"required": false,
"title": "Uuid of a service chain",
"type": "string"
},
"service_path_id": {
"description": "Unique identifier of a service path.",
"readonly": true,
"required": false,
"title": "Service path id",
"type": "integer"
}
},
"title": "Service path",
"type": "object"
}
ServicePathHop (type)
{
"description": "Represents a service VM implementing a particular service in a service chain",
"id": "ServicePathHop",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"action": {
"description": "Action that will be taken by the corresponding service VM of the hop.",
"enum": [
"SERVICE_ACTION_INVALID",
"COPY",
"REDIRECT"
],
"readonly": true,
"required": false,
"title": "Action",
"type": "string"
},
"can_decrement_si": {
"description": "Indicating whether service is configured to decrement SI field in NSH metadata.",
"readonly": true,
"required": false,
"title": "SI decrement flag",
"type": "boolean"
},
"in_maintenance_mode": {
"description": "Indicating the maintenance mode of the corresponding service VM.",
"readonly": true,
"required": false,
"title": "Maintenance mode flag",
"type": "boolean"
},
"is_active_from_ccp": {
"description": "Indicating whether the corresponding service VM is active or not per CCP.",
"readonly": true,
"required": false,
"title": "Active flag managed by CCP",
"type": "boolean"
},
"is_active_from_dp": {
"description": "Indicating whether the corresponding service VM is active or not per DP.",
"readonly": true,
"required": false,
"title": "Active flag managed by DP",
"type": "boolean"
},
"is_active_from_mp": {
"description": "Indicating whether the corresponding service VM is active or not per MP.",
"readonly": true,
"required": false,
"title": "Active flag managed by MP",
"type": "boolean"
},
"mac_address": {
"description": "MAC address of the virtual network interface.",
"readonly": true,
"required": false,
"title": "MAC address of the virtual network interface.",
"type": "string"
},
"nsh_liveness_support": {
"description": "Indicating whether NSH liveness is supported or not by the corresponding service VM.",
"readonly": true,
"required": false,
"title": "NSH liveness flag",
"type": "boolean"
},
"vif": {
"description": "ID of the virtual network interface.",
"readonly": true,
"required": false,
"title": "Virtual interface id",
"type": "string"
}
},
"title": "Service path hop",
"type": "object"
}
ServicePathListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "ServicePathListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of homogenous service paths",
"items": {
"$ref": "ServicePath
},
"readonly": true,
"required": true,
"title": "Service Path list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service path list",
"type": "object"
}
ServiceProfileGroups (type)
{
"description": "ServiceProfileGroups contains list of Groups referenced in Service Insertion Rules.To be considered, Service profile must be part of a Service chain and that Service chain must be used in a Rule.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceProfileGroups",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "List of Groups Used in ServiceInsertion Rules.",
"items": {
"$ref": "GroupInfo
},
"readonly": true,
"required": false,
"title": "Group Info List",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Groups used in Service Profile",
"type": "object"
}
ServiceProfileNSGroups (type)
{
"description": "ServiceProfileNSGroups contains list of NS Groups referenced in Service Insertion Rules. To be considered, Service profile must be part of a Service Chain and that Service chain must be used in a Rule.",
"extends": {
"$ref": "ManagedResource
},
"id": "ServiceProfileNSGroups",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"nsroups": {
"description": "List of NSGroups Used in ServiceInsertion Rules.",
"items": {
"$ref": "NSGroupInfo
},
"readonly": true,
"required": false,
"title": "NSGroup List",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSGroups used in Service Profile",
"type": "object"
}
ServiceReference (type)
{
"description": "An anchor object representing the intent to consume a given 3rd party service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceReference",
"module_id": "PolicyServiceInsertion",
"policy_hierarchical_children": [
"ChildPolicyServiceProfile"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A Service's operational state can be enabled or disabled. Note that would work only for NetX type of services and would not work for Guest Introsp- ection type of Services. TRUE - The Service should be enabled FALSE - The Service should be disabled",
"readonly": false,
"required": false,
"title": "Operational state of the Service.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service to be consumed for redirection.",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An anchor object representing the intent to consume a given 3rd party service.",
"type": "object"
}
ServiceReferenceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceReferenceListRequestParameters",
"module_id": "PolicyServiceInsertion",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service reference list request parameters",
"type": "object"
}
ServiceReferenceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceReferenceListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceReference
},
"required": true,
"title": "Service Reference list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Reference List",
"type": "object"
}
ServiceRouterAllocationConfig (type)
{
"additionalProperties": false,
"id": "ServiceRouterAllocationConfig",
"module_id": "LogicalRouter",
"properties": {
"allocation_pool": {
"$ref": "EdgeClusterMemberAllocationPool,
"description": "Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router.",
"required": false,
"title": "Edge Cluster Member Allocation Pool for logical router"
},
"edge_cluster_id": {
"description": "To reallocate TIER1 logical router on new or existing edge cluster",
"required": true,
"title": "Edge cluster id to re allocate members",
"type": "string"
},
"edge_cluster_member_indices": {
"description": "For TIER 1 logical router, for manual placement of service router within the cluster, edge cluster member indices needs to be provided else same will be auto-allocated. You can provide maximum two indices for HA ACTIVE_STANDBY.",
"items": {
"type": "integer"
},
"required": false,
"title": "Member indices of the edge node on the cluster",
"type": "array"
}
},
"type": "object"
}
ServiceSegment (type)
{
"additionalProperties": false,
"description": "Service Segment configuration to attach Service Insertion VM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceSegment",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lr_paths": {
"description": "Policy paths of logical routers or ports | to which this Service Segment can be connected.",
"items": {
"type": "string"
},
"required": false,
"title": "Policy paths of logical routers",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceSegment"
],
"relationshipType": "SERVICE_SEGMENT_TO_LR_RELATIONSHIP",
"rightType": [
"Tier1",
"Tier0"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to transport zone. Only overlay transport zone is supported.",
"required": true,
"title": "Policy path to the transport zone",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceSegment"
],
"relationshipType": "SERVICE_SEGMENT_TO_TRANSPORT_ZONE_RELATIONSHIP",
"rightType": [
"PolicyTransportZone"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Segment configuration",
"type": "object"
}
ServiceSegmentListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ServiceSegmentListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Segment list request parameters",
"type": "object"
}
ServiceSegmentListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceSegmentListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceSegment
},
"required": true,
"title": "Service Segment list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Service Segment",
"type": "object"
}
ServiceType (type)
{
"enum": [
"MGMT_CLUSTER",
"MGMT_PLANE",
"API",
"NOTIFICATION_COLLECTOR",
"SYSLOG_SERVER",
"RSYSLOG_CLIENT",
"APH",
"APH_TN",
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"CLIENT_AUTH",
"RMQ",
"K8S_MSG_CLIENT",
"WEB_PROXY",
"CBM_API",
"CBM_CCP",
"CBM_CSM",
"CBM_MP",
"CBM_GM",
"CBM_AR",
"CBM_MONITORING",
"CBM_IDPS_REPORTING",
"CBM_CM_INVENTORY",
"CBM_MESSAGING_MANAGER",
"CBM_UPGRADE_COORDINATOR",
"CBM_SITE_MANAGER",
"CBM_CLUSTER_MANAGER",
"CBM_CORFU",
"COMPUTE_MANAGER",
"CCP",
"ANALYTICS_AGENT",
"ANALYTICS_KAFKA",
"NAPP_COMMON_AGENT",
"NAPP_PACE_AGENT",
"NAPP_METRICS_AGENT"
],
"id": "ServiceType",
"module_id": "CertificateManager",
"title": "Supported service types, that are using certificates.",
"type": "string"
}
ServiceVMStateParameters (type)
{
"id": "ServiceVMStateParameters",
"module_id": "ServiceInsertionVMDeployment",
"properties": {
"action": {
"description": "You could use this parameter to set a servcie VM in maintenance mode or exit from maintenance mode, or set a service VM health state to indicate whether the service VM is running properly or not. 'enable_maintenance_mode' will set service VM in maintenance mode. 'disable_maintenance_mode' will exit from maintenance mode. 'is_healthy' will set runtime health state by partner of a service VM to be healthy. 'is_stopped' will set runtime health state by partner of a service VM to be stopped. 'is_not_responding' will set runtime health state by partner of a service VM to be not responding.",
"enum": [
"enable_maintenance_mode",
"disable_maintenance_mode",
"is_healthy",
"is_stopped",
"is_not_responding"
],
"type": "string"
},
"unhealthy_reason": {
"description": "Reason for the unhealthy state.",
"maxLength": 500,
"required": false,
"title": "Reason for the unhealthy state",
"type": "string"
}
},
"title": "Service VM maintenance mode setting parameters",
"type": "object"
}
SessionActionRequestParameter (type)
{
"additionalProperties": false,
"description": "Type of action on packet capture session. Supported actions are - restart, terminate and delete.",
"id": "SessionActionRequestParameter",
"module_id": "PolicyPacketCapture",
"properties": {
"action": {
"enum": [
"restart",
"terminate"
],
"required": true,
"title": "Indicates which action will be taken by session conduction.",
"type": "string"
}
},
"title": "Type of action on packet capture session",
"type": "object"
}
SessionAuthenticationCredentials (type)
{
"description": "Username and password used to obtain a session cookie.",
"id": "SessionAuthenticationCredentials",
"module_id": "AAA",
"properties": {
"j_password": {
"description": "Password to use when authenticating.",
"required": true,
"title": "Password",
"type": "string"
},
"j_username": {
"description": "User name to authenticate as.",
"required": true,
"title": "User name",
"type": "string"
}
},
"title": "Credentials used to authenticate to NSX",
"type": "object"
}
SessionLoginCredential (type)
{
"additionalProperties": false,
"description": "Details of session based login credential to login to server.",
"extends": {
"$ref": "LoginCredential
},
"id": "SessionLoginCredential",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "SessionLoginCredential"
},
"properties": {
"credential_type": {
"description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential', 'SessionLoginCredential'.",
"required": true,
"title": "Login credential, for example username-password-thumbprint, certificate or session based, etc",
"type": "string"
},
"session_id": {
"description": "The session_id to login to server.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "The session_id to login to server",
"type": "secure_string"
},
"thumbprint": {
"description": "Thumbprint of the login server.",
"readonly": false,
"required": false,
"title": "Thumbprint of the login server",
"type": "string"
}
},
"title": "A login credential specifying session_id",
"type": "object"
}
SessionSummaryParameters (type)
{
"additionalProperties": false,
"description": "IPSec VPN session summary parameters.",
"extends": {
"$ref": "DataSourceParameters
},
"id": "SessionSummaryParameters",
"module_id": "VPNStatistics",
"properties": {
"site_id": {
"description": "Peer site id.",
"title": "Peer site id",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "IPSec VPN session summary parameters",
"type": "object"
}
SessionTimerProfileBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SessionTimerProfileBindingListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SessionTimerProfileBindingMap
},
"required": true,
"title": "Session timer profile binding maps list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of session timer profile binding maps",
"type": "object"
}
SessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Session Timer profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "SessionTimerProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "SessionTimerProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Session Timer Profile binding map",
"type": "object"
}
SetFields (type)
{
"additionalProperties": false,
"description": "Set Fields is an action to set fields of the source event.",
"extends": {
"$ref": "Action
},
"id": "SetFields",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "SetFields"
},
"properties": {
"field_settings": {
"description": "Field Settings.",
"items": {
"$ref": "FieldSetting
},
"minItems": 1,
"title": "Field Settings",
"type": "array"
},
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Set Fields",
"type": "object"
}
SetInterSiteAphCertificateRequest (type)
{
"additionalProperties": false,
"id": "SetInterSiteAphCertificateRequest",
"module_id": "CertificateManager",
"properties": {
"cert_id": {
"description": "ID of the certificate that is already imported.",
"readonly": true,
"required": true,
"title": "Certificate ID",
"type": "string"
},
"used_by_id": {
"description": "ID of the node that this certificate is used on.",
"readonly": true,
"required": true,
"title": "Node ID",
"type": "string"
}
},
"title": "Data for setting Appliance Proxy certificate for inter-site communication",
"type": "object"
}
SetPrincipalIdentityCertificateForFederationRequest (type)
{
"additionalProperties": false,
"id": "SetPrincipalIdentityCertificateForFederationRequest",
"module_id": "CertificateManager",
"properties": {
"cert_id": {
"description": "Id of the certificate",
"readonly": true,
"required": true,
"type": "string"
},
"service_type": {
"$ref": "PIServiceType,
"description": "Service type for which the certificate should be used.",
"readonly": true,
"required": true
}
},
"title": "Data for setting a principal identity certificate",
"type": "object"
}
SetTargetVdsTopologyParameters (type)
{
"id": "SetTargetVdsTopologyParameters",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"cluster_id": {
"readonly": false,
"required": false,
"title": "cluster identifier",
"type": "string"
},
"use_recommended_topology_config": {
"readonly": false,
"required": false,
"title": "Flag to indicate if use recommended topology got from the latest precheck",
"type": "boolean"
}
},
"title": "Parameters to set target vds topology",
"type": "object"
}
SetupDetails (type)
{
"additionalProperties": false,
"description": "Contains Setup details of nsx appliance.",
"id": "SetupDetails",
"module_id": "MPPolicyMigration",
"properties": {
"principal_identity": {
"description": "User principal.",
"required": false,
"title": "User principal.",
"type": "string"
}
},
"title": "Setup details of nsx appliance.\n",
"type": "object"
}
SftpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "SftpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "sftp"
},
"properties": {
"authentication_scheme": {
"$ref": "PasswordAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"host_key_algorithms": {
"default": [
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521"
],
"description": "Supported host key algorithms for SSH/SFTP connection.<br /> <i>Algorithms are preferred in the order they are specified in list.</i>",
"items": {
"$ref": "HostKeyAlgorithms
},
"minItems": 1,
"required": false,
"title": "Host key algorithms",
"type": "array"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
ShaDynamicPlugin (type)
{
"additionalProperties": false,
"description": "Define a kind of Dynamic Sha plugin.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaDynamicPlugin",
"module_id": "PolicySha",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_plugin_uploaded": {
"description": "Flag to show the dynamic plugin zip file is uploaded.",
"readonly": true,
"title": "Flag to show the dynamic plugin status",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Sha dynamic Plugin",
"type": "object"
}
ShaDynamicPluginListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShaDynamicPluginListRequestParameters",
"module_id": "PolicySha",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Sha plugin profile request parameters",
"type": "object"
}
ShaDynamicPluginListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaDynamicPluginListResult",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaDynamicPlugin
},
"required": true,
"title": "Sha dynamic plugin list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of Sha dynamic plugin list.",
"type": "object"
}
ShaDynamicPluginProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaPluginProfile
},
"id": "ShaDynamicPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "DynamicPlugin"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"applied_to_ua": {
"description": "The on-off switch of System Health Plugin on UA cluster nodes.",
"required": false,
"title": "Plugin Enablement Flag on UA cluster nodes",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"config": {
"description": "Define the plugin configuration.",
"required": true,
"title": "Plugin configuration",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dynamic created plugin profile",
"type": "object"
}
ShaEsxObsrvAlarmsMonitorConfig (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ShaMonitorConfig
},
"id": "ShaEsxObsrvAlarmsMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvAlarmsMonitorConfig"
},
"properties": {
"check_interval": {
"default": 60,
"description": "The interval (in seconds) for collecting the statistics from a node",
"readonly": true,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
}
},
"title": "ESX observability alarm monitor configuration",
"type": "object"
}
ShaEsxObsrvDatapathTrafficStatsMonitorConfig (type)
{
"additionalProperties": false,
"description": "Users can add this configuration to 'sub_monitor_configs' to overwrite the property value inherited from the ShaEsxObsrvStatsMonitorConfig.",
"experimental": true,
"extends": {
"$ref": "ShaSubMonitorConfig
},
"id": "ShaEsxObsrvDatapathTrafficStatsMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvDatapathTrafficStatsMonitorConfig"
},
"properties": {
"check_interval": {
"description": "The interval for overwriting the 'check_interval' value inherited from the ShaEsxObsrvStatsMonitorConfig.",
"maximum": 600,
"minimum": 60,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"enable": {
"required": false,
"title": "Flag to overwrite the enable value",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for sub-monitors. ShaEsxObsrvDatapathTrafficStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-datapath-traffic-stats-monitor ShaEsxObsrvInfraStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-infra-stats-monitor",
"enum": [
"ShaEsxObsrvDatapathTrafficStatsMonitorConfig",
"ShaEsxObsrvInfraStatsMonitorConfig"
],
"required": true,
"title": "SHA sub-monitor configuration resource type",
"type": "string"
}
},
"title": "SHA ESX observability datapath traffic stats monitor configuration",
"type": "object"
}
ShaEsxObsrvInfraStatsMonitorConfig (type)
{
"additionalProperties": false,
"description": "Users can add this configuration to 'sub_monitor_configs' to overwrite the property value inherited from the ShaEsxObsrvStatsMonitorConfig.",
"experimental": true,
"extends": {
"$ref": "ShaSubMonitorConfig
},
"id": "ShaEsxObsrvInfraStatsMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvInfraStatsMonitorConfig"
},
"properties": {
"check_interval": {
"description": "The interval for overwriting the 'check_interval' value inherited from the ShaEsxObsrvStatsMonitorConfig.",
"maximum": 600,
"minimum": 60,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"enable": {
"required": false,
"title": "Flag to overwrite the enable value",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for sub-monitors. ShaEsxObsrvDatapathTrafficStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-datapath-traffic-stats-monitor ShaEsxObsrvInfraStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-infra-stats-monitor",
"enum": [
"ShaEsxObsrvDatapathTrafficStatsMonitorConfig",
"ShaEsxObsrvInfraStatsMonitorConfig"
],
"required": true,
"title": "SHA sub-monitor configuration resource type",
"type": "string"
}
},
"title": "SHA ESX observability infra stats monitor configuration",
"type": "object"
}
ShaEsxObsrvSegmentStatsFileDumpMonitorConfig (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ShaMonitorConfig
},
"id": "ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvSegmentStatsFileDumpMonitorConfig"
},
"properties": {
"check_interval": {
"default": 60,
"description": "The interval (in seconds) for collecting the statistics from a node",
"minimum": 60,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"disable_after": {
"default": 120,
"description": "Specify the time (in minutes) that the system must wait after which the monitor is automatically disabled",
"maximum": 20160,
"minimum": 120,
"required": false,
"title": "Disable Monitor after input minutes",
"type": "integer"
},
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"file_dump_backup_count_dp_segment_stats": {
"default": 6,
"description": "Specify the count of files to store the statistics. After the size of a file reaches a certain system-defined maximum limit, it is zipped and a new file is created for storing the statistics",
"maximum": 12,
"minimum": 1,
"required": false,
"title": "File dump backup count datapath segment statistics",
"type": "integer"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
},
"segment_list": {
"default": "[]",
"description": "Specify the VNIs of the overlay segments. By default, the list is empty indicating that statistics are not fetched from any segments. To specify multiple segments in the list, use a comma-separated list of VNI (integer) values. A maximum of 10 VNIs is supported in a single API call",
"pattern": "^\\[([0-9]+(,[0-9]+){0,9})?\\]$",
"required": false,
"title": "Segment list",
"type": "string"
}
},
"title": "ESX observability segment statistics file dump monitor configuration",
"type": "object"
}
ShaEsxObsrvStatsManagementConfig (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ShaMonitorConfig
},
"id": "ShaEsxObsrvStatsManagementConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvStatsManagementConfig"
},
"properties": {
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"enable_esx_datapath_per_segment_stats": {
"default": false,
"description": "Enable/disable ESX datapath per-segment counters update.",
"required": false,
"title": "NSX datapath per segment statistics toggle",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
}
},
"title": "ESX observability statistics management configuration",
"type": "object"
}
ShaEsxObsrvStatsMonitorConfig (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ShaMonitorConfig
},
"id": "ShaEsxObsrvStatsMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvStatsMonitorConfig"
},
"properties": {
"check_interval": {
"default": 300,
"description": "The interval (in seconds) for collecting the statistics from a node",
"maximum": 600,
"minimum": 60,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
}
},
"title": "ESX observability stats monitor configuration",
"type": "object"
}
ShaEsxObsrvTnStatsFileDumpMonitorConfig (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ShaMonitorConfig
},
"id": "ShaEsxObsrvTnStatsFileDumpMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaEsxObsrvTnStatsFileDumpMonitorConfig"
},
"properties": {
"check_interval": {
"default": 300,
"description": "The interval (in seconds) for collecting the statistics from a node",
"minimum": 300,
"required": false,
"title": "Monitor checking interval",
"type": "integer"
},
"disable_after": {
"default": 120,
"description": "Specify the time (in minutes) that the system must wait after which the monitor is automatically disabled",
"maximum": 20160,
"minimum": 120,
"required": false,
"title": "Disable Monitor after input minutes",
"type": "integer"
},
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"file_dump_backup_count_dp_tn_stats": {
"default": 1,
"description": "Specify the count of files to store the statistics. After the size of a file reaches a certain system-defined maximum limit, it is zipped and a new file is created for storing the statistics",
"readonly": true,
"required": false,
"title": "File dump backup count datapath transport node statistics",
"type": "integer"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
}
},
"title": "ESX observability transport node file dump monitor configuration",
"type": "object"
}
ShaMetricExporterMonitor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaMonitor
},
"id": "ShaMetricExporterMonitor",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaMetricExporterMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exported_metric_spec": {
"$ref": "ShaMonitorExportedMetricSpec,
"description": "The exported metric information for this monitor.",
"readonly": true,
"required": false,
"title": "Exported metric specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_id": {
"readonly": true,
"required": false,
"title": "The monitor identifier",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "The pre-req conditions to run this monitor.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"required": false,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "All ShaMonitor types.",
"enum": [
"ShaStandardMonitor",
"ShaMetricExporterMonitor",
"ShaSubMetricExporterMonitor"
],
"readonly": true,
"required": true,
"title": "SHA monitor resource types",
"type": "string"
},
"sub_monitors": {
"items": {
"$ref": "ShaSubMetricExporterMonitor
},
"readonly": true,
"required": false,
"title": "List of Sha SUB_METRIC_EXPORTER monitor",
"type": "array"
},
"supported_node_types": {
"description": "The supported running node types for this monitor.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"required": false,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ShaMonitorType,
"readonly": true,
"required": true,
"title": "SHA monitor type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA METRIC_EXPORTER monitor specification",
"type": "object"
}
ShaMonitor (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaMonitor",
"module_id": "PolicyShaMonitor",
"policy_hierarchical_children": [
"ChildShaMonitorProfile",
"ChildShaMonitorStatus"
],
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_id": {
"readonly": true,
"required": false,
"title": "The monitor identifier",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "The pre-req conditions to run this monitor.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"required": false,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "All ShaMonitor types.",
"enum": [
"ShaStandardMonitor",
"ShaMetricExporterMonitor",
"ShaSubMetricExporterMonitor"
],
"readonly": true,
"required": true,
"title": "SHA monitor resource types",
"type": "string"
},
"supported_node_types": {
"description": "The supported running node types for this monitor.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"required": false,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ShaMonitorType,
"readonly": true,
"required": true,
"title": "SHA monitor type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA monitor specification",
"type": "object"
}
ShaMonitorConfig (type)
{
"abstract": true,
"id": "ShaMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enable": {
"required": true,
"title": "Flag to enable/disable this monitor",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for monitors. ShaEsxObsrvAlarmsMonitorConfig - The configuration for SHA monitor esx-obsrv-alarms-monitor ShaEsxObsrvStatsMonitorConfig - The configuration for SHA monitor esx-obsrv-stats-monitor ShaEsxObsrvStatsManagementConfig - The configuration for SHA monitor esx-obsrv-stats-management ShaEsxObsrvSegmentStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-segment-stats-file-dump-monitor ShaEsxObsrvTnStatsFileDumpMonitorConfig - The configuration for SHA monitor esx-obsrv-tn-stats-file-dump-monitor",
"enum": [
"ShaEsxObsrvAlarmsMonitorConfig",
"ShaEsxObsrvStatsMonitorConfig",
"ShaEsxObsrvStatsManagementConfig",
"ShaEsxObsrvSegmentStatsFileDumpMonitorConfig",
"ShaEsxObsrvTnStatsFileDumpMonitorConfig"
],
"required": true,
"title": "SHA monitor configuration resource type",
"type": "string"
}
},
"title": "SHA monitor configuration",
"type": "object"
}
ShaMonitorDependOnConfig (type)
{
"id": "ShaMonitorDependOnConfig",
"module_id": "PolicyShaMonitor",
"properties": {
"config_details": {
"items": {
"$ref": "ShaMonitorDependOnConfigDetail
},
"readonly": true,
"required": false,
"title": "Config details of the depend config",
"type": "array"
},
"monitor_type": {
"readonly": true,
"required": false,
"title": "The SHA monitor configuration type",
"type": "string"
}
},
"title": "SHA monitor depend on config",
"type": "object"
}
ShaMonitorDependOnConfigDetail (type)
{
"additionalProperties": false,
"description": "The common properties of SHA monitor configuration specification.",
"id": "ShaMonitorDependOnConfigDetail",
"module_id": "PolicyShaMonitor",
"properties": {
"depend_value": {
"readonly": true,
"required": false,
"title": "The depend value of the config key",
"type": "string"
},
"depend_value_reason": {
"readonly": true,
"required": false,
"title": "The detail reason of the depend value",
"type": "string"
},
"key": {
"readonly": true,
"required": false,
"title": "The property of the monitor config",
"type": "string"
}
},
"title": "SHA monitor configuration depend on item",
"type": "object"
}
ShaMonitorEffectiveConfig (type)
{
"additionalProperties": false,
"id": "ShaMonitorEffectiveConfig",
"module_id": "PolicyShaMonitor",
"properties": {
"effective_configs": {
"$ref": "ShaMonitorConfig,
"required": false,
"title": "SHA monitor effective common configurations"
},
"effective_profile_path": {
"required": false,
"title": "Effective SHA monitor profile path",
"type": "string"
},
"effective_profile_revision": {
"required": false,
"title": "Effective SHA monitor profile revision",
"type": "int"
},
"effective_sub_monitor_configs": {
"items": {
"$ref": "ShaSubMonitorConfig
},
"required": false,
"title": "SHA sub-monitor effective configuration",
"type": "array"
}
},
"title": "The effective SHA monitor configuration",
"type": "object"
}
ShaMonitorExportedMetricDetail (type)
{
"additionalProperties": false,
"description": "The exact metric detail.",
"id": "ShaMonitorExportedMetricDetail",
"module_id": "PolicyShaMonitor",
"properties": {
"collected_from": {
"description": "List of sources indicates where this metric is collected.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"required": false,
"title": "Sources of metric",
"type": "array"
},
"description": {
"readonly": true,
"required": false,
"title": "Description of this metric",
"type": "string"
},
"metric_key_per_destination": {
"description": "List of metric key for the destination.",
"items": {
"$ref": "ShaMonitorMetricKey
},
"readonly": true,
"required": false,
"title": "List of metric key for the destination",
"type": "array"
}
},
"title": "SHA monitor exported metric detail",
"type": "object"
}
ShaMonitorExportedMetricSpec (type)
{
"additionalProperties": false,
"description": "The monitor exported metric related specification.",
"id": "ShaMonitorExportedMetricSpec",
"module_id": "PolicyShaMonitor",
"properties": {
"details": {
"items": {
"$ref": "ShaMonitorExportedMetricDetail
},
"readonly": true,
"required": false,
"title": "List of monitor exported metric detail",
"type": "array"
},
"summary": {
"description": "A brief overview of the exported metrics.",
"readonly": true,
"required": false,
"title": "Summary of monitor exported metric",
"type": "string"
}
},
"title": "SHA monitor exported metric specification",
"type": "object"
}
ShaMonitorListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShaMonitorListRequestParameters",
"module_id": "PolicyShaMonitor",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SHA monitor list request parameters",
"type": "object"
}
ShaMonitorListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaMonitorListResult",
"module_id": "PolicyShaMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaMonitor
},
"required": false,
"title": "SHA monitor list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of SHA monitors",
"type": "object"
}
ShaMonitorMetricDestination (type)
{
"enum": [
"UNKNOWN",
"LOCAL_MANAGER",
"NSX_APPLICATION_PLATFORM",
"WAVE_FRONT"
],
"id": "ShaMonitorMetricDestination",
"module_id": "PolicyShaMonitor",
"title": "SHA monitor metric destination",
"type": "string"
}
ShaMonitorMetricKey (type)
{
"additionalProperties": false,
"id": "ShaMonitorMetricKey",
"module_id": "PolicyShaMonitor",
"properties": {
"destination": {
"$ref": "ShaMonitorMetricDestination,
"readonly": true,
"required": false,
"title": "Destination of this metric"
},
"metric_key": {
"readonly": true,
"required": false,
"title": "Metric key",
"type": "string"
}
},
"title": "SHA monitor metric for the destination",
"type": "object"
}
ShaMonitorProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaMonitorProfile",
"module_id": "PolicyShaMonitor",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_paths": {
"description": "The Policy group path list to apply the profile on Sha monitor.",
"items": {
"type": "string"
},
"required": true,
"title": "Binding Policy group paths",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"configs": {
"$ref": "ShaMonitorConfig,
"description": "For the monitor with sub-monitors, these configurations will also be applied to the sub-monitors.",
"required": true,
"title": "SHA monitor common configurations"
},
"depend_on_monitor_configs": {
"description": "It includes all the detail configurations of the depend on monitors. To make sure the monitor profile works as expected, it aslo needs to check the depend config on each monitor.",
"items": {
"$ref": "ShaMonitorDependOnConfig
},
"readonly": true,
"required": false,
"title": "The configuration of depend on monitors",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact_monitors": {
"description": "It includes all the impacted monitors for this profile.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "The list of impacted monitors",
"type": "array"
},
"is_default": {
"default": false,
"description": "Flag to indicate this is a default profile or not",
"readonly": true,
"required": false,
"title": "Flag to indicate this is a default profile or not",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_monitor_configs": {
"description": "Users can overwrite the configurations in the 'config' field by specifying the corresponding resource of ShaSubMonitorConfig and populate the specific configurations for sub-monitor if necessary.",
"items": {
"$ref": "ShaSubMonitorConfig
},
"required": false,
"title": "SHA sub-monitor configurations",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA monitor profile",
"type": "object"
}
ShaMonitorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShaMonitorProfileListRequestParameters",
"module_id": "PolicyShaMonitor",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SHA monitor profile list request parameters",
"type": "object"
}
ShaMonitorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaMonitorProfileListResult",
"module_id": "PolicyShaMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaMonitorProfile
},
"required": false,
"title": "SHA monitor profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SHA monitor profiles",
"type": "object"
}
ShaMonitorProfileUpdateParameters (type)
{
"additionalProperties": false,
"description": "Some configurations of the SHA monitor profile have the expected value and are not intended for the user to update to a non-expected value. If the user does know what they are doing and intends to update it to a non-expected value, they are required to set 'force=true'.",
"id": "ShaMonitorProfileUpdateParameters",
"module_id": "PolicyShaMonitor",
"properties": {
"force": {
"required": false,
"type": "boolean"
}
},
"title": "SHA monitor profile update parameters",
"type": "object"
}
ShaMonitorStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaMonitorStatus",
"module_id": "PolicyShaMonitor",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"effective_profile": {
"$ref": "ShaMonitorEffectiveConfig,
"required": false,
"title": "SHA monitor effective configurations"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_path": {
"required": false,
"title": "SHA monitor path",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status_details": {
"$ref": "ShaMonitorStatusDetail,
"required": false,
"title": "SHA monitor status detail"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "The timing reflecting this status (unit is milliseconds).",
"required": false,
"title": "The timing reflecting this status"
},
"transport_node_path": {
"required": false,
"title": "The path for the reported status transport node",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA monitor status",
"type": "object"
}
ShaMonitorStatusDetail (type)
{
"additionalProperties": false,
"id": "ShaMonitorStatusDetail",
"module_id": "PolicyShaMonitor",
"properties": {
"overall_status": {
"description": "The overall status is calculated based on the status of the sub-monitors if there are. UNKNOWN - UNKNOWN status. NORMAL - This monitor or all the sub-monitors of it running normally. RUNNING_ERROR - This monitor or all the sub-monitors of it encounter running error. PARTIAL_ERROR - Some of the sub-monitors of this monitor encounter running error.",
"enum": [
"UNKNOWN",
"NORMAL",
"RUNNING_ERROR",
"PARTIAL_ERROR"
],
"required": false,
"title": "The overall status of this monitor",
"type": "string"
},
"status_description": {
"required": false,
"title": "Description of this monitor status",
"type": "string"
},
"status_detail_per_sub_monitor": {
"items": {
"$ref": "ShaSubMonitorStatusDetail
},
"required": false,
"title": "The status detail for each sub-monitors",
"type": "array"
}
},
"title": "SHA monitor status detail",
"type": "object"
}
ShaMonitorStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaMonitorStatusListResult",
"module_id": "PolicyShaMonitor",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaMonitorStatus
},
"required": false,
"title": "SHA monitor status list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of ShaMonitorStatus",
"type": "object"
}
ShaMonitorStatusParameters (type)
{
"additionalProperties": false,
"id": "ShaMonitorStatusParameters",
"module_id": "PolicyShaMonitor",
"properties": {
"transport_node_id": {
"description": "The transport node that the user would like to check monitor status.",
"required": true,
"type": "string"
}
},
"title": "SHA monitor status read parameters",
"type": "object"
}
ShaMonitorType (type)
{
"description": "This field specifies the type of SHA monitor. UNKNOWN - Unknown SHA monitor type. METRIC_EXPORTER - This type of monitor can manage sub-monitors of type SUB_METRIC_EXPORTER and can exist as a standalone monitor to export metrics. SUB_METRIC_EXPORTER - The monitor is designed for exporting specific metrics and must be managed by a METRIC_EXPORTER monitor. STANDARD - The standalone monitor won't expose any metrics.",
"enum": [
"UNKNOWN",
"METRIC_EXPORTER",
"SUB_METRIC_EXPORTER",
"STANDARD"
],
"id": "ShaMonitorType",
"module_id": "PolicyShaMonitor",
"title": "SHA monitor type",
"type": "string"
}
ShaPluginProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "The ShaPluginProfile is the base class for System Health plugin profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"applied_to_ua": {
"description": "The on-off switch of System Health Plugin on UA cluster nodes.",
"required": false,
"title": "Plugin Enablement Flag on UA cluster nodes",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base type for System Health plugin profile of different types",
"type": "object"
}
ShaPluginProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShaPluginProfileListRequestParameters",
"module_id": "PolicySha",
"properties": {
"applied_to_group_path": {
"description": "The path of the Policy group.",
"required": false,
"title": "The path of the Policy group object",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"plugin_path": {
"description": "The Policy path of the Sha plugin.",
"required": false,
"title": "String path of the Sha plugin",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Sha plugin profile request parameters",
"type": "object"
}
ShaPluginProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaPluginProfileListResult",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaPluginProfile
},
"required": true,
"title": "Sha plugin profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of Sha plugin profiles.",
"type": "object"
}
ShaPluginType (type)
{
"enum": [
"PredefinedPlugin",
"DynamicPlugin",
"SystemPlugin"
],
"id": "ShaPluginType",
"module_id": "PolicySha",
"title": "Valid System Health plugin types",
"type": "string"
}
ShaPreDefinedPluginListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShaPreDefinedPluginListResult",
"module_id": "PolicySha",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ShaPredefinedPlugin
},
"required": true,
"title": "Sha plugin list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of Sha pre-defined plugin list.",
"type": "object"
}
ShaPredefinedPlugin (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaPredefinedPlugin",
"module_id": "PolicySha",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "ShaPredefinedPluginProfileData,
"description": "Define the plugin configurtion detail.",
"readonly": true,
"title": "Plugin configuration"
},
"delay_on_reboot": {
"description": "The corresponding plugin will wait for config seconds after reboot.",
"readonly": true,
"title": "The delay after reboot",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of Sha plugin",
"readonly": true,
"title": "Profile Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "Display the pre-req conditions to run the predefined plugin.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"supported_node_types": {
"description": "Display the running node types of predefined plugin.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "System pre-defined plugin config",
"type": "object"
}
ShaPredefinedPluginListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShaPredefinedPluginListRequestParameters",
"module_id": "PolicySha",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Sha plugin request parameters",
"type": "object"
}
ShaPredefinedPluginProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaPluginProfile
},
"id": "ShaPredefinedPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "PredefinedPlugin"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"applied_to_ua": {
"description": "The on-off switch of System Health Plugin on UA cluster nodes.",
"required": false,
"title": "Plugin Enablement Flag on UA cluster nodes",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "ShaPredefinedPluginProfileData,
"description": "Define the plugin configuration.",
"required": true,
"title": "Plugin configuration"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "System predefined plugin profile",
"type": "object"
}
ShaPredefinedPluginProfileData (type)
{
"additionalProperties": false,
"description": "Describes a config item for System Health profile.",
"id": "ShaPredefinedPluginProfileData",
"module_id": "PolicySha",
"properties": {
"check_interval": {
"description": "The interval of plugin to check the status.",
"title": "The check interval",
"type": "integer"
},
"desired_crash": {
"description": "Whether crash the component which spew too much log",
"required": false,
"title": "The desired crash",
"type": "boolean"
},
"desired_duration": {
"description": "The expected rotation of logging",
"required": false,
"title": "The desired duration",
"type": "integer"
},
"granular_desired_duration": {
"description": "The expected rotation for each log",
"required": false,
"title": "The granular desired duration",
"type": "string"
},
"report_interval": {
"description": "The interval of plugin to report the status.",
"title": "The report interval",
"type": "integer"
},
"smallest_report_interval_if_change": {
"description": "The smallest report interval if the status is changed. The value of smallest_report_interval_if_change should be less than the value of report_interval",
"title": "The smallest report interval",
"type": "integer"
},
"threshold": {
"description": "The threshold to alarm logging report",
"required": false,
"title": "The threshold",
"type": "integer"
}
},
"title": "System Health Plugin Config Item",
"type": "object"
}
ShaStandardMonitor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaMonitor
},
"id": "ShaStandardMonitor",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaStandardMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_id": {
"readonly": true,
"required": false,
"title": "The monitor identifier",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "The pre-req conditions to run this monitor.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"required": false,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "All ShaMonitor types.",
"enum": [
"ShaStandardMonitor",
"ShaMetricExporterMonitor",
"ShaSubMetricExporterMonitor"
],
"readonly": true,
"required": true,
"title": "SHA monitor resource types",
"type": "string"
},
"supported_node_types": {
"description": "The supported running node types for this monitor.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"required": false,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ShaMonitorType,
"readonly": true,
"required": true,
"title": "SHA monitor type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA STANDARD monitor specification",
"type": "object"
}
ShaSubMetricExporterMonitor (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaMonitor
},
"id": "ShaSubMetricExporterMonitor",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"type-identifier": "ShaSubMetricExporterMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"exported_metric_spec": {
"$ref": "ShaMonitorExportedMetricSpec,
"description": "The exported metric information for this monitor.",
"readonly": true,
"required": false,
"title": "Exported metric specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_id": {
"readonly": true,
"required": false,
"title": "The monitor identifier",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_monitor_id": {
"description": "The id of parent METRIC_EXPORTER monitor.",
"readonly": true,
"required": false,
"title": "The monitor identifier",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "The pre-req conditions to run this monitor.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"required": false,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "All ShaMonitor types.",
"enum": [
"ShaStandardMonitor",
"ShaMetricExporterMonitor",
"ShaSubMetricExporterMonitor"
],
"readonly": true,
"required": true,
"title": "SHA monitor resource types",
"type": "string"
},
"supported_node_types": {
"description": "The supported running node types for this monitor.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"required": false,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ShaMonitorType,
"readonly": true,
"required": true,
"title": "SHA monitor type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SHA SUB_METRIC_EXPORTER monitor specification",
"type": "object"
}
ShaSubMonitorConfig (type)
{
"abstract": true,
"id": "ShaSubMonitorConfig",
"module_id": "PolicyShaMonitor",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enable": {
"required": false,
"title": "Flag to overwrite the enable value",
"type": "boolean"
},
"resource_type": {
"description": "The resource type of configuration for sub-monitors. ShaEsxObsrvDatapathTrafficStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-datapath-traffic-stats-monitor ShaEsxObsrvInfraStatsMonitorConfig - The configuration for SHA sub-monitor esx-obsrv-infra-stats-monitor",
"enum": [
"ShaEsxObsrvDatapathTrafficStatsMonitorConfig",
"ShaEsxObsrvInfraStatsMonitorConfig"
],
"required": true,
"title": "SHA sub-monitor configuration resource type",
"type": "string"
}
},
"title": "SHA sub-monitor configuration",
"type": "object"
}
ShaSubMonitorStatusDetail (type)
{
"additionalProperties": false,
"id": "ShaSubMonitorStatusDetail",
"module_id": "PolicyShaMonitor",
"properties": {
"status": {
"enum": [
"UNKNOWN",
"NORMAL",
"RUNNING_ERROR"
],
"required": false,
"title": "Status of this sub-monitor",
"type": "string"
},
"status_description": {
"required": false,
"title": "Description of this sub-monitor status",
"type": "string"
},
"sub_monitor_id": {
"required": false,
"title": "Identifier of sub-monitor",
"type": "string"
}
},
"title": "SHA sub-monitor status detail",
"type": "object"
}
ShaSystemPluginProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaPluginProfile
},
"id": "ShaSystemPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "SystemPlugin"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"applied_to_ua": {
"description": "The on-off switch of System Health Plugin on UA cluster nodes.",
"required": false,
"title": "Plugin Enablement Flag on UA cluster nodes",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"config": {
"description": "Define the plugin configuration.",
"required": true,
"title": "Plugin configuration",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "System plugin profile",
"type": "object"
}
Share (type)
{
"additionalProperties": false,
"description": "A Share is a container that shares all its contents represented by associated SharedResource entities with Orgs or Projects represented using the 'sharedWith' property. Default share object is created by the system which is shared with all the orgs and projects by default. Id of default share object is default. Also, default share object per org/project will also be created as part of org/project creation workflow. Id of org share object will be \"<org-id>\", but for default org it is \"default-org-share\". Id of project share object will be \"<org-id>-<project-id>\" (ex: org1-project1).",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Share",
"module_id": "PolicyShare",
"policy_hierarchical_children": [
"ChildSharedResource"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sharedWith": {
"description": "Represents and array of the paths of the contexts (Org or Project) to which the contents of this share should be shared.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Path of the context",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Share"
],
"relationshipType": "SHARE_RELATIONSHIP",
"rightType": [
"Org",
"Project",
"Vpc"
]
}
]
},
"sharing_strategy": {
"default": "NONE_DESCENDANTS",
"description": "Strategy used to decide to which shareWith the contents of the share should be shared. Project is descendant of Org. Vpc is descendant of Project. ALL_DESCENDANTS - Share with the shareWith path and all it's descendants. NONE_DESCENDANTS - Share with the shareWith path only and not its descendants. (Default)",
"enum": [
"NONE_DESCENDANTS",
"ALL_DESCENDANTS"
],
"required": false,
"title": "Sharing Strategy",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Share",
"type": "object"
}
ShareListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ShareListRequestParameters",
"module_id": "PolicyShare",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Share list request parameters",
"type": "object"
}
ShareListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ShareListResult",
"module_id": "PolicyShare",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Share
},
"required": true,
"title": "Share list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Shares",
"type": "object"
}
SharedResource (type)
{
"additionalProperties": false,
"description": "A SharedResource is a child of the resource that needs to be shared. Where the resoruce is shared is determined by the Share instance to which this shared resource refers. Default shared resource under default share object is created by the system. All the resources under default shared resources will be available for consumption to all the orgs/projects by default. Shared Resource for specific org will be available for consumption for that particular org only.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SharedResource",
"module_id": "PolicyShare",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_objects": {
"description": "Represents the path and other properties of the resource to be shared. The entity represented by this shared resource is shared with all the Orgs or Projects contexts that the Share container references.",
"items": {
"$ref": "ResourceObject
},
"minItems": 1,
"required": true,
"title": "Path of the resource to be shared",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"share_shared_with": {
"description": "Read only field. Shows subset (shared-with-me API context) of sharedWith used in Share.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Share's Shared With",
"type": "array"
},
"share_sharing_strategy": {
"description": "Read only field. Shows sharing strategy used in Share.",
"readonly": true,
"required": false,
"title": "Share's Sharing Strategy",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Shared resource",
"type": "object"
}
SharedResourceListRequestParameters (type)
{
"additionalProperties": false,
"id": "SharedResourceListRequestParameters",
"module_id": "PolicyShare",
"properties": {
"resource_type": {
"required": false,
"title": "resource type",
"type": "string"
}
},
"title": "Shared resource list request parameters",
"type": "object"
}
SharedResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SharedResourceListResult",
"module_id": "PolicyShare",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SharedResource
},
"required": true,
"title": "SharedResource list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of SharedResources",
"type": "object"
}
Site (type)
{
"additionalProperties": false,
"description": "Site represents an NSX deployment having its own set of NSX clusters and transport nodes. It may correspond to a Data Center, VMC deployment, or NSX-Cloud deployment managed via CSM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Site",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildEnforcementPoint"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fail_if_rtep_misconfigured": {
"default": true,
"description": "Both the local site and the remote site must have edge clusters correctly configured and remote tunnel endpoint (RTEP) interfaces must be defined, or onboarding will fail.",
"title": "Fail onboarding if RTEPs misconfigured",
"type": "boolean"
},
"fail_if_rtt_exceeded": {
"default": true,
"description": "Fail onboarding if maximum RTT exceeded.",
"title": "Fail onboarding if maximum RTT exceeded",
"type": "boolean"
},
"federation_config": {
"$ref": "GmFederationSiteConfig,
"description": "System managed federation config.",
"readonly": true,
"title": "Federation releated config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_rtt": {
"default": 250,
"description": "If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value.",
"maximum": 1000,
"minimum": 0,
"title": "Maximum acceptable packet round trip time (RTT)",
"type": "integer"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_connection_info": {
"description": "To onboard a site, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the site has been successfully onboarded, the site_connection_info is discarded and authentication to the remote site occurs using an X.509 client certificate.",
"items": {
"$ref": "SiteNodeConnectionInfo
},
"maxItems": 3,
"title": "Connection information",
"type": "array"
},
"site_number": {
"readonly": true,
"title": "12-bit system generated site number",
"type": "integer"
},
"site_type": {
"description": "The site_type property identifies type of current site.",
"enum": [
"ONPREM_LM",
"SDDC_LM"
],
"required": false,
"title": "Persistent Site Type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Site",
"type": "object"
}
SiteActionParameters (type)
{
"additionalProperties": false,
"description": "If force=true then site will be deleted even if not reachable. NOTE - Use this with caution as Global Manager will go ahead and offboard the site forcefully.",
"id": "SiteActionParameters",
"module_id": "PolicySiteGM",
"properties": {
"force": {
"required": false,
"type": "boolean"
}
},
"title": "Paramters for Site delete operation",
"type": "object"
}
SiteAllocationIndexForEdge (type)
{
"additionalProperties": false,
"description": "Index for cross site allocation for edge cluster and its members referred by gateway.",
"id": "SiteAllocationIndexForEdge",
"module_id": "PolicyConnectivity",
"properties": {
"index": {
"description": "Unqiue edge cluster node index across sites based on stretch of the Gateway. For example, if a Gateway is streched to sites S1 with one edge cluster of 3 nodes and site S2 with one edge cluster of 2 nodes, the in the Global Manager will allocate the index for 5 edge nodes and 2 cluster in the rage 0 to 7.",
"readonly": true,
"title": "Unique index across sites for gateway span",
"type": "integer"
},
"target_resource_path": {
"readonly": true,
"title": "Edge cluster or edge node path",
"type": "string"
}
},
"title": "Allocation index for edge\n",
"type": "object"
}
SiteCompatibilityInfo (type)
{
"id": "SiteCompatibilityInfo",
"module_id": "SiteManagerModule",
"properties": {
"compatibility_list": {
"items": {
"type": "string"
},
"title": "Compatibility list",
"type": "array"
},
"site_version": {
"title": "Site version",
"type": "string"
}
},
"type": "object"
}
SiteFederationConfig (type)
{
"additionalProperties": false,
"description": "Site fedeation configuration.",
"id": "SiteFederationConfig",
"module_id": "PolicySiteGM",
"properties": {
"rtep_ips": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote tunnel endpoint IP addresses",
"type": "array"
},
"site_id": {
"readonly": true,
"title": "Site UUID",
"type": "string"
},
"site_index": {
"readonly": true,
"title": "Unique site index allocated (from range 0-4095)",
"type": "integer"
},
"site_path": {
"readonly": true,
"title": "Site path",
"type": "string"
}
},
"title": "Site fedeation configuration",
"type": "object"
}
SiteInfo (type)
{
"additionalProperties": false,
"description": "Information related to Sites applicable for given Org.",
"id": "SiteInfo",
"module_id": "PolicyOrg",
"properties": {
"edge_cluster_paths": {
"description": "The edge cluster on which the networking elements for the Org will be created. In case of Label, it should have reference of Edge cluster path.",
"items": {
"type": "string"
},
"title": "PolicyPath of the edge cluster or label",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_EDGE_CLUSTER_RELATIONSHIP",
"rightType": [
"PolicyEdgeCluster"
]
},
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_EDGE_CLUSTER_RELATIONSHIP",
"rightType": [
"PolicyEdgeCluster"
]
},
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_EDGE_CLUSTER_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
},
{
"leftType": [
"Project"
],
"relationshipType": "VPC_EDGE_CLUSTER_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"site_path": {
"description": "This represents the path of the site which is managed by Global Manager. For the local manager, if set, this needs to point to 'default'.",
"required": false,
"title": "PolicyPath of the site",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Org"
],
"relationshipType": "TENANT_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
},
{
"leftType": [
"Project"
],
"relationshipType": "PROJECT_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"transport_zone_paths": {
"description": "This represents the path of the transport zone on which elements of the project will be created. If not provided, this field is set to the path of the default transport zone for the associated site. Transport zone cannot be modified.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "PolicyPath of the transport zone",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Org"
],
"relationshipType": "PROJECT_TRANSPORT_ZONE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
}
},
"title": "Site information",
"type": "object"
}
SiteListRequestParameters (type)
{
"additionalProperties": false,
"description": "Site list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SiteListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Site List Request Parameters",
"type": "object"
}
SiteListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Sites.",
"extends": {
"$ref": "ListResult
},
"id": "SiteListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Site list result.",
"items": {
"$ref": "Site
},
"required": true,
"title": "Site List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Sites",
"type": "object"
}
SiteNodeConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a node in the federated remote site.",
"id": "SiteNodeConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"fqdn": {
"description": "Please specify the fqdn of the Management Node of your site.",
"title": "Fully Qualified Domain Name of the Management Node",
"type": "string"
},
"password": {
"description": "Password to connect to Site's Local Manager.",
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"site_uuid": {
"description": "Site UUID supplied for connection info",
"title": "id of Site",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of Site's Local Manager in the form of a SHA-256 hash represented in lower case HEX.",
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username to connect to Site's Local Manager.",
"title": "Username",
"type": "string"
}
},
"title": "Site Node Connection Info",
"type": "object"
}
SiteOffBoardingState (type)
{
"additionalProperties": false,
"description": "Represents site offboarding status.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SiteOffBoardingState",
"module_id": "PolicySiteOffboarding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"message": {
"description": "Captures message associated with status. If FAILED, can contain folowing errors local site configuration is null internal server error with detail",
"readonly": true,
"title": "Message about the status.",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"previousErrorMessage": {
"description": "Contains previus failed message in case, state machine is stuck in a state",
"readonly": true,
"title": "Previous failure message.",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"description": "Represents site offboarding status.",
"enum": [
"INITIALIZE_INPROGRESS",
"INITIALIZE_FAILED",
"INITIALIZE_SUCCESSFUL",
"CLEANUP_INPROGRESS",
"CLEANUP_FAILED",
"CLEANUP_SUCCESSFUL",
"REALIZATION_INPROGRESS",
"REALIZATION_FAILED",
"REALIZATION_SUCCESSFUL",
"TERMINAL_INPROGRESS",
"TERMINAL_FAILED",
"FAILED",
"SUCCESSFUL"
],
"readonly": true,
"title": "Status of site.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents site offboarding status.",
"type": "object"
}
SiteOverride (type)
{
"additionalProperties": false,
"description": "IPSecVPN site specific attributes specified only on GM. This allows user to specify site specific parameters which overrides the correspondig attributes in the IPSecVpnSession Object.",
"id": "SiteOverride",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint.",
"required": true,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"locale_service_path": {
"description": "Policy path referencing LocateService where SiteOverride attributes will be applied",
"required": true,
"title": "Locale service policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCALE_SERVICE_RELATIONSHIP",
"rightType": [
"LocaleServices"
]
}
]
},
"peer_address": {
"$ref": "IPAddress,
"description": "Public IPV4 or IPV6 address of the remote device terminating the VPN connection. Please note that configuring peer_address as IPv6 address is not supported in the deprecated IPSecVpnSession Patch/PUT APIs.",
"required": true,
"title": "IPV4 or IPV6 address of peer endpoint on remote site"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.",
"required": true,
"title": "Peer id",
"type": "string"
},
"tunnel_interfaces": {
"description": "IP Tunnel interfaces. This property is mandatory for RouteBasedIpSecVpn session.",
"items": {
"$ref": "IPSecVpnTunnelInterface
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IP Tunnel interfaces",
"type": "array"
}
},
"title": "IPSecVpn Site Override Parameters",
"type": "object"
}
SiteRequestParameter (type)
{
"description": "User can get flow details from the Site where API invoked to a given Site by specifying the Site policy path.",
"id": "SiteRequestParameter",
"module_id": "FederationObservability",
"properties": {
"site_path": {
"required": false,
"title": "Policy path of the Site object",
"type": "string"
}
},
"title": "Request parameter to get flow to a given Site",
"type": "object"
}
SiteStatus (type)
{
"id": "SiteStatus",
"module_id": "SiteManagerModule",
"properties": {
"site_name": {
"required": true,
"title": "Site name",
"type": "string"
},
"stubs": {
"items": {
"$ref": "StubStatus
},
"title": "Connection status",
"type": "array"
}
},
"type": "object"
}
SmartnicAgentStatus (type)
{
"id": "SmartnicAgentStatus",
"module_id": "Heatmap",
"properties": {
"node_id": {
"description": "Smartnic Node id",
"title": "Smartnic Node id",
"type": "string"
},
"statuses": {
"description": "List of agent statuses belonging to the Smartnic",
"items": {
"$ref": "AgentStatus
},
"title": "Smartnic agents status",
"type": "array"
}
},
"type": "object"
}
SnatTranslationType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are two modes: LbSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LbSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool.",
"enum": [
"LbSnatAutoMap",
"LbSnatIpPool"
],
"id": "SnatTranslationType",
"module_id": "LoadBalancer",
"title": "Snat translation type",
"type": "string"
}
SnmpProperties (type)
{
"additionalProperties": false,
"description": "This object contains SNMP v2c and SNMP v3 properties.",
"id": "SnmpProperties",
"module_id": "CentralConfig",
"properties": {
"v2c": {
"$ref": "Snmpv2cProperties,
"required": false,
"title": "SNMP v2c properties"
},
"v3": {
"$ref": "Snmpv3Properties,
"required": false,
"title": "SNMP v3 properties"
}
},
"title": "SNMP Service properties",
"type": "object"
}
SnmpServiceProperties (type)
{
"additionalProperties": false,
"id": "SnmpServiceProperties",
"module_id": "CentralNodeConfig",
"properties": {
"communities": {
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "SNMP v1, v2c community strings",
"type": "array"
},
"start_on_boot": {
"required": true,
"title": "Start when system boots",
"type": "boolean"
},
"v2_configured": {
"readonly": true,
"title": "SNMP v2 is configured or not",
"type": "boolean"
},
"v3_auth_protocol": {
"default": "SHA1",
"enum": [
"SHA1"
],
"required": true,
"title": "SNMP v3 auth protocol",
"type": "string"
},
"v3_configured": {
"readonly": true,
"title": "SNMP v3 is configured or not",
"type": "boolean"
},
"v3_priv_protocol": {
"default": "AES128",
"enum": [
"AES128"
],
"required": true,
"title": "SNMP v3 private protocol",
"type": "string"
},
"v3_users": {
"description": "SNMP v3 users information",
"items": {
"$ref": "SnmpV3User
},
"maxItems": 1,
"title": "V3 users",
"type": "array"
}
},
"title": "SNMP Service properties",
"type": "object"
}
SnmpV3User (type)
{
"description": "SNMP v3 user properties",
"id": "SnmpV3User",
"module_id": "CentralNodeConfig",
"properties": {
"auth_password": {
"description": "SNMP v3 user auth password",
"required": false,
"sensitive": true,
"title": "Auth password",
"type": "secure_string"
},
"priv_password": {
"description": "SNMP v3 user private password",
"required": false,
"sensitive": true,
"title": "Private password",
"type": "secure_string"
},
"user_id": {
"description": "SNMP v3 user ID",
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "SNMP v3 user",
"type": "object"
}
Snmpv2cCommunity (type)
{
"additionalProperties": false,
"description": "This object contains SNMP v2c community identifier, shared secret and access properties.",
"id": "Snmpv2cCommunity",
"module_id": "CentralConfig",
"properties": {
"access": {
"default": "READ_ONLY",
"description": "Access permissions for polling NSX nodes over SNMP v2c.",
"enum": [
"READ_ONLY"
],
"title": "Type of access",
"type": "string"
},
"community_name": {
"description": "Unique, non-sensitive community name to identify community.",
"maxLength": 64,
"minLength": 1,
"required": true,
"title": "Community name",
"type": "string"
},
"community_string": {
"description": "Community string. This is considered a shared secret and therefore sensitive information. This field is required when adding a community. When updating a community, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for community string.",
"maxLength": 64,
"minLength": 1,
"required": false,
"sensitive": true,
"title": "Community string",
"type": "secure_string"
}
},
"title": "SNMP v2c community",
"type": "object"
}
Snmpv2cProperties (type)
{
"additionalProperties": false,
"description": "This object contains list of SNMP v2c communities used to poll NSX nodes over SNMP and list of SNMP v2c targets used to receive SNMP traps/notifications from NSX nodes.",
"id": "Snmpv2cProperties",
"module_id": "CentralConfig",
"properties": {
"communities": {
"description": "List of SNMP v2c communities allowed to poll NSX nodes over SNMP v2c.",
"items": {
"$ref": "Snmpv2cCommunity
},
"maxItems": 10,
"required": false,
"title": "SNMP v2c communities",
"type": "array"
},
"targets": {
"description": "List of SNMP v2c targets/receivers where SNMP v2c traps/notifications will be sent from NSX nodes.",
"items": {
"$ref": "Snmpv2cTarget
},
"maxItems": 3,
"required": false,
"title": "SNMP v2c targets",
"type": "array"
}
},
"title": "SNMP v2c properties",
"type": "object"
}
Snmpv2cTarget (type)
{
"additionalProperties": false,
"description": "This object contains SNMP v2c target/receiver where SNMP traps/notifications will be sent.",
"id": "Snmpv2cTarget",
"module_id": "CentralConfig",
"properties": {
"community_name": {
"description": "Unique non-sensitive community name to identify community.",
"maxLength": 64,
"minLength": 1,
"required": true,
"title": "Community name",
"type": "string"
},
"community_string": {
"description": "Community string (shared secret). This field is required when adding a community target. When updating a community target, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for community string.",
"maxLength": 64,
"minLength": 1,
"required": false,
"sensitive": true,
"title": "Community string",
"type": "secure_string"
},
"port": {
"default": 162,
"description": "SNMP v2c target server's port number.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "SNMP v2c target server port",
"type": "integer"
},
"server": {
"$ref": "HostnameOrIPAddress,
"description": "SNMP v2c target server's IP or FQDN.",
"required": true,
"title": "SNMP v2c target server"
}
},
"title": "SNMP v2c target",
"type": "object"
}
Snmpv3Properties (type)
{
"description": "This object contains list of SNMP v3 users used to poll NSX nodes over SNMP and list of SNMP v3 targets used to receive SNMP traps/notifications from NSX nodes. Users specified in a SNMP v3 target must exist in the list of SNMP v3 users.",
"id": "Snmpv3Properties",
"module_id": "CentralConfig",
"properties": {
"auth_protocol": {
"default": "SHA1",
"description": "Authentication protocol used for SNMP v3 communication.",
"enum": [
"SHA1"
],
"title": "Authentication protocol",
"type": "string"
},
"cc_users": {
"description": "List of CentralConfig SNMP v3 users allowed to poll NSX nodes over SNMP. Also, users specified in a SNMP v3 target must exist in this list.",
"items": {
"$ref": "CCSnmpV3User
},
"maxItems": 5,
"required": false,
"title": "SNMP v3 users",
"type": "array"
},
"priv_protocol": {
"default": "AES128",
"description": "Privacy protocol used for SNMP v3 communication.",
"enum": [
"AES128"
],
"title": "Privacy protocol",
"type": "string"
},
"targets": {
"description": "List of SNMP v3 targets/receivers where SNMP v3 traps/notifications will be sent from NSX nodes.",
"items": {
"$ref": "Snmpv3Target
},
"maxItems": 3,
"required": false,
"title": "SNMP v3 targets",
"type": "array"
},
"users": {
"deprecated": true,
"deprecation_advice": "Please make use of use cc_users",
"description": "List of SNMP v3 users allowed to poll NSX nodes over SNMP. Also, users specified in a SNMP v3 target must exist in this list.",
"items": {
"$ref": "Snmpv3User
},
"maxItems": 5,
"required": false,
"title": "SNMP v3 users",
"type": "array"
}
},
"title": "SNMP v3 properties",
"type": "object"
}
Snmpv3Target (type)
{
"additionalProperties": false,
"description": "This object contains SNMP v3 target/receiver where SNMP traps/notifications will be sent.",
"id": "Snmpv3Target",
"module_id": "CentralConfig",
"properties": {
"port": {
"default": 162,
"description": "SNMP v3 target server's port.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "SNMP v3 target server port",
"type": "integer"
},
"security_level": {
"default": "AUTH_PRIV",
"description": "Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value \"AUTH_PRIV\" indicates both authentication and privacy protocols will be used for SNMP communication.",
"enum": [
"AUTH_PRIV"
],
"title": "Security level",
"type": "string"
},
"server": {
"$ref": "HostnameOrIPAddress,
"description": "SNMP v3 target server's IP or FQDN.",
"required": true,
"title": "SNMP v3 target server"
},
"user_id": {
"description": "SNMP v3 user id used to notify target server. This SNMP v3 user should already be added in this profile.",
"maxLength": 32,
"minLength": 1,
"required": true,
"title": "Existing SNMP v3 user id",
"type": "string"
}
},
"title": "SNMP v3 target",
"type": "object"
}
Snmpv3User (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"deprecation_advice": "Please make use of CCSnmpV3User",
"description": "This object contains properties for a SNMP v3 user that can be used to receive SNMP traps/notifications from NSX and/or poll NSX nodes over SNMP.",
"id": "Snmpv3User",
"module_id": "CentralConfig",
"properties": {
"access": {
"default": "READ_ONLY",
"description": "Access permissions for polling NSX nodes over SNMP v3.",
"enum": [
"READ_ONLY"
],
"title": "Type of access",
"type": "string"
},
"auth_password": {
"description": "Authentication password used for SNMP v3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for authentication password.",
"required": false,
"sensitive": true,
"title": "Authentication password",
"type": "secure_string"
},
"priv_password": {
"description": "Privacy password used for SNMP v3 communication. This field is required when adding a user. When updating a user, do not include this field in the request. If this field is present in an update request, it will be considered as a new value for privacy password.",
"required": false,
"sensitive": true,
"title": "Privacy password",
"type": "secure_string"
},
"security_level": {
"default": "AUTH_PRIV",
"description": "Security level indicates whether SNMP communication involves authentication and privacy protocols for this user. Value \"AUTH_PRIV\" indicates both authentication and privacy protocols will be used for SNMP communication.",
"enum": [
"AUTH_PRIV"
],
"title": "Security level",
"type": "string"
},
"user_id": {
"description": "Unique SNMP v3 user id.",
"maxLength": 32,
"minLength": 1,
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "SNMP v3 user",
"type": "object"
}
SoftwareModule (type)
{
"id": "SoftwareModule",
"module_id": "FabricNode",
"properties": {
"module_name": {
"required": true,
"title": "Name of the module in the node",
"type": "string"
},
"module_version": {
"required": true,
"title": "Version of the module in the node",
"type": "string"
}
},
"title": "Software module details",
"type": "object"
}
SoftwareModuleResult (type)
{
"id": "SoftwareModuleResult",
"module_id": "FabricNode",
"properties": {
"software_modules": {
"items": {
"$ref": "SoftwareModule
},
"required": true,
"title": "Software module results",
"type": "array"
}
},
"title": "Software module result",
"type": "object"
}
SolutionConfig (type)
{
"description": "Solution Config would contain Vendor specific information required for configuring the NXGI partner Service after deployment.",
"extends": {
"$ref": "ManagedResource
},
"id": "SolutionConfig",
"module_id": "Nxgi",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"control_ip": {
"$ref": "IPv4Address,
"description": "Partner needs to specify their assigned control IP with which they have configured their OVFs.",
"readonly": false,
"required": true,
"title": "Control IP"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"listen_port": {
"description": "Partner needs to specify their port on which their solution application which consumes NXGI EPSec library listens.",
"maximum": 48655,
"minimum": 48651,
"readonly": false,
"required": true,
"title": "Port",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_id": {
"description": "The service to which the solution config belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"solution_id": {
"description": "Partner needs to specify Solution Id assigned by VMware.",
"readonly": false,
"required": true,
"title": "Solution Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Solution Configuration Info",
"type": "object"
}
SolutionConfigListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SolutionConfigListResult",
"module_id": "Nxgi",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Solution Config.",
"items": {
"$ref": "SolutionConfig
},
"readonly": true,
"required": true,
"title": "Solution Config List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Solution Config List",
"type": "object"
}
Source (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon. The Source is responsible for providing information of the occurred event. Some example sources include: - Resource. - API.",
"id": "Source",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Event Source",
"type": "object"
}
SourceEntity (type)
{
"description": "Service insertion data path inserts unique 'source node id' value into each packet before it received by Service VM. This value can be resolved to multiple Source Entities. It represents source of the packets.",
"id": "SourceEntity",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"source_entity_id": {
"description": "UUID of Source entity",
"readonly": true,
"required": true,
"title": "Source entity ID",
"type": "string"
},
"source_entity_type": {
"description": "Type of source entity. Currently source value can be resolved to VIF and Virtual Machine.",
"enum": [
"VIRTUAL_NETWORK_INTERFACE",
"VIRTUAL_MACHINE"
],
"readonly": true,
"required": true,
"title": "Source entity type",
"type": "string"
}
},
"title": "Source entity",
"type": "object"
}
SourceEntityQueryParameters (type)
{
"id": "SourceEntityQueryParameters",
"module_id": "ServiceInsertion",
"properties": {
"source_node_value": {
"description": "unique value representing source node",
"required": true,
"title": "value",
"type": "string"
}
},
"title": "Source entity query parameters",
"type": "object"
}
SourceEntityResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SourceEntityResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service Entities",
"items": {
"$ref": "SourceEntity
},
"readonly": true,
"required": true,
"title": "Service Entity List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service Entity List",
"type": "object"
}
SourceFieldEvaluation (type)
{
"additionalProperties": false,
"description": "Source Field Evaluation represents an evaluation on resource fields. A source field evaluation will be evaluated against an Event Source which is of type Resource Operation. For instance, the attribute constraint could be related to the necessity that one of the source fields equals one of the specified values.",
"extends": {
"$ref": "Evaluation
},
"id": "SourceFieldEvaluation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "SourceFieldEvaluation"
},
"properties": {
"expected": {
"description": "Expected values necessary to apply the specified operation on the source field value.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Operator Arguments",
"type": "array"
},
"field_pointer": {
"description": "Field in the form of a pointer, describing the location of the attribute within the source of the event.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"operator": {
"description": "Logical operator.",
"enum": [
"EQ",
"NOT_EQ"
],
"required": true,
"title": "Logical Operator",
"type": "string"
},
"resource_type": {
"description": "Criterion Evaluation resource type.",
"enum": [
"SourceFieldEvaluation"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Source Field Evaluation",
"type": "object"
}
SourceIpPersistencePurge (type)
{
"additionalProperties": false,
"description": "If the persistence table is full and a new connection without a matching persistence entry is received, then by default(FULL) oldest persistence entries are purged from the table to make space for new entries. Each time purging gets triggered, a small percentage of the entries are purged. If purging is disabled(NO_PURGE) and a new incoming connection requires a persistence entry to be created, then that connection is rejected even though backend servers are available.",
"enum": [
"NO_PURGE",
"FULL"
],
"id": "SourceIpPersistencePurge",
"module_id": "LoadBalancer",
"title": "source ip persistence purge setting",
"type": "string"
}
SourceNsxApiEndpoint (type)
{
"additionalProperties": false,
"description": "Details about an existing NSX manager to be migrated",
"id": "SourceNsxApiEndpoint",
"module_id": "Migration",
"properties": {
"auth_token": {
"description": "Auth token used to make REST calls to the source NSX API endpoint. This field is not applicable in case of vSphere network migration. Please generate the token with a sufficiently large duration so that it does not expire in the middle of the migration. If it does expire, then the token needs to be refreshed manually by invoking this API again with a new token. Alternatively, you can provide the username/password of the source NSX.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Source NSX auth token",
"type": "secure_string"
},
"ip": {
"description": "IP address or hostname of a source NSX API endpoint. This field is not applicable in case of vSphere network migration.",
"format": "hostname-or-ip",
"readonly": false,
"required": false,
"title": "Source NSX API endpoint IP address",
"type": "string"
},
"nsx_password": {
"description": "Password for connecting to NSX manager. This field is not applicable in case of vSphere network migration.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Password for NSX manager",
"type": "secure_string"
},
"nsx_syncrole": {
"description": "Signifies Universal Sync role status (STANDALONE, PRIMARY, SECONDARY) of a source NSX API endpoint.",
"readonly": true,
"required": false,
"title": "Source NSX API endpoint Universal Sync role",
"type": "string"
},
"nsx_username": {
"description": "Username for connecting to NSX manager. This field is not applicable in case of vSphere network migration.",
"readonly": false,
"required": false,
"title": "Username for NSX manager",
"type": "string"
},
"nsx_version": {
"description": "Build version (major, minor, patch) of a source NSX API endpoint.",
"readonly": true,
"required": false,
"title": "Source NSX API endpoint build version",
"type": "string"
},
"vc_ip": {
"description": "IP address or host name of VC.",
"format": "hostname-or-ip",
"readonly": false,
"required": false,
"title": "VC IP address or host name",
"type": "string"
},
"vc_password": {
"description": "Password for connecting to VC.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Password for VC",
"type": "secure_string"
},
"vc_port": {
"default": 443,
"description": "VC port that will be used to fetch details.",
"readonly": false,
"required": false,
"title": "VC port",
"type": "int"
},
"vc_username": {
"description": "Username for connecting to VC.",
"readonly": false,
"required": false,
"title": "Username for VC",
"type": "string"
},
"vc_version": {
"description": "Build version of VC.",
"readonly": true,
"required": false,
"title": "VC build version",
"type": "string"
}
},
"title": "Source NSX manager details",
"type": "object"
}
SpacerWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for spacer widget. For this widget the data source is not applicable. This widget can be use to add the space inside the dashboard container.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "SpacerWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "SpacerWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Spacer widget Configuration",
"type": "object"
}
Span (type)
{
"additionalProperties": false,
"description": "Represents the strech information for a federated entity available only on local manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Span",
"module_id": "PolicySitesSpan",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "List of SpanSiteInfos representing the strech of the entity.",
"items": {
"$ref": "SpanSiteInfo
},
"readonly": true,
"title": "List of SpanSiteInfos",
"type": "array"
},
"span_leader": {
"description": "Represents Policy resource type streached entity's span leader.",
"readonly": true,
"title": "Policy resource type of span leader",
"type": "string"
},
"span_resource": {
"description": "Represents Policy resource path of streached entity.",
"readonly": true,
"title": "Policy resource path",
"type": "string"
},
"span_resource_type": {
"description": "Policy resource type of the streached entity.",
"readonly": true,
"title": "Policy resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents strech information for federated entity.",
"type": "object"
}
SpanSiteInfo (type)
{
"additionalProperties": false,
"description": "Represents the Site resource information for a Span entity including both the internal id as well as the site path.",
"id": "SpanSiteInfo",
"module_id": "PolicySitesSpan",
"properties": {
"site_id": {
"description": "Site UUID representing the Site resource",
"readonly": true,
"title": "Internal ID of the Site resource",
"type": "string"
},
"site_path": {
"description": "Path of the Site resource",
"readonly": true,
"title": "Path of the Site resource",
"type": "string"
}
},
"title": "Represents Site resource for Span entity.",
"type": "object"
}
SpoofGuardProfile (type)
{
"additionalProperties": false,
"description": "SpoofGuard is a tool that is designed to prevent virtual machines in your environment from sending traffic with IP addresses which are not authorized to send traffic from. A SpoofGuard policy profile once enabled blocks the traffic determined to be spoofed.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SpoofGuardProfile",
"module_id": "PolicySpoofGuard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_binding_allowlist": {
"default": false,
"description": "If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the allowlist. This value cannot conflict with whitelist.",
"required": true,
"title": "Enable SpoofGuard",
"type": "boolean"
},
"address_binding_whitelist": {
"default": false,
"deprecated": true,
"description": "If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the allowlist. This field is deprecated because it has offensive terminology. Please use address_binding_allowlist. This value cannot conflict with allow list.",
"required": true,
"title": "Enable SpoofGuard",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"spoof guard segment profile"
],
"title": "SpoofGuard Profile",
"type": "object"
}
SpoofGuardProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SpoofGuardProfileListRequestParameters",
"module_id": "PolicySpoofGuard",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SpoofGuard profile request parameters",
"type": "object"
}
SpoofGuardProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SpoofGuardProfileListResult",
"module_id": "PolicySpoofGuard",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SpoofGuardProfile
},
"required": true,
"title": "SpoofGuard profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SpoofGuard profiles",
"type": "object"
}
SpoofGuardSwitchingProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseSwitchingProfile
},
"id": "SpoofGuardSwitchingProfile",
"module_id": "SpoofGuardSwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "SpoofGuardSwitchingProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"white_list_providers": {
"help_detail": "SpoofGuard is considered to be disabled if no white-list providers\nare specified in the profile.\nIf multiple providers of address bindings are specificed, then the effective\naddress bindings is the intersection of all specificed bindings. In case if\nsuch effective address bindings is empty, then all packets are dropped.\n",
"items": {
"$ref": "WhiteListProvisionType
},
"readonly": false,
"required": true,
"title": "List of providers for white listed address bindings.",
"type": "array"
}
},
"title": "SpoofGuard configuration",
"type": "object"
}
SshFingerprintProperties (type)
{
"additionalProperties": false,
"description": "Server properties - hostname/ip_address, port and ssh fingerprint",
"id": "SshFingerprintProperties",
"properties": {
"host_key_algorithms": {
"default": [
"ecdsa-sha2-nistp256",
"ecdsa-sha2-nistp384",
"ecdsa-sha2-nistp521"
],
"description": "Supported host key algorithms for SSH/SFTP connection.<br /> <i>Algorithms are preferred in the order they are specified in list.</i>",
"items": {
"$ref": "HostKeyAlgorithms
},
"minItems": 1,
"required": false,
"title": "Host key algorithms",
"type": "array"
},
"port": {
"description": "Remote server port on which ssh connection is made.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Server port",
"type": "integer"
},
"server": {
"description": "Server hostname/ip_address for which fingerprint has been retrieved.",
"pattern": "^.+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"ssh_fingerprint": {
"description": "Remote server's ssh fingerprint.",
"title": "SSH fingerprint of server",
"type": "string"
}
},
"title": "Server ssh fingerprint properties",
"type": "object"
}
SshKeyBaseProperties (type)
{
"additionalProperties": {},
"id": "SshKeyBaseProperties",
"properties": {
"label": {
"required": true,
"title": "SSH key label (used to identify the key)",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "Current password for user (required for users root and admin)",
"type": "string"
}
},
"type": "object"
}
SshKeyProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SshKeyBaseProperties
},
"id": "SshKeyProperties",
"properties": {
"label": {
"required": true,
"title": "SSH key label (used to identify the key)",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "Current password for user (required for users root and admin)",
"type": "string"
},
"type": {
"pattern": "^(ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-dss|ssh-ed25519|ssh-rsa)$",
"required": true,
"title": "SSH key type",
"type": "string"
},
"value": {
"required": true,
"title": "SSH key value",
"type": "string"
}
},
"type": "object"
}
SshKeyPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SshKeyPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SshKeyProperties
},
"required": true,
"title": "SSH key properties query results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SSH key properties query results",
"type": "object"
}
SshServiceProperties (type)
{
"additionalProperties": false,
"id": "SshServiceProperties",
"properties": {
"root_login": {
"title": "Permit SSH Root login",
"type": "boolean"
},
"start_on_boot": {
"required": true,
"title": "Start service when system boots",
"type": "boolean"
}
},
"title": "SSH Service properties",
"type": "object"
}
SslCipher (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "ECDH ciphers and 3DES ciphers are not supported because they are not supported by OpenSSL 3.0. Deprecated ciphers which do not comply with OpenSSL 3.0: - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
"enum": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
],
"id": "SslCipher",
"module_id": "LoadBalancer",
"title": "SSL cipher",
"type": "string"
}
SslCipherGroup (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "SslCipherGroup can be configured in LB SSL profiles. The BALANCED SSL profile supports a mix of SSL protocols and ciphers to offer a perfect mix of performance and security to clients/servers. The HIGH_SECURITY SSL profile supports the highest-secured SSL protocols and ciphers to offer the most secured access to clients/servers. The HIGH_COMPATIBILITY SSL profile supports a large range of SSL protocols and ciphers to offer access to the widest range of clients/servers.",
"enum": [
"BALANCED",
"HIGH_SECURITY",
"HIGH_COMPATIBILITY",
"CUSTOM"
],
"id": "SslCipherGroup",
"module_id": "LoadBalancer",
"title": "SSL cipher group",
"type": "string"
}
SslProtocol (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Only TLS_V1_2 is supported. Deprecated protocols which do not comply with OpenSSL 3.0: - SSL_V2 - SSL_V3 - TLS_V1 - TLS_V1_1",
"enum": [
"SSL_V2",
"SSL_V3",
"TLS_V1",
"TLS_V1_1",
"TLS_V1_2"
],
"id": "SslProtocol",
"module_id": "LoadBalancer",
"title": "SSL protocol",
"type": "string"
}
StageUpgradeRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters specified during upgrade staging request",
"id": "StageUpgradeRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Type of the component",
"readonly": false,
"required": false,
"title": "Component type",
"type": "string"
}
},
"title": "Stage upgrade request parameters",
"type": "object"
}
StaleCertificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CertificateBinding
},
"id": "StaleCertificate",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"certificate_id": {
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Certificate Id",
"type": "string"
},
"display_name": {
"description": "Display name of the stale certificate",
"readonly": true,
"required": false,
"title": "Display name",
"type": "string"
},
"node_id": {
"description": "Node Id to which this certificate is applied to.",
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"description": "Service Type of the CertificateProfile to which the certificate is applied to.",
"readonly": false,
"required": true,
"title": "Service Type"
}
},
"title": "Stale Certificate",
"type": "object"
}
StaleCertificatesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaleCertificatesListResult",
"module_id": "CertificateManager",
"nsx_feature": "CertificateBatchOperations",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result": {
"description": "List of stale certificates.",
"items": {
"$ref": "StaleCertificate
},
"readonly": true,
"required": true,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of stale certificates",
"type": "object"
}
StandaloneHostIdfwConfiguration (type)
{
"additionalProperties": false,
"description": "Idfw configuration for activate/deactivate idfw on standalone hosts.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StandaloneHostIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idfw_enabled": {
"description": "If set to true, Idfw is enabled for standalone hosts",
"readonly": false,
"required": true,
"title": "Idfw enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Standalone host idfw configuration",
"type": "object"
}
StandardHostSwitch (type)
{
"id": "StandardHostSwitch",
"module_id": "TransportNode",
"properties": {
"cpu_config": {
"description": "CPU configuration specifies number of Logical cpu cores (Lcores) per Non Uniform Memory Access (NUMA) node dedicated to Enhanced Networking Stack enabled HostSwitch to get the best performance. If CPU configuration is not mentioned, the default value of numa_node_index will be '0' and default value of num_lcores will be '1'.",
"items": {
"$ref": "CpuCoreConfigForEnhancedNetworkingStackSwitch
},
"readonly": false,
"required": false,
"title": "Enhanced Networking Stack enabled HostSwitch CPU configuration",
"type": "array"
},
"ecmp_mode": {
"default": "L3",
"description": "ECMP mode that will be configured on the VDS HostSwitch. If the host_switch_mode is ENS or ENS_INTERRUPT, then the value of this attribute can be set to either L3 or L4. If VDS is configured in STANDARD mode, then it will support L3 mode only. If the VDS HostSwitch is not associated with an Overlay TransportZone, then the value of ECMP mode is ignored.",
"enum": [
"L3",
"L4"
],
"readonly": false,
"required": false,
"title": "Operational mode of a HostSwitch.",
"type": "string"
},
"host_switch_id": {
"description": "This field is writable only in case of VDS type HostSwitch and system generated for NVDS type. For VDS type host switch, This field is used to lookup a VDS from corresponding Compute Manager and then can be configured for logical networking. For NVDS type host switch, This field is system generated and if provided will be overwritten.",
"nsx_feature": "NsxtOnVds",
"required": false,
"title": "The host switch id. This ID will be used to reference a host switch.",
"type": "string"
},
"host_switch_mode": {
"default": "STANDARD",
"description": "STANDARD - This mode applies to all transport nodes. The realized host switch mode will be chosen automatically (best applicable as per uplink capabilities) by the data-plane in the transport node and may change in future. ENS - This is the Enhanced Data Path switch mode for ESX host tranport node. This mode provides accelerated networking performances but also introduces additional prerequisites. In order to benefit from this mode, workloads will be need to be compiled with DPDK and will use VMXNET3 for their vNIC. This mode is only available on ESX hypervisor (6.7 and above, recommended 6.7 U2 and above) and unavailable on KVM, EDGE and Public Cloud Gateway. Not all NSX features are available in this mode, please consult the documentation. ENS_INTERRUPT - This is an interrupt driven variant of the Enhanced Data Path mode. Please, consult your account representative for applicability. This mode is available only on ESX hypervisor (7.0 and above). LEGACY - This mode applies to all transport nodes. This mode was formerly called as STANDARD and is realized as pktHandle. IMPORTANT: ENS and ENS_INTERRUPT modes require a higher tier of NSX licenses. ENS and ENS_INTERRUPT with classic Nic - NSX advanced or higher ENS with SmartNic : NSX Enterprise Plus or higher. Please consult NSX documentation for complete details.",
"enum": [
"STANDARD",
"ENS",
"ENS_INTERRUPT",
"LEGACY"
],
"readonly": false,
"required": false,
"title": "Operational mode of a HostSwitch.",
"type": "string"
},
"host_switch_name": {
"default": "nsxDefaultHostSwitch",
"deprecated": true,
"description": "This field is writable only in case of NVDS type HostSwitch and system generated for VDS type. For NVDS type host switch, If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given transport node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness. For VDS type host switch, Manager fetches VDS name from corresponding Compute Manager and populates this field. If VDS name is given (correct or incorrect) it is ignored and overwritten with correct one.",
"required": false,
"title": "host switch name. This name will be used to reference a host switch.",
"type": "string"
},
"host_switch_profile_ids": {
"description": "Host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch. If transport node is created using Policy APIs, use policyPaths instead of UUIDs.",
"items": {
"$ref": "HostSwitchProfileTypeIdEntry
},
"required": false,
"title": "Identifiers of host switch profiles to be associated with this host switch.",
"type": "array"
},
"host_switch_type": {
"default": "NVDS",
"description": "VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX. HostSwitch of type NVDS has been deprecated on ESX hosts that are managed by a vCenter Server.",
"enum": [
"NVDS",
"VDS"
],
"nsx_feature": "NsxtOnVds",
"required": false,
"title": "Type of HostSwitch",
"type": "string"
},
"ip_assignment_spec": {
"$ref": "IpAssignmentSpec,
"description": "IPs can come from either a static IP pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"readonly": false,
"required": false,
"title": "Specification for IPs to be used with host switch virtual tunnel endpoints"
},
"ipv6_assignment_spec": {
"$ref": "Ipv6AssignmentSpec,
"description": "IPs can come from either a static IPv6 pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.",
"nsx_feature": "L2Ipv6",
"readonly": false,
"required": false,
"title": "Specification for IPv6 IPs to be used with host switch virtual tunnel endpoints"
},
"is_migrate_pnics": {
"default": false,
"description": "When using the Quick Start workflow on 7.0 and above vCenter clusters, if the pnics specified in the pnics field are used by a single VSS HostSwitch, then they are migrated over to recommended VDS HostSwitch. If any two pnics are not used by the same VSS HostSwitch or VDS HostSwitch, it is not supported. In such cases, please migrate them in multiple steps, one VSS HostSwitch or VDS HostSwitch at a time.",
"required": false,
"title": "Migrate any pnics which are in use",
"type": "boolean"
},
"pnics": {
"description": "When using the Quick Start workflow on 7.0 and above vCenter clusters, pnic information will be populated by the recommendation engine when providing a VDS HostSwitch based recommendation for a VSS HostSwitch.",
"items": {
"$ref": "Pnic
},
"required": false,
"title": "Physical NICs connected to the host switch",
"type": "array"
},
"pnics_uninstall_migration": {
"deprecated": true,
"description": "This is only supported for NVDS type of host switch. If this is specified for VDS type of host switch, an error will be returned to user. The pnics to be migrated out to a non N-VDS switch during transport node deletion.",
"items": {
"$ref": "Pnic
},
"required": false,
"title": "Physical NICs connected to a switch",
"type": "array"
},
"portgroup_transport_zone_id": {
"description": "A transport zone will be created for each DVS found across all hosts in a cluster that is installed for NSX on DVPG. This field, populated by NSX, is the ID of the transport zone created for the DVS this host switch represents. All discovered segments created for the DVPGs found on the DVS will have this ID specified as the transport zone id.",
"readonly": true,
"required": false,
"title": "Transport Zone ID representing the DVS used in NSX on DVPG",
"type": "string"
},
"transport_node_profile_sub_configs": {
"description": "This field is supported only for Tranport Node Profile Configurations. This field is used for adding a subset of the host switch configuration under a Transport Node Profile. This field is applicable only for a VDS based host switch and not for an NVDS based host switch.",
"items": {
"$ref": "TransportNodeProfileSubConfig
},
"maxItems": 16,
"minItems": 0,
"nsx_feature": "HostSwitchSubset",
"required": false,
"title": "Transport Node Profile sub-configuration Options",
"type": "array"
},
"transport_zone_endpoints": {
"description": "List of TransportZones that are to be associated with specified host switch. If this property is specified, host_switch_mode at StandardHostSwitch level must be specified.",
"items": {
"$ref": "TransportZoneEndPoint
},
"readonly": false,
"required": false,
"title": "Transport zone endpoints.",
"type": "array"
},
"uplinks": {
"description": "If VDS is used as a HostSwitch this attribute must be specified. You can associate uplinks from UplinkHostSwitchProfile to either VDS uplink or LAG. VDS uplink or LAG will inherit the global VDS level teaming policy from vSphere. NSX managed uplink or LAG will have NSX teaming policy configured through UplinkHostSwitchProfile.",
"items": {
"$ref": "VdsUplink
},
"nsx_feature": "NsxtOnVds",
"required": false,
"title": "Uplink/LAG of VMware vSphere Distributed Switch connected to the HostSwitch",
"type": "array"
},
"vmk_install_migration": {
"description": "When using the Quick Start workflow on 7.0 and above vCenter clusters, vmnk_install_migration will be populated by the recommendation engine when providing a VDS HostSwitch based recommendation for a VSS HostSwitch. It will contain The vmk interfaces and the associated logical switches on the HostSwitch. The state of this field is realized on the transport node during creation",
"items": {
"$ref": "VmknicNetwork
},
"required": false,
"title": "The vmknic and logical switch mappings",
"type": "array"
},
"vmk_uninstall_migration": {
"deprecated": true,
"description": "This is only supported for NVDS type of host switch. If this is specified for VDS type of host switch, an error will be returned to user. The vmk interfaces and the associated portgroups on the VSS/DVS. This field is realized on the host during transport node deletion or NSX uninstallation to specify the destination for all vmks on N-VDS switches.",
"items": {
"$ref": "VmknicNetwork
},
"required": false,
"title": "The vmknic and portgroup mappings",
"type": "array"
}
},
"title": "Standard host switch specification",
"type": "object"
}
StandardHostSwitchSpec (type)
{
"description": "Standard host switch specification is used for NSX configured transport node.",
"extends": {
"$ref": "HostSwitchSpec
},
"id": "StandardHostSwitchSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "StandardHostSwitchSpec"
},
"properties": {
"host_switches": {
"items": {
"$ref": "StandardHostSwitch
},
"minItems": 0,
"required": true,
"title": "Transport Node host switches",
"type": "array"
},
"resource_type": {
"enum": [
"StandardHostSwitchSpec",
"PreconfiguredHostSwitchSpec"
],
"required": true,
"type": "string"
}
},
"title": "Specification of transport node standard host switch",
"type": "object"
}
StandbyRelocationConfig (type) (Deprecated)
{
"deprecated": true,
"id": "StandbyRelocationConfig",
"module_id": "EdgeHighAvailabilityProfile",
"properties": {
"standby_relocation_threshold": {
"default": 30,
"description": "The time interval (in minutes) to wait before starting the standby service context relocation process. In some cases, the standby relocation trigger may take more time than what is set in threshold because of multiple different reasons, as listed below A. Standby relocation process runs as a background task which poll edge clusters at pre-defined interval of 5 minutes, to check for standby relocation. If during one cycle of standby relocation, an edge is found to be down, and the time remaining to threshold expiry in less then 5 minutes (for example 2 minute), than this relocation will be picked up in next cycle of standby relocation after 5 minutes, and not after 2 minutes. B. If edge becomes down at X time, then edge might take few seconds or minutes for all services to completely go down and report that they are down. So actual time when unified appliance knows edge is down may be X + delta. This delta time adds to the actual standby relocation threshold expiry, and once the [standby relocation threshold time + delta time] is complete for an edge node, and the edge is still down, than the standby relocation task will be performed for this edge node in the next cycle, that may be due to run anytime within next 5 minutes.",
"maximum": 20000,
"minimum": 10,
"required": false,
"title": "Standby service context relocation wait time",
"type": "integer"
}
},
"title": "Standby service contexts relocation setting",
"type": "object"
}
StartWorkflowInput (type)
{
"description": "Start workflow input.",
"id": "StartWorkflowInput",
"module_id": "OverlayAdoption",
"properties": {
"workflow_spec": {
"$ref": "WorkflowSpec,
"description": "Workflow spec.",
"readonly": false,
"required": false,
"title": "Workflow spec"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "Start workflow input",
"type": "object"
}
StatItem (type)
{
"additionalProperties": false,
"description": "Displayed as a single number. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states.",
"id": "StatItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the stat.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
},
"total": {
"description": "If expression for total is specified, it evaluates it. Total can be omitted if not needed to be shown.",
"title": "Total",
"type": "string"
},
"value": {
"description": "Expression for stat to be displayed.",
"maxLength": 1024,
"required": true,
"title": "Stat",
"type": "string"
}
},
"title": "Statistic of an entity",
"type": "object"
}
StaticARPConfig (type)
{
"additionalProperties": false,
"description": "Contains Static ARP configuration for Segment.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticARPConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "IP Address"
},
"mac_address": {
"$ref": "MACAddress,
"required": true,
"title": "MAC Address"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static ARP Config",
"type": "object"
}
StaticFilter (type)
{
"additionalProperties": false,
"id": "StaticFilter",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"additional_value": {
"description": "An additional key-value pair for static filter.",
"required": false,
"title": "An additional value for static filter",
"type": "object"
},
"display_name": {
"description": "display name to be shown in the drop down for static filter.",
"maxLength": 1024,
"title": "Display name for static filter",
"type": "string"
},
"info_text": {
"description": "Additional information to be shown along with the static filter. It will shown on the tooltip of an info icon,",
"required": false,
"title": "Info text for the static filter.",
"type": "string"
},
"short_display_name": {
"description": "Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used.",
"maxLength": 1024,
"title": "A property value to be shown once value is selected for a filter.",
"type": "string"
},
"value": {
"description": "Value of static filter inside dropdown filter.",
"title": "Value of static filter",
"type": "string"
}
},
"title": "Static filters",
"type": "object"
}
StaticHopBfdPeer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "StaticHopBfdPeer",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_config": {
"$ref": "BfdConfigParameters,
"description": "If not specified then BFD peer will inherit configuration from the BFD global config.",
"required": false,
"title": "Configuration for the BFD peer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Indicate BFD peer is enabled or disabled. Default is true.",
"required": false,
"title": "status of BFD peer",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"peer_ip_address": {
"$ref": "IPAddress,
"description": "IP address of BFD peer. This should be same as next hop IP address.",
"required": true,
"title": "IP address of BFD peer"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_addresses": {
"description": "BFD peers will be created from all these source addresses to this neighbour.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": false,
"title": "Array of Logical Router Uplink IP Addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
StaticHopBfdPeerDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "StaticHopBfdPeerDeleteRequestParameters",
"module_id": "Routing",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "BFD peer delete request parameters",
"type": "object"
}
StaticHopBfdPeerListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "StaticHopBfdPeerListParameters",
"module_id": "Routing",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BFD Peers list parameters",
"type": "object"
}
StaticHopBfdPeerListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaticHopBfdPeerListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "StaticHopBfdPeer
},
"readonly": true,
"required": true,
"title": "static hop BFD peer list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
StaticIpAllocation (type)
{
"description": "Static IP allocation for VPC Subnet ports with VIF attachement",
"id": "StaticIpAllocation",
"module_id": "PolicyVpcSubnet",
"properties": {
"enabled": {
"default": false,
"description": "Enable ip and mac addresse allocation for VPC Subnet ports from static ip pool. To enable this, dhcp pool shall be empty and static ip pool shall own all available ip addresses.",
"required": false,
"title": "Activate or Deactivate static ip allocation for VPC Subnet ports with VIF attachement",
"type": "boolean"
}
},
"title": "Static IP allocation for VPC Subnet ports with VIF attachement",
"type": "object"
}
StaticIpListSpec (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "IpAssignmentSpec
},
"id": "StaticIpListSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpListSpec"
},
"properties": {
"default_gateway": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "Gateway IP"
},
"ip_list": {
"items": {
"$ref": "IPAddress
},
"maxItems": 32,
"readonly": false,
"required": true,
"title": "List of IPs for transport node host switch virtual tunnel endpoints",
"type": "array"
},
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
},
"subnet_mask": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "Subnet mask"
}
},
"title": "IP assignment specification for Static IP List.",
"type": "object"
}
StaticIpMacListSpec (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "IpAssignmentSpec
},
"id": "StaticIpMacListSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpMacListSpec"
},
"properties": {
"default_gateway": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "Gateway IP"
},
"ip_mac_list": {
"items": {
"$ref": "IpMacPair
},
"maxItems": 32,
"readonly": false,
"required": true,
"title": "List of IPs and MACs for transport node host switch virtual tunnel endpoints",
"type": "array"
},
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
},
"subnet_mask": {
"$ref": "IPAddress,
"readonly": false,
"required": true,
"title": "Subnet mask"
}
},
"title": "IP and MAC assignment specification for Static IP List.",
"type": "object"
}
StaticIpPoolSpec (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "IpAssignmentSpec
},
"id": "StaticIpPoolSpec",
"module_id": "TransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpPoolSpec"
},
"properties": {
"ip_pool_id": {
"readonly": false,
"required": true,
"type": "string"
},
"resource_type": {
"enum": [
"StaticIpPoolSpec",
"StaticIpListSpec",
"AssignedByDhcp",
"StaticIpMacListSpec",
"NoIpv4"
],
"required": true,
"type": "string"
}
},
"title": "IP assignment specification for Static IP Pool.",
"type": "object"
}
StaticIpv6ListSpec (type)
{
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "StaticIpv6ListSpec",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpv6ListSpec"
},
"properties": {
"default_gateway": {
"$ref": "IPv6Address,
"readonly": false,
"required": true,
"title": "Gateway IP"
},
"ipv6_list": {
"items": {
"$ref": "IPv6Address
},
"maxItems": 32,
"readonly": false,
"required": true,
"title": "List of IPv6 IPs for transport node host switch virtual tunnel endpoints",
"type": "array"
},
"prefix_length": {
"readonly": false,
"required": true,
"title": "Prefix Length",
"type": "string"
},
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "IPv6 assignment specification for Static IP List.",
"type": "object"
}
StaticIpv6MacListSpec (type)
{
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "StaticIpv6MacListSpec",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpv6MacListSpec"
},
"properties": {
"default_gateway": {
"$ref": "IPv6Address,
"readonly": false,
"required": true,
"title": "Gateway IP"
},
"ipv6_mac_list": {
"items": {
"$ref": "Ipv6MacPair
},
"maxItems": 32,
"readonly": false,
"required": true,
"title": "List of IPs and MACs for transport node host switch virtual tunnel endpoints",
"type": "array"
},
"prefix_length": {
"readonly": false,
"required": true,
"title": "Prefix Length",
"type": "string"
},
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "IPv6 and MAC assignment specification for Static IP List.",
"type": "object"
}
StaticIpv6PoolSpec (type)
{
"extends": {
"$ref": "Ipv6AssignmentSpec
},
"id": "StaticIpv6PoolSpec",
"module_id": "TransportNode",
"nsx_feature": "L2Ipv6",
"polymorphic-type-descriptor": {
"type-identifier": "StaticIpv6PoolSpec"
},
"properties": {
"ipv6_pool_id": {
"readonly": false,
"required": true,
"type": "string"
},
"resource_type": {
"enum": [
"StaticIpv6PoolSpec",
"StaticIpv6ListSpec",
"AssignedByDhcpv6",
"StaticIpv6MacListSpec",
"AssignedByAutoConf",
"NoIpv6"
],
"required": true,
"type": "string"
}
},
"title": "IPv6 assignment specification for Static IP Pool.",
"type": "object"
}
StaticMimeContent (type)
{
"additionalProperties": false,
"description": "MIME content with text message and image path in it.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticMimeContent",
"module_id": "PolicyStaticMimeContent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"text_message": {
"description": "text message.",
"required": true,
"title": "text message",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static MIME content",
"type": "object"
}
StaticMimeContentListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "StaticMimeContentListRequestParameters",
"module_id": "PolicyStaticMimeContent",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy static mime content list request parameters",
"type": "object"
}
StaticMimeContentListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaticMimeContentListResult",
"module_id": "PolicyStaticMimeContent",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "StaticMimeContent
},
"required": true,
"title": "Policy static mime content list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy static mime contents",
"type": "object"
}
StaticPoolConfig (type)
{
"description": "Static IP pool configuration",
"id": "StaticPoolConfig",
"module_id": "PolicyVpcSubnet",
"properties": {
"ipv4_pool_size": {
"default": 0,
"description": "Number of IPs to be reserved in static ip pool. Maximum allowed value is 'subnet size - 4'. If dhcp is enabled then by default static ipv4 pool size will be zero and all available IPs will be reserved in local dhcp pool. If dhcp is deactivated then by default all IPs will be reserved in static ip pool.",
"minimum": 0,
"required": false,
"title": "Static IPv4 Pool size",
"type": "int"
}
},
"title": "Static IP pool configuration",
"type": "object"
}
StaticRoute (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "StaticRoute",
"module_id": "Routing",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logical_router_id": {
"readonly": true,
"required": false,
"title": "Logical router id",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "CIDR"
},
"next_hops": {
"items": {
"$ref": "StaticRouteNextHop
},
"minItems": 1,
"required": true,
"title": "Next Hops",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
StaticRouteBfdPeer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticRouteBfdPeer",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_profile_path": {
"description": "Bfd Profile is not supported for IPv6 networks.",
"title": "Policy path to Bfd Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"StaticRouteBfdPeer"
],
"relationshipType": "BFD_CONFIG_BFD_PEER_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable BFD peer.",
"title": "Enable BFD Peer",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"description": "Both IPv4 and IPv6 addresses are supported. Only a single BFD config per peer address is allowed.",
"required": true,
"title": "IP Address of static route next hop peer",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Represents the array of policy paths of locale services where this BFD peer should get relalized on. The locale service service and this BFD peer must belong to the same router. Default scope is empty.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of policy paths of locale services",
"type": "array"
},
"source_addresses": {
"description": "Array of Tier0 external interface IP addresses. BFD peering is established from all these source addresses to the neighbor specified in peer_address. Both IPv4 and IPv6 addresses are supported.",
"items": {
"type": "string"
},
"maxItems": 8,
"minItems": 0,
"title": "List of source IP addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static Route Bidirectional Forwarding Detection Peer",
"type": "object"
}
StaticRouteBfdPeerListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of StaticRouteBfdPeer.",
"extends": {
"$ref": "ListResult
},
"id": "StaticRouteBfdPeerListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "StaticRouteBfdPeer list results.",
"items": {
"$ref": "StaticRouteBfdPeer
},
"required": true,
"title": "StaticRouteBfdPeer list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Colleciton of StaticRouteBfdPeer",
"type": "object"
}
StaticRouteBfdTroubleshootConfig (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BFD control packet debug, peer diagnostics and data path drop logging.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticRouteBfdTroubleshootConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_control_pkt_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of the timestamps of sent and received BFD control messages per BFD peer session. Enabled by default.",
"required": false,
"title": "BFD control packet diagnostics configuration for troubleshooting",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"system_diagnostics": {
"default": true,
"description": "Flag to enable/disable the collection of system diagnostic data such as ARP, Ping, CPU stats, etc., during a flap incident. Enabled by default.",
"required": false,
"title": "BFD system diagnostics configuration for troubleshooting",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static BFD troubleshoot properties",
"type": "object"
}
StaticRouteListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaticRouteListResult",
"module_id": "Routing",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "StaticRoute
},
"required": true,
"title": "Paginated list of static routes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
StaticRouteNextHop (type)
{
"additionalProperties": false,
"id": "StaticRouteNextHop",
"module_id": "Routing",
"properties": {
"administrative_distance": {
"default": 1,
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Administrative Distance for the next hop IP",
"type": "integer"
},
"bfd_enabled": {
"default": false,
"readonly": true,
"required": false,
"title": "Status of bfd for this next hop where bfd_enabled = true indicate bfd is enabled for this next hop and bfd_enabled = false indicate bfd peer is disabled or not configured for this next hop.",
"type": "boolean"
},
"blackhole_action": {
"$ref": "BlackholeAction,
"readonly": true,
"required": false,
"title": "Action to be taken on matching packets for NULL routes."
},
"ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "Next Hop IP"
},
"logical_router_port_id": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference of logical router port to be used for next hop"
}
},
"type": "object"
}
StaticRoutes (type)
{
"additionalProperties": false,
"description": "Static routes configuration on Tier-0, Tier-1 or VPC.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticRoutes",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled_on_secondary": {
"default": false,
"description": "When false or by default northbound routes are configured only on the primary location and not on secondary location. When true, the static route will also be configured on a secondary location. Secondary location prefers route learned from the primary location and enabling this flag secondary location can override this. This flag is not applicable if all sites are primary. Not applicable for static routes created under VPC.",
"title": "Flag to plumb route on secondary site",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"network": {
"$ref": "IPElement,
"description": "Specify network address in CIDR format. In case of VPC, user can optionally use allocated IP from one of the external blocks associated with VPC. Only /32 CIDR is allowed in case IP overlaps with external blocks.",
"required": true,
"title": "Network address in CIDR format"
},
"next_hops": {
"description": "Specify next hop routes for network.",
"items": {
"$ref": "RouterNexthop
},
"minItems": 1,
"required": true,
"title": "Next hop routes for network",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static routes configuration on Tier-0, Tier-1 or VPC",
"type": "object"
}
StaticRoutesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "StaticRoutesListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Static Routes list request parameters",
"type": "object"
}
StaticRoutesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaticRoutesListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "StaticRoutes
},
"required": true,
"title": "Static Routes list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Static Routes",
"type": "object"
}
StatisticsRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request on statistics can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point. - {container_cluster_path}: The request is evaluated only on the given container cluster.",
"id": "StatisticsRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Statistics Request Parameters",
"type": "object"
}
StatsConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a statistic for an entity. Example, number of logical switches and their admin states.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "StatsConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "StatsConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Displayed at the sections, by default. It labels the entities of sections. If label is not provided, the sections are not labelled.",
"title": "Label of the Stats Configuration"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"sections": {
"decription": "High level logical grouping of portions or segments.",
"items": {
"$ref": "DonutSection
},
"minItems": 0,
"title": "Sections",
"type": "array"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"stat": {
"$ref": "StatItem,
"description": "Expression that fetches statistic. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states. If stat is not provided, then it will not be displayed.",
"title": "Expression for feching statistic of an entity"
},
"sub_type": {
"description": "A sub-type of StatsConfiguration. If sub-type is not specified the parent type is rendered. The COMPACT sub_type, conserves the space for the widget. The statistic is placed on the right side on top of the status bar and the title of the widget is placed on the left side on the top of the status bar. The COMPACT style aligns itself horizontally as per the width of the container. If multiple widgets are placed insided the container then the widgets are placed one below the other to conserve the space.",
"enum": [
"COMPACT"
],
"title": "Sub-type of the StatsConfiguration",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Stats Configuration",
"type": "object"
}
StatusCount (type)
{
"additionalProperties": false,
"id": "StatusCount",
"module_id": "Heatmap",
"properties": {
"degraded_count": {
"title": "Degraded count",
"type": "int"
},
"down_count": {
"title": "Down count",
"type": "int"
},
"down_pnics": {
"description": "List Down or Degraded pnics",
"items": {
"$ref": "PnicBondStatus
},
"title": "Down pnics",
"type": "array"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"status": {
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"title": "Roll-up status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
},
"up_count": {
"title": "Up count",
"type": "int"
}
},
"type": "object"
}
StatusSummaryRequestParameters (type)
{
"additionalProperties": false,
"id": "StatusSummaryRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"selection_status": {
"default": "ALL",
"enum": [
"SELECTED",
"DESELECTED",
"ALL"
],
"required": false,
"title": "Flag to indicate whether to return status for only selected, only deselected or both type of upgrade units",
"type": "string"
},
"show_history": {
"description": "Get details of the last 16 operations performed during the upgrade of a given component.",
"readonly": false,
"required": false,
"title": "Get upgrade activity for a given component",
"type": "boolean"
}
},
"type": "object"
}
StorageClasses (type)
{
"description": "List Kubernetes storage classes.",
"extends": {
"$ref": "ListResult
},
"id": "StorageClasses",
"module_id": "PolicyCloudNative",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"name": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List the name of storage classes",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Kubernetes storage classes",
"type": "object"
}
StringArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of String values",
"extends": {
"$ref": "ConstraintValue
},
"id": "StringArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "StringArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "Array of string values",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of String",
"type": "array"
}
},
"title": "Array of String Values to perform operation",
"type": "object"
}
StructuredData (type)
{
"additionalProperties": false,
"id": "StructuredData",
"properties": {
"audit": {
"required": true,
"title": "Audit flag of the log",
"type": "string"
},
"comp": {
"required": true,
"title": "Component value of the log",
"type": "string"
},
"ent_id": {
"required": false,
"title": "Entity Id value of the log",
"type": "string"
},
"ereq_id": {
"required": false,
"title": "External request Id value of the log",
"type": "string"
},
"error_code": {
"required": false,
"title": "Error Code value of the log",
"type": "string"
},
"level": {
"required": false,
"title": "Level value of the log",
"type": "string"
},
"req_id": {
"required": false,
"title": "Request Id value of the log",
"type": "string"
},
"s2comp": {
"required": false,
"title": "Sub-subcomponent value of the log",
"type": "string"
},
"security": {
"required": false,
"title": "Security flag of the log",
"type": "string"
},
"subcomp": {
"required": true,
"title": "Subcomponent value of the log",
"type": "string"
},
"username": {
"required": false,
"title": "Username value of the log",
"type": "string"
}
},
"title": "Structured data entry in RFC5424 log format",
"type": "object"
}
StubStatus (type)
{
"id": "StubStatus",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"title": "IP/FQDN of the node",
"type": "string"
},
"connection_up": {
"required": true,
"title": "Is stub up",
"type": "boolean"
}
},
"type": "object"
}
SubCluster (type)
{
"description": "Sub-cluster is a grouping of discovered nodes under a compute collection. This grouping facilitates applying TransportNodeProfile sub-configurations for these grouped hosts.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SubCluster",
"module_id": "SubCluster",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"compute_collection_id": {
"description": "Compute collection ID under which sub-cluster is created. Maximum number of sub-clusters that can be created under a compute collection is 16.",
"required": true,
"title": "Compute collection ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_cluster_info": {
"$ref": "SubClusterInfo,
"description": "Sub-cluster-info contains the sub-cluster type and the discovered node IDs in sub-cluster.",
"required": true,
"title": "Sub-cluster-info for sub-cluster"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Sub-cluster",
"type": "object"
}
SubClusterConfig (type)
{
"description": "Represents a mapping between a sub-cluster and all applicable sub-configurations in the TNP.",
"id": "SubClusterConfig",
"module_id": "HostTransportNodeCollection",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_config_sources": {
"items": {
"$ref": "HostSwitchConfigSource
},
"required": true,
"title": "List of overridden HostSwitch configuration",
"type": "array"
},
"sub_cluster_id": {
"required": true,
"title": "sub-cluster Id",
"type": "string"
}
},
"title": "Sub-cluster Configuration",
"type": "object"
}
SubClusterInfo (type)
{
"description": "Sub-Cluster-info contains the sub-cluster type and the discovered node IDs for the hosts that belong to this sub-cluster.",
"id": "SubClusterInfo",
"module_id": "SubCluster",
"properties": {
"discovered_node_ids": {
"description": "Discovered node IDs under this sub-cluster. This is an optional field.",
"items": {
"type": "string"
},
"required": false,
"title": "Discovered node IDs",
"type": "array"
},
"sub_cluster_type": {
"description": "Sub-cluster-type can be either MANUAL or FAULT_DOMAIN. This is a mandatory field. Currently, all sub-clusters will be of type MANUAL. In the future, we will provide support for creating a sub-cluster for fault domains in VC. This field indicates the same.",
"enum": [
"MANUAL"
],
"required": true,
"title": "Sub-Cluster-Type",
"type": "string"
}
},
"title": "Sub-cluster-info",
"type": "object"
}
SubClusterListResult (type)
{
"description": "This is the list of sub-clusters in the system.",
"extends": {
"$ref": "ListResult
},
"id": "SubClusterListResult",
"module_id": "SubCluster",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"items": {
"$ref": "SubCluster
},
"required": true,
"title": "SubCluster Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Sub-cluster queries result",
"type": "object"
}
SubPool (type)
{
"additionalProperties": false,
"id": "SubPool",
"module_id": "EdgeClusters",
"properties": {
"remaining_credit_number": {
"description": "Credits remaining on the sub-pool that can be used to deploy services of corresponding sub-pool type.",
"readonly": true,
"title": "Remaining credit number of the sub-pool",
"type": "int"
},
"sub_pool_type": {
"description": "Type of the sub-pool configured on edge node.",
"readonly": true,
"title": "Sub-pool Type",
"type": "string"
},
"usage_percentage": {
"description": "Percentage utlization of sub-pool based on the number of services configured and the hard limits, if any.",
"readonly": true,
"title": "Percentage utlization of sub-pool",
"type": "number"
}
},
"type": "object"
}
SubjectAltNames (type)
{
"additionalProperties": false,
"id": "SubjectAltNames",
"module_id": "CertificateManager",
"properties": {
"dns_names": {
"description": "A list of DNS names in subject alternative names",
"items": {
"$ref": "DnsNameString
},
"maxItems": 128,
"minItems": 1,
"readonly": true,
"required": false,
"title": "DNS names",
"type": "array"
},
"ip_addresses": {
"description": "A list of IP addresses in subject alternative names",
"items": {
"oneOf": [
{
"format": "ipv4"
},
{
"format": "ipv6"
}
],
"type": "string"
},
"maxItems": 64,
"minItems": 1,
"readonly": true,
"required": false,
"title": "IP Addresses",
"type": "array"
}
},
"title": "A collection of subject alternative names",
"type": "object"
}
SubjectPublicKeyHash (type)
{
"additionalProperties": false,
"id": "SubjectPublicKeyHash",
"module_id": "CertificateManager",
"properties": {
"public_key_sha256_hashes": {
"description": "List of SHA256 hashes of the Public Key of the revoked certificates with the specified subject.",
"items": {
"type": "string"
},
"title": "SHA256 hashes of Public Keys",
"type": "array"
},
"subject": {
"description": "Subject Distinguished Name of the revoked certificates.",
"title": "Subject Distinguished Name (DN)",
"type": "string"
}
},
"type": "object"
}
SubnetAdvancedConfig (type)
{
"description": "VPC Subnet Advanced Configuration",
"id": "SubnetAdvancedConfig",
"module_id": "PolicyVpcSubnet",
"properties": {
"static_ip_allocation": {
"$ref": "StaticIpAllocation,
"description": "Static IP allocation configuration for VPC Subnet ports with VIF attachement. Not supported when DUAL ip_address_type is used in parent VPC.",
"required": false,
"title": "Static IP allocation for VPC Subnet ports with VIF attachement"
}
},
"title": "VPC Subnet Advanced Configuration",
"type": "object"
}
SubnetIpRange (type)
{
"description": "Details of subnet ip range of container ip pool",
"id": "SubnetIpRange",
"module_id": "InventoryContainerObj",
"properties": {
"cidr": {
"$ref": "IPCIDRBlock,
"description": "CIDR of subnet ip range.",
"readonly": false,
"required": false,
"title": "CIDR of SubnetIpRange"
},
"end": {
"description": "Specifies end of subnet ip range.",
"format": "ip",
"readonly": false,
"required": false,
"title": "End of SubnetIpRange",
"type": "string"
},
"gateway": {
"description": "Specifies gateway IP of subnet.",
"format": "ip",
"readonly": false,
"required": false,
"title": "Gateway IP of SubnetIpRange",
"type": "string"
},
"prefix_length": {
"description": "Specifies prefix length of subnet.",
"maximum": 128,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Prefix length of SubnetIpRange",
"type": "integer"
},
"start": {
"description": "Specifies start IP of subnet ip range.",
"format": "ip",
"readonly": false,
"required": false,
"title": "Start IP of SubnetIpRange",
"type": "string"
},
"vlan": {
"description": "Specifies VLAN id of subnet.",
"maximum": 4095,
"minimum": 0,
"readonly": false,
"required": false,
"title": "VLAN ID of SubnetIpRange",
"type": "integer"
}
},
"title": "SubnetIpRange of ContainerIpPool",
"type": "object"
}
SubnetProfiles (type)
{
"description": "Profile references will be applied to subnets. If not specified by the user, default profiles will be used.",
"id": "SubnetProfiles",
"module_id": "PolicyVpc",
"properties": {
"ip_discovery": {
"description": "Using this profile to configure different options of IP Discovery",
"required": false,
"title": "IP Discovery Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_IP_DISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
}
]
},
"mac_discovery": {
"description": "Mac Discovery Profile",
"required": false,
"title": "Mac Discovery Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_MAC_DISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"MacDiscoveryProfile"
]
}
]
},
"qos": {
"description": "Segment Qos Profile",
"required": false,
"title": "Segment Qos Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SUBNET_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"QoSProfile"
]
}
]
},
"segment_security": {
"description": "Security features are extended by policy operations for securing logical segments.",
"required": false,
"title": "Segment Security Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SUBNET_SECURITY_PROFILE_RELATIONSHIP",
"rightType": [
"SegmentSecurityProfile"
]
}
]
},
"spoof_guard": {
"description": "SpoofGuard is a tool that is designed to prevent virtual machines in your environment from sending traffic with IP addresses which are not authorized to send traffic from. A SpoofGuard policy profile once enabled blocks the traffic determined to be spoofed.",
"required": false,
"title": "SpoofGuard Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_SPOOF_GUAURD_PROFILE_RELATIONSHIP",
"rightType": [
"SpoofGuardProfile"
]
}
]
}
},
"title": "Subnet Profiles",
"type": "object"
}
SubnetStatistics (type)
{
"additionalProperties": false,
"description": "VPC Subnet statistics",
"extends": {
"$ref": "SegmentStatistics
},
"id": "SubnetStatistics",
"module_id": "PolicyVpcSubnetStatistics",
"properties": {
"dropped_by_firewall_packets": {
"$ref": "DfwDropCounters,
"readonly": true,
"required": false
},
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"nsxt_fp": {
"$ref": "FpCounters,
"description": "ENS/FC module for DP packet processing",
"readonly": true,
"required": false
},
"nsxt_swsec": {
"$ref": "SwsecCounters,
"description": "Switch Security provides stateless L2 and L3 security by checking, traffic to the logical switch and dropping unauthorized packets sent, from VMs",
"readonly": true,
"required": false
},
"nsxt_vdl2": {
"$ref": "Vdl2Counters,
"description": "Overlay Layer-2 module responsible for workload connectivity",
"readonly": true,
"required": false
},
"nsxt_vdrb": {
"$ref": "VdrbCounters,
"description": "Virtual Distributed Routing (VDR) routes packets on every ESX",
"readonly": true,
"required": false
},
"nsxt_vsip": {
"$ref": "VsipCounters,
"description": "VSIP provides Distributed Firewall capability",
"readonly": true,
"required": false
},
"nsxt_vswitch": {
"$ref": "VswitchCounters,
"description": "Virtual Switch is responsible for providing switching functionality",
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"title": "VPC Subnet statistics",
"type": "object"
}
SuccessNodeSupportBundleResult (type)
{
"additionalProperties": false,
"id": "SuccessNodeSupportBundleResult",
"properties": {
"bundle_name": {
"readonly": true,
"required": true,
"title": "Name of support bundle, e.g. nsx_NODETYPE_UUID_YYYYMMDD_HHMMSS.tgz",
"type": "string"
},
"bundle_size": {
"readonly": true,
"required": true,
"title": "Size of support bundle in bytes",
"type": "integer"
},
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"node_ip": {
"readonly": true,
"required": true,
"title": "IPv4 address of node",
"type": "string"
},
"node_ipv6": {
"readonly": true,
"required": true,
"title": "IPv6 address of node",
"type": "string"
},
"sha256_thumbprint": {
"readonly": true,
"required": true,
"title": "File's SHA256 thumbprint",
"type": "string"
}
},
"type": "object"
}
SummaryMigrationFeedbackRequest (type)
{
"additionalProperties": false,
"description": "Minimal description of feedback requests.",
"id": "SummaryMigrationFeedbackRequest",
"module_id": "Migration",
"properties": {
"details": {
"description": "Details about this specific feedback request.",
"readonly": true,
"required": false,
"title": "Details about this specific feedback request",
"type": "string"
},
"federation_site_id": {
"description": "Id of the site in NSX-T Federation",
"readonly": true,
"required": false,
"title": "Id of the site in NSX-T Federation",
"type": "string"
},
"id": {
"description": "Identifier of the feedback request.",
"readonly": true,
"required": true,
"title": "UUID of the feedback request",
"type": "string"
},
"object_id": {
"description": "Identifier of the object for which feedback is requested.",
"readonly": true,
"required": false,
"title": "UUID of the object",
"type": "string"
},
"rejected": {
"description": "Indicates if previous response was invalid. Please provide a valid response.",
"readonly": true,
"required": false,
"title": "Indicates if the previous feedback response was rejected",
"type": "boolean"
},
"resolution": {
"description": "If the feedback request was resolved earlier, provides details about the previous resolution.",
"readonly": true,
"required": false,
"title": "Previous resolution details for this feedback request",
"type": "string"
},
"resolved": {
"description": "Indicates if a valid response already exist for this feedback request.",
"readonly": true,
"required": false,
"title": "Indicates if this feedback request has already been resolved",
"type": "boolean"
},
"v_object_id": {
"description": "Identifier for this object in the source NSX endpoint.",
"readonly": true,
"required": true,
"title": "Id of this object in the source NSX endpoint",
"type": "string"
},
"v_object_name": {
"description": "Name of this object in the source NSX endpoint.",
"readonly": true,
"required": true,
"title": "Name of this object in the source NSX endpoint",
"type": "string"
}
},
"title": "Feedback detail required for Migration",
"type": "object"
}
SummaryRequest (type)
{
"additionalProperties": false,
"id": "SummaryRequest",
"module_id": "Migration",
"properties": {
"summary": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag indicating whether to return the summary",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleConfig (type)
{
"additionalProperties": false,
"description": "Config to enable/disable concurrent tasks execution on support bundle collection.",
"id": "SupportBundleConfig",
"module_id": "PlatformManagement",
"properties": {
"enable_concurrent_tasks": {
"default": true,
"description": "When collecting data for support bundles, allow concurrent data collection. If set to false, data is collected one at a time, for example, APIs are invoked one at a time then system commands are invoked one at a time, etc. By default, the value of this property is true.",
"required": true,
"title": "Enable concurrent data collection",
"type": "boolean"
}
},
"title": "Supportbundle configuration",
"type": "object"
}
SupportBundleContainerNode (type)
{
"abstract": true,
"additionalProperties": {},
"id": "SupportBundleContainerNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "container_type"
},
"properties": {
"container_type": {
"enum": [
"ANTREA"
],
"required": true,
"title": "Support bundle container type",
"type": "string"
}
},
"type": "object"
}
SupportBundleFileTransferAuthenticationScheme (type)
{
"additionalProperties": false,
"id": "SupportBundleFileTransferAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"PASSWORD"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
SupportBundleFileTransferProtocol (type)
{
"additionalProperties": false,
"id": "SupportBundleFileTransferProtocol",
"properties": {
"authentication_scheme": {
"$ref": "SupportBundleFileTransferAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"SCP",
"SFTP"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
SupportBundleQueryParameter (type)
{
"additionalProperties": false,
"id": "SupportBundleQueryParameter",
"properties": {
"override_async_response": {
"default": false,
"description": "Override an existing support bundle async response if it exists. If not set to true and an existing async response is available, the support bundle request results in 409 CONFLICT.",
"title": "Override any existing support bundle async response",
"type": "boolean"
},
"require_delete_or_override_async_response": {
"default": false,
"description": "If the remote_file_server option has not been specified, save generated support bundle until a subsequent request either deletes or overrides the support bundle generated by the current request using the action=delete_async_response or override_async_response=true query parameters. Setting this property to true allows the NSX API client to re-download a support bundle if for example a previous download attempt fails.",
"title": "Suppress auto-deletion of generated support bundle",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleQueryParameters (type)
{
"additionalProperties": false,
"id": "SupportBundleQueryParameters",
"properties": {
"all": {
"default": false,
"description": "Include all files including files that may have sensitive information like core files.",
"title": "Include all files",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleRemoteFileServer (type)
{
"additionalProperties": false,
"id": "SupportBundleRemoteFileServer",
"properties": {
"directory_path": {
"required": true,
"title": "Remote server directory to copy bundle files to",
"type": "string"
},
"manager_upload_only": {
"default": false,
"title": "Uploads to the remote file server performed by the manager",
"type": "boolean"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "SupportBundleFileTransferProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote file server",
"type": "object"
}
SupportBundleRequest (type)
{
"additionalProperties": false,
"id": "SupportBundleRequest",
"properties": {
"container_nodes": {
"items": {
"$ref": "SupportBundleContainerNode
},
"minItems": 1,
"required": false,
"title": "List of container clusters and their nodes requiring support bundle collection",
"type": "array"
},
"content_filters": {
"default": [
"DEFAULT"
],
"description": "<p>List of content filters that specify additional content or action when collecting support bundle. </p> <ul><li>Filter <code>ALL</code> includes core dumps and audit logs in support bundle</li> <li>Filter <code>REMOVE_CORE_FILES</code> can optionally be in list with <code>ALL</code>, to remove core dump files after collected in support bundle</li> <li>Filter <code>EAL4_AUDIT</code> can optionally be in list to collect pre-defined selective log files. The selected log files are deleted from the support bundle if the files have not been modified in the last 4 hours.</li></ul> <p>By default no core dumps and audit logs are included in support bundle with filter <code>DEFAULT</code>.</p> <p>No other content-filters can be added along with <code>EAL4_AUDIT</code> content-filter<p> <p>When content-filter <code>EAL4_AUDIT</code> is added, the log_age_limit field is disabled.</p> <p>Note, <code>REMOVE_CORE_FILES</code> is limited to NSX appliance and ESXi nodes only.</p>",
"items": {
"$ref": "ContentFilterValue
},
"minItems": 1,
"title": "Bundle should include content of specified type",
"type": "array"
},
"dynamic_content_filters": {
"default": [
"ALL"
],
"description": "List of dynamic content filters that specify additional content to include in the support bundle. The list of available filters available depends on your NSX-T deployment and can be determined by invoking the GET /api/v1/adminstration/support-bundles/dynamic-content-filters NSX API. For example, if NSX Intelligence is deployed, filters for collecting specific information about services are available.",
"items": {
"$ref": "DynamicContentFilterValue
},
"required": false,
"title": "List of content filters that decide the additional content that go into the support bundle",
"type": "array"
},
"log_age_limit": {
"maximum": 365,
"minimum": 1,
"title": "Include log files with modified times not past the age limit in days",
"type": "integer"
},
"nodes": {
"items": {
"type": "string"
},
"minItems": 1,
"required": false,
"title": "List of cluster/fabric node UUIDs processed in specified order",
"type": "array"
},
"remote_file_server": {
"$ref": "SupportBundleRemoteFileServer,
"title": "Remote file server to copy bundles to, bundle in response body if not specified"
}
},
"type": "object"
}
SupportBundleResult (type)
{
"additionalProperties": false,
"id": "SupportBundleResult",
"properties": {
"failed_nodes": {
"items": {
"$ref": "FailedNodeSupportBundleResult
},
"readonly": true,
"required": true,
"title": "Nodes where bundles were not generated or not copied to remote server",
"type": "array"
},
"remaining_nodes": {
"items": {
"$ref": "RemainingSupportBundleNode
},
"title": "Nodes where bundle generation is pending or in progress",
"type": "array"
},
"request_properties": {
"$ref": "SupportBundleRequest,
"readonly": true,
"required": true,
"title": "Request properties"
},
"success_nodes": {
"items": {
"$ref": "SuccessNodeSupportBundleResult
},
"readonly": true,
"required": true,
"title": "Nodes whose bundles were successfully copied to remote file server",
"type": "array"
}
},
"type": "object"
}
SupportedHostOSListResult (type)
{
"additionalProperties": false,
"description": "REST interface for supported host OS types.",
"extends": {
"$ref": "ListResult
},
"id": "SupportedHostOSListResult",
"module_id": "HostPrepServiceFabric",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Supported host OS list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Supported host OS list result",
"type": "object"
}
SvmConnectivityStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "SvmConnectivityStatus",
"module_id": "VmToolsInfo",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"connectivity_status": {
"description": "Connectivity status with the deployed Solution VM TRUE - VM is configured and protected by EPP/AMS Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP/AMS Service VM.",
"readonly": true,
"required": false,
"title": "Connectivity status with SVM",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_name": {
"description": "Service name as provided for Anti Malware Solution or as provided for third party Endpoint Protection solution during service registration.",
"readonly": true,
"required": false,
"title": "Service name of Solution",
"type": "string"
},
"solution_id": {
"description": "Solution ID as provided for Anti Malware Solution(AMS) or as provided for third party Endpoint Protection(EPP) solution during service registration.",
"readonly": true,
"required": false,
"title": "SVM solutionID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
SwitchSecurity (type)
{
"id": "SwitchSecurity",
"module_id": "ObservabilityCounters",
"properties": {
"bpdu_filter_drops": {
"description": "Packets dropped by BPDU Filter.",
"required": false,
"type": "integer"
},
"dhcp_client_block_ipv4_drops": {
"description": "IPv4 packets dropped by Client Block.",
"required": false,
"type": "integer"
},
"dhcp_client_block_ipv6_drops": {
"description": "IPv6 packets dropped by Client Block.",
"required": false,
"type": "integer"
},
"dhcp_client_validate_ipv4_drops": {
"description": "IPv4 packets dropped by Client Validate.",
"required": false,
"type": "integer"
},
"dhcp_server_block_ipv4_drops": {
"description": "IPv4 packets dropped by Server Block.",
"required": false,
"type": "integer"
},
"dhcp_server_block_ipv6_drops": {
"description": "IPv6 packets dropped by Server Block.",
"required": false,
"type": "integer"
},
"nd_parse_errors": {
"description": "IPv6 ND Parse Errors.",
"required": false,
"type": "integer"
},
"ra_guard_drops": {
"description": "Packets dropped by RA Guard.",
"required": false,
"type": "integer"
},
"rx_bcast_pkts": {
"description": "Received broadcast packets.",
"required": false,
"type": "integer"
},
"rx_mcast_pkts": {
"description": "Received multicast packets.",
"required": false,
"type": "integer"
},
"rx_rate_limit_bcast_drops": {
"description": "Rx Broadcast packets dropped by Rate Limit.",
"required": false,
"type": "integer"
},
"rx_rate_limit_mcast_drops": {
"description": "Rx Multicast packets dropped by Rate Limit.",
"required": false,
"type": "integer"
},
"spoof_guard_arp_drops": {
"description": "ARP packets dropped by Spoof Guard.",
"required": false,
"type": "integer"
},
"spoof_guard_ipv4_drops": {
"description": "IPv4 packets dropped by Spoof Guard.",
"required": false,
"type": "integer"
},
"spoof_guard_ipv6_drops": {
"description": "IPv6 packets dropped by Spoof Guard.",
"required": false,
"type": "integer"
},
"spoof_guard_nd_drops": {
"description": "ND packets dropped by Spoof Guard.",
"required": false,
"type": "integer"
},
"spoof_guard_non_ip_drops": {
"description": "Non-IP packets dropped by Spoof Guard.",
"required": false,
"type": "integer"
},
"tx_bcast_pkts": {
"description": "Sent broadcast packets",
"required": false,
"type": "integer"
},
"tx_mcast_pkts": {
"description": "Sent multicast packets.",
"required": false,
"type": "integer"
},
"tx_rate_limit_bcast_drops": {
"description": "Tx Broadcast packets dropped by Rate Limit.",
"required": false,
"type": "integer"
},
"tx_rate_limit_mcast_drops": {
"description": "Tx Multicast packets dropped by Rate Limit.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
SwitchSecuritySwitchingProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseSwitchingProfile
},
"id": "SwitchSecuritySwitchingProfile",
"module_id": "SwitchSecuritySwitchingProfile",
"polymorphic-type-descriptor": {
"type-identifier": "SwitchSecuritySwitchingProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"block_non_ip_traffic": {
"default": false,
"readonly": false,
"required": false,
"title": "A flag to block all traffic except IP/(G)ARP/BPDU",
"type": "boolean"
},
"bpdu_filter": {
"$ref": "BpduFilter,
"description": "BPDU filtering is enabled by default. A pre-defined list of MAC addresses are automatically excluded from BPDU filtering.",
"readonly": false,
"required": false,
"title": "Enables or disables BPDU filtering"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_filter": {
"$ref": "DhcpFilter,
"description": "DHCP server blocking is enabled and client blocking is disabled by default",
"readonly": false,
"required": false,
"title": "Filters DHCP server and/or client traffic."
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ra_guard_enabled": {
"default": true,
"description": "RA Guard when enabled blocks unauthorized/rogue Router Advertisement (RA) packets.",
"readonly": false,
"required": false,
"title": "Indicates whether ra guard should be enabled",
"type": "boolean"
},
"rate_limits": {
"$ref": "RateLimits,
"description": "Rate limiting is disabled by default",
"readonly": false,
"required": false,
"title": "Allows configuration of rate limits for broadcast and multicast traffic"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
SwitchingGlobalConfig (type)
{
"extends": {
"$ref": "GlobalConfigs
},
"id": "SwitchingGlobalConfig",
"module_id": "GlobalConfigs",
"polymorphic-type-descriptor": {
"type-identifier": "SwitchingGlobalConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_limit_per_lr": {
"default": 50000,
"description": "This is a global max ARP limit per logical router per transport node. It is applied to all the logical routers present on all types of transport nodes in the NSX domain. Updates to the field are allowed only through /policy/api/v1/infra/global-config API.",
"maximum": 50000,
"minimum": 5000,
"required": false,
"title": "ARP limit per logical router per transport node",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_replication_mode_enabled": {
"default": false,
"description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.",
"title": "A flag to indicate if global replication mode is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"physical_uplink_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.",
"readonly": false,
"title": "MTU for the physical uplinks",
"type": "int"
},
"remote_tunnel_physical_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used.",
"readonly": false,
"title": "The physical MTU for the remote tunnel endpoints",
"type": "int"
},
"resource_type": {
"$ref": "GlobalConfigType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_mtu_threshold": {
"default": 9000,
"description": "This value defines the upper threshold for the MTU value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. This value is also validated to be greater than or equal to physical_uplink_mtu in SwitchingGlobalConfig and logical_uplink_mtu in RoutingGlobalConfig.",
"readonly": false,
"required": false,
"title": "Upper threshold for MTU on physical and logical uplinks",
"type": "int"
}
},
"title": "NSX global configs for switching",
"type": "object"
}
SwitchingProfileDeleteParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "SwitchingProfileDeleteParameters",
"module_id": "BaseSwitchingProfile",
"properties": {
"unbind": {
"default": false,
"required": false,
"title": "force unbinding of logical switches and ports from a switching profile",
"type": "boolean"
}
},
"type": "object"
}
SwitchingProfileListParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SwitchingProfileListParameters",
"module_id": "BaseSwitchingProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"switching_profile_type": {
"required": false,
"title": "comma-separated list of switching profile types, e.g. ?switching_profile_type=QosSwitchingProfile,IpDiscoverySwitchingProfile",
"type": "string"
}
},
"title": "Switching profile list parameters",
"type": "object"
}
SwitchingProfileStatus (type) (Deprecated)
{
"deprecated": true,
"id": "SwitchingProfileStatus",
"module_id": "BaseSwitchingProfile",
"properties": {
"num_logical_ports": {
"readonly": true,
"required": true,
"title": "Number of logical ports using a switching profile",
"type": "integer"
},
"num_logical_switches": {
"readonly": true,
"title": "Number of logical switches using a switching profile",
"type": "integer"
},
"switching_profile_id": {
"title": "Identifier for the switching profile",
"type": "string"
}
},
"type": "object"
}
SwitchingProfileType (type) (Deprecated)
{
"deprecated": true,
"description": "Supported switching profiles. 'PortMirroringSwitchingProfile' is deprecated, please turn to \"Troubleshooting And Monitoring: Portmirroring\" and use PortMirroringSession API for port mirror function.",
"enum": [
"QosSwitchingProfile",
"PortMirroringSwitchingProfile",
"IpDiscoverySwitchingProfile",
"SpoofGuardSwitchingProfile",
"SwitchSecuritySwitchingProfile",
"MacManagementSwitchingProfile",
"RealTimeEthernetSwitchingProfile"
],
"id": "SwitchingProfileType",
"module_id": "BaseSwitchingProfile",
"title": "Supported switching profiles.",
"type": "string"
}
SwitchingProfileTypeIdEntry (type) (Deprecated)
{
"deprecated": true,
"id": "SwitchingProfileTypeIdEntry",
"module_id": "BaseSwitchingProfile",
"properties": {
"key": {
"$ref": "SwitchingProfileType
},
"value": {
"description": "key value",
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
SwitchingProfilesListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "SwitchingProfilesListResult",
"module_id": "BaseSwitchingProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BaseSwitchingProfile
},
"readonly": true,
"required": true,
"title": "Switching Profile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Switching Profile queries result",
"type": "object"
}
SwitchingToVmcModeParameters (type)
{
"additionalProperties": {},
"description": "Possible values of a mode in a \"/config/nsx_appliance_mode\" file",
"extends": {
"$ref": "NodeMode
},
"id": "SwitchingToVmcModeParameters",
"module_id": "ApplianceModes",
"properties": {
"auth_code": {
"$ref": "Oauth2Credentials,
"description": "Client's credentials.",
"title": "Auth Code"
},
"base_url": {
"description": "Protocol and domain name (or IP address) of a CSP server, like \"https://console-stg.cloud.vmware.com\".",
"title": "CSP base URL",
"type": "string"
},
"basic_auth_whitelist_ips": {
"description": "List of whitelist IPs for basic auth",
"items": {
"type": "string"
},
"title": "Whitelist IPs",
"type": "array"
},
"csp_access_token_uri": {
"description": "This CSP end-point exchanges one of the following grants - authorization_code, refresh_token, client_credentials or client_delegate for an access token.",
"title": "CSP endpoint that exchanges a grant for an access token",
"type": "string"
},
"csp_client_credential": {
"$ref": "Oauth2Credentials,
"description": "Client's credentials on CSP server",
"title": "CSP Client Credential"
},
"csp_client_incoming_credentials": {
"description": "List of incoming client IDs",
"items": {
"type": "string"
},
"title": "CSP client incoming credentials",
"type": "array"
},
"csp_logout_uri": {
"description": "This CSP end-point returns the identity provider's logout url. In order to logout, an explicit redirect to this url is needed.",
"title": "CSP endpoint that returns the identity provider's logout url",
"type": "string"
},
"csp_org_uri": {
"description": "Relative path on CSP server to the Org location. Can be \"/csp/gateway/am/api/orgs/\".",
"title": "Relative path to CSP Org",
"type": "string"
},
"csp_public_key_uri": {
"description": "CSP endpoint that returns a list of public keys in jwks format. These keys are used in an application to validate that the access-token is valid.",
"title": "CSP endpoint to get the list of public keys in JWKS format",
"type": "string"
},
"csp_time_drift": {
"description": "CSP time drift in milliseconds",
"title": "CSP time drift",
"type": "integer"
},
"csp_user_authorization_uri": {
"description": "This endpoint is used with browser redirection only. It discovers the user's Identity Provider (IdP) and sends the user to the IdP login page. It is the starting point of the OAuth 2.0 flow to authenticate end users from an application.",
"title": "CSP Discovery login entry point for OAuth 2.0 authorization",
"type": "string"
},
"csp_user_info_uri": {
"description": "This endpoint returns the content of the given access token if the token is valid. It also includes the group_ids and group_names if the client is registered with group_id, group_names scopes. It's usually /am/api/userinfo.",
"title": "CSP user info endpoint",
"type": "string"
},
"default_org_id": {
"description": "Org ID of a Client - commonly UUID.",
"title": "Org ID of a Client",
"type": "string"
},
"ea_org": {
"$ref": "OrgInfo,
"description": "Org ID and role of \"Site Reliability Engineer\"",
"title": "Org Info for \"Site Reliability Engineer\""
},
"gss_org": {
"$ref": "OrgInfo,
"description": "Org ID and role of \"Global Support Services\"",
"title": "Org Info for \"Global Support Services\""
},
"mode_change_only": {
"description": "When this parameter is set to true, only a change of the node mode happens without any update to the auth properties. When this param is not set to true i.e. set to false or not provided, mode change and update to the auth properties will both happen.",
"title": "Only change node mode",
"type": "boolean"
},
"mode_id": {
"description": "Possible enum values in a \"/config/nsx_appliance_mode\" file",
"enum": [
"ON_PREM",
"SERVICE",
"VMC",
"VMC_LOCAL"
],
"required": true,
"title": "Nsx node mode",
"type": "string"
},
"proxy_host": {
"$ref": "HostnameOrIPAddress,
"title": "IP/host of PoP (Point-of-Presence) HTTP proxy server"
},
"proxy_port": {
"maximum": 65535,
"minimum": 1,
"title": "Port of PoP (Point-of-Presence) Http proxy server",
"type": "integer"
},
"public_client_info": {
"$ref": "PublicClientInfo,
"description": "OAuth2 info for public clients",
"title": "OAuth2 info for public clients"
},
"resource_type": {
"default": "SwitchingToVmcModeParameters",
"enum": [
"SwitchingToVmcModeParameters"
],
"title": "Node Mode type",
"type": "string"
},
"saas_csp_client_credential": {
"$ref": "Oauth2Credentials,
"description": "Client's credentials on CSP server",
"title": "CSP Client Credential"
},
"saas_service_url": {
"description": "Protocol and domain name (or IP address) of a SAAS server, like \"https://stg.skyscraper.vmware.com\".",
"title": "SAAS service URL",
"type": "string"
},
"sddc_id": {
"description": "SDDC id",
"title": "SDDC id",
"type": "string"
},
"service_definition_id": {
"description": "Service definition id",
"title": "Service definition id",
"type": "string"
},
"sre_org": {
"$ref": "OrgInfo,
"description": "Org ID and role of \"Enterprise Admin\"",
"title": "Org Info for \"Enterprise Admin\""
}
},
"title": "Parameters required to switch to VMC nsx node mode",
"type": "object"
}
SwitchoverStatus (type)
{
"id": "SwitchoverStatus",
"module_id": "SiteManagerModule",
"properties": {
"current_step": {
"$ref": "ProgressItem,
"title": "Progress of each items"
},
"current_step_number": {
"required": true,
"title": "Current number",
"type": "integer"
},
"note": {
"required": true,
"title": "Special messages, most of the time this will be empty, i.e. If SM performing the operation went down, another SM will restart the progress.",
"type": "string"
},
"number_of_steps": {
"required": true,
"title": "Total number of steps",
"type": "integer"
},
"overall_status": {
"enum": [
"NOT_STARTED",
"RUNNING",
"ERROR",
"COMPLETE"
],
"required": true,
"title": "Status of the operation",
"type": "string"
}
},
"type": "object"
}
SwsecCounters (type)
{
"id": "SwsecCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"bpdu_filter_drops": {
"description": "Number of packets dropped by BPDU Filtering. When the BPDU Filter is enabled, traffic to the configured BPDU destination MAC addresses",
"readonly": true,
"required": false,
"type": "integer"
},
"dhcp_client_block_ipv4_drops": {
"description": "Number of IPv4 DHCP packets dropped by DHCP Client Block. DHCP Client Block prevents a VM from acquiring DHCP IP address by blocking DHCP requests",
"readonly": true,
"required": false,
"type": "integer"
},
"dhcp_client_block_ipv6_drops": {
"description": "Number of DHCPv6 packets dropped by DHCP Client Block. DHCP Client Block prevents a VM from acquiring DHCP IP address by blocking DHCP requests",
"readonly": true,
"required": false,
"type": "integer"
},
"dhcp_client_validate_ipv4_drops": {
"description": "Number of IPv4 DHCP packets dropped because addresses in the payload were not valid",
"readonly": true,
"required": false,
"type": "integer"
},
"dhcp_server_block_ipv4_drops": {
"description": "Number of IPv4 DHCP packets dropped by DHCP Server Block. DHCP Server Block blocks traffic from a DHCP Server to a DHCP Client",
"readonly": true,
"required": false,
"type": "integer"
},
"dhcp_server_block_ipv6_drops": {
"description": "Number of DHCPv6 packets dropped by DHCP Server Block. DHCP Server Block blocks traffic from a DHCP Server to a DHCP Client",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_parse_errors": {
"description": "Number of IPv 6 Router Advertisement packets dropped by RA Guard.",
"readonly": true,
"required": false,
"type": "integer"
},
"ra_guard_drops": {
"description": "Number of IPv6 Neighbor Discovery (ND) packets which were not correctly parsed",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_arp_pkts": {
"description": "Number of transmitted IPv6 packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_garp_pkts": {
"description": "Number of transmitted ARP packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv4_pkts": {
"description": "Number of received IPv4 packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv6_pkts": {
"description": "Number of received IPv6 packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_na_pkts": {
"description": "Number of IPv6 ND (Neighbor Discovery) NA (Neighbor Advertisement) packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_non_ip_pkts": {
"description": "Number of transmitted Gratuitous ARP (GARP) packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ns_pkts": {
"description": "Number of IPv6 ND (Neighbor Discovery) NS (Neighbor Solicitation) packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_rate_limit_bcast_drops": {
"description": "Number of ingress packets dropped by broadcast Rate Limiting",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_rate_limit_mcast_drops": {
"description": "Number of ingress packets dropped by multicast Rate Limiting",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_unsolicited_na_pkts": {
"description": "Number of IPv6 ND (Neighbor Discovery) NA (Neighbor Advertisement) packets which, were unsolicited",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_arp_drops": {
"description": "Number of IPv6 packets dropped by Spoof Guard. SpoofGuard protects against IP spoofing by maintaining a reference table of , VM names and IP addresses",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_ipv4_drops": {
"description": "Number of IPv4 packets dropped by Spoof Guard. SpoofGuard protects against IP spoofing by maintaining a reference table of , VM names and IP addresses",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_ipv6_drops": {
"description": "Number of IPv6 Neighbor Discovery (ND) packets dropped by Spoof Guard. SpoofGuard protects against ND Spoofing by filtering out ND packets whose addresses, do not match the VM's address",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_nd_drops": {
"description": "Number of ARP packets dropped by Spoof Guard. Spoof Guard protects against malicious ARP spoofing attacks by keeping track of , MAC and IP addresses",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_non_ip_drops": {
"description": "Number of Non-IP packets dropped by Spoof Guard",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_arp_pkts": {
"description": "Number of received ARP packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv4_pkts": {
"description": "Number of transmitted IPv4 packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv6_pkts": {
"description": "Number of received non-IP packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_non_ip_pkts": {
"description": "Number of transmitted non-IP packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_rate_limit_bcast_drops": {
"description": "Number of egress packets dropped by broadcast Rate Limiting",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_rate_limit_mcast_drops": {
"description": "Number of egress packets dropped by multicast Rate Limiting",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
SyslogConfiguration (type)
{
"additionalProperties": false,
"description": "Syslog server configuration parameters",
"id": "SyslogConfiguration",
"module_id": "FabricNode",
"properties": {
"log_level": {
"default": "INFO",
"description": "Log level that needs to be redirected.",
"enum": [
"EMERGENCY",
"ALERT",
"CRITICAL",
"ERROR",
"WARNING",
"NOTICE",
"INFO",
"DEBUG"
],
"required": false,
"title": "Log level to be redirected",
"type": "string"
},
"name": {
"Description": "Display name given to the syslog server.\n",
"deprecated": true,
"required": false,
"title": "Display name of the syslog server",
"type": "string"
},
"port": {
"$ref": "PortElement,
"default": "514",
"description": "Syslog server listening port.",
"required": false,
"title": "Syslog server port"
},
"protocol": {
"default": "UDP",
"description": "Supported Syslog protocol.",
"enum": [
"TCP",
"UDP",
"TLS",
"LI",
"LI_TLS"
],
"required": false,
"title": "Syslog protocol",
"type": "string"
},
"server": {
"description": "Syslog server Ip or fqdn.",
"required": true,
"title": "Server Ip or fqdn",
"type": "string"
}
},
"title": "Syslog server configuration",
"type": "object"
}
SyslogExporter (type)
{
"additionalProperties": false,
"description": "This object specifies what, where and how logs on NSX nodes are forwarded.",
"id": "SyslogExporter",
"module_id": "CentralConfig",
"properties": {
"max_log_level": {
"description": "Maximum logging level for messages to be exported.",
"enum": [
"EMERG",
"ALERT",
"CRIT",
"ERR",
"WARNING",
"NOTICE",
"INFO",
"DEBUG"
],
"required": true,
"title": "LogLevel",
"type": "string"
},
"port": {
"default": 514,
"description": "Server port on which syslog listener is listening.",
"maximum": 65535,
"minimum": 1,
"title": "Syslog port",
"type": "integer"
},
"protocol": {
"description": "Protocol to be used to export logs to syslog server.",
"enum": [
"TCP",
"UDP",
"LI"
],
"required": true,
"title": "Protocol",
"type": "string"
},
"server": {
"$ref": "HostnameOrIPAddress,
"description": "Syslog server IP address or hostname.",
"required": true,
"title": "Syslog server"
}
},
"title": "Syslog exporter properties",
"type": "object"
}
SyslogFacility (type)
{
"enum": [
"KERN",
"USER",
"MAIL",
"DAEMON",
"AUTH",
"SYSLOG",
"LPR",
"NEWS",
"UUCP",
"AUTHPRIV",
"FTP",
"LOGALERT",
"CRON",
"LOCAL0",
"LOCAL1",
"LOCAL2",
"LOCAL3",
"LOCAL4",
"LOCAL5",
"LOCAL6",
"LOCAL7"
],
"id": "SyslogFacility",
"title": "Syslog facility",
"type": "string"
}
SyslogProperties (type)
{
"additionalProperties": false,
"description": "This object contains list of syslog exporters used by NSX nodes.",
"id": "SyslogProperties",
"module_id": "CentralConfig",
"properties": {
"exporters": {
"description": "List of syslog exporters.",
"items": {
"$ref": "SyslogExporter
},
"required": true,
"title": "Syslog exporters",
"type": "array"
}
},
"title": "Syslog service properties",
"type": "object"
}
SystemHealthAgentProfile (type)
{
"additionalProperties": false,
"description": "Describes a profile to define a kind of system health agent.",
"extends": {
"$ref": "ManagedResource
},
"id": "SystemHealthAgentProfile",
"module_id": "SystemHealthAgent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_ua": {
"description": "The on-off switch of System Health Plugin on UA cluster nodes.",
"required": false,
"title": "Plugin Enablement Flag on UA cluster nodes",
"type": "boolean"
},
"config": {
"description": "The config content of System Health Agent",
"required": true,
"title": "Profile Content",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Agent",
"title": "Profile Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "Flag to indicate this is a default profile or not.",
"readonly": true,
"required": false,
"title": "Flag to indicate this is a default profile or not",
"type": "boolean"
},
"plugin_id": {
"description": "The id of System Health Agent plugin",
"required": true,
"title": "Plugin id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "SystemHealthAgentType,
"description": "The type of System Health Agent. The System Health Agent plugin associated with given plugin id has already defined the profile type. So the backend can obtain the type by the plugin definition directly. Mark this field as optional. If need to check the type value by given plugin id, please call /systemhealth/plugins/<plugin-id>.",
"required": false,
"title": "Profile Type"
}
},
"title": "System Health Agent Profile Entity",
"type": "object"
}
SystemHealthAgentProfileListResult (type)
{
"description": "The list result for query of system health profile entity.",
"extends": {
"$ref": "ListResult
},
"id": "SystemHealthAgentProfileListResult",
"module_id": "SystemHealthAgent",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SystemHealthAgentProfile
},
"readonly": true,
"required": false,
"title": "System Health Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of System Health Profiles",
"type": "object"
}
SystemHealthAgentType (type)
{
"additionalProperties": false,
"enum": [
"COMPUTE",
"STORAGE",
"NETWORK",
"HYPERBUS",
"NCP",
"NODEAGENT",
"VSAN",
"TNAGENT",
"UPLINK",
"MONITOR_STYLE"
],
"id": "SystemHealthAgentType",
"module_id": "SystemHealthAgent",
"type": "string"
}
SystemHealthPluginProfile (type)
{
"additionalProperties": false,
"description": "Describes a profile to define a kind of system health plugin.",
"extends": {
"$ref": "ManagedResource
},
"id": "SystemHealthPluginProfile",
"module_id": "SystemHealthPlugin",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"config": {
"$ref": "SHAPredefinedPluginProfileData,
"description": "Display the default config of pre defined plugin. The config can be changed by API /systemhealth/profiles. To see the effective status on given node, use the status API per node /systemhealth/plugins/status/<node-id>.",
"readonly": true,
"title": "The pre defind plugin profile"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Display the default on-off switch of pre defined plugin. The config can be changed by API /systemhealth/profiles. To see the effective status on given node, use the status API per node /systemhealth/plugins/status/<node-id>.",
"readonly": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"node_types": {
"description": "Display the running node types of pre-defined plugin. The config can be changed by API /systemhealth/profiles. To see the effective status on given node, use the status API per node /systemhealth/plugins/status/<node-id>.",
"items": {
"$ref": "NsxNodeType
},
"readonly": true,
"title": "The supported node types",
"type": "array"
},
"publisher": {
"description": "The publisher of System Health Agent plugin",
"title": "Plugin publisher",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "SystemHealthAgentType,
"default": "NETWORK",
"description": "The type of System Health Agent plugin",
"title": "Plugin Type"
}
},
"title": "System Health Plugin Profile",
"type": "object"
}
SystemHealthPluginProfileList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SystemHealthPluginProfileList",
"module_id": "SystemHealthPlugin",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"required": true,
"title": "Total plugin count",
"type": "integer"
},
"results": {
"items": {
"$ref": "SystemHealthPluginProfile
},
"title": "System Health plugin list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
SystemHostname (type)
{
"id": "SystemHostname",
"maxLength": 255,
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$",
"title": "System host name",
"type": "string"
}
SystemVMListRequestParameter (type)
{
"description": "System VMs list request parameter",
"extends": {
"$ref": "ListRequestParameters
},
"id": "SystemVMListRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"query": {
"description": "Search query",
"required": false,
"title": "Search query",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SystemVMListRequestParameter",
"type": "object"
}
Tag (type)
{
"id": "Tag",
"module_id": "Common",
"properties": {
"scope": {
"default": "",
"description": "Tag searches may optionally be restricted by scope",
"display": {
"order": 1
},
"maxLength": 128,
"readonly": false,
"title": "Tag scope",
"type": "string"
},
"tag": {
"default": "",
"description": "Identifier meaningful to user with maximum length of 256 characters",
"display": {
"order": 2
},
"readonly": false,
"title": "Tag value",
"type": "string"
}
},
"title": "Arbitrary key-value pairs that may be attached to an entity",
"type": "object"
}
TagBulkOperation (type)
{
"additionalProperties": false,
"description": "Tag and resource information on which tag to be applied or removed.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TagBulkOperation",
"module_id": "PolicyTag",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"apply_to": {
"description": "List of resources on which tag needs to be applied.",
"items": {
"$ref": "ResourceInfo
},
"title": "List of resources on which tag needs to be applied",
"type": "array"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"remove_from": {
"description": "List of resources from which tag needs to be removed.",
"items": {
"$ref": "ResourceInfo
},
"title": "List of resources from which tag needs to be removed",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tag": {
"$ref": "Tag,
"required": true,
"title": "Tag"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Payload to update the tag on specified objects",
"type": "object"
}
TagBulkOperationStatus (type)
{
"additionalProperties": false,
"description": "Status of tag bulk operation.",
"id": "TagBulkOperationStatus",
"module_id": "PolicyTag",
"properties": {
"apply_to": {
"description": "Tag apply operation status per resource type.",
"items": {
"$ref": "ResourceTypeTagStatus
},
"title": "Tag apply operation status per resource type",
"type": "array"
},
"path": {
"required": true,
"title": "Intent path corresponding to tag operation",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"remove_from": {
"description": "Tag remove operation status per resource type.",
"items": {
"$ref": "ResourceTypeTagStatus
},
"title": "Tag remove operation status per resource type",
"type": "array"
},
"status": {
"enum": [
"Success",
"Running",
"Error",
"Pending"
],
"required": true,
"title": "Overall status",
"type": "string"
},
"tag": {
"$ref": "Tag,
"required": true,
"title": "Tag"
}
},
"title": "Status of tag bulk operation",
"type": "object"
}
TagInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Tag
},
"id": "TagInfo",
"module_id": "PolicyTag",
"properties": {
"scope": {
"default": "",
"description": "Tag searches may optionally be restricted by scope",
"display": {
"order": 1
},
"maxLength": 128,
"readonly": false,
"title": "Tag scope",
"type": "string"
},
"tag": {
"default": "",
"description": "Identifier meaningful to user with maximum length of 256 characters",
"display": {
"order": 2
},
"readonly": false,
"title": "Tag value",
"type": "string"
},
"tagged_objects_count": {
"readonly": true,
"required": false,
"title": "Number of objects with assigned with matching scope and tag values",
"type": "int"
}
},
"title": "Information about arbitrary key-value pairs that may be attached to an entity",
"type": "object"
}
TagInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "TagInfoListRequestParameters",
"module_id": "PolicyTag",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope": {
"required": false,
"title": "Tag scope",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"enum": [
"Amazon",
"Azure",
"NSX",
"ANY"
],
"required": false,
"title": "Source from which tags are synced.",
"type": "string"
},
"tag": {
"required": false,
"title": "Tag value",
"type": "string"
}
},
"title": "TagInfo list request parameters",
"type": "object"
}
TagInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TagInfoListResult",
"module_id": "PolicyTag",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TagInfo
},
"required": true,
"title": "Tag info list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Tags",
"type": "object"
}
TaggedObjectsListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "TaggedObjectsListRequestParameters",
"module_id": "PolicyTag",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"filter_by": {
"description": "Comma-separated list of field names used to filter tagged objects. Supported field names are resource_type, display_name and external_id.",
"required": false,
"title": "Comma-separated list of field names to filter tagged objects.",
"type": "string"
},
"filter_text": {
"required": false,
"title": "Filter text to restrict tagged objects list with matching filter text.",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"scope": {
"required": false,
"title": "Tag scope",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"tag": {
"required": false,
"title": "Tag value",
"type": "string"
}
},
"title": "TagInfo list request parameters",
"type": "object"
}
TargetResourceStatus (type)
{
"description": "Holds status of target resource in firewall context.",
"id": "TargetResourceStatus",
"module_id": "FirewallStatus",
"properties": {
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_status": {
"$ref": "FirewallStatusType,
"description": "Firewall status on a target logical resource.",
"readonly": false,
"required": true,
"title": "Firewall Status Type"
}
},
"type": "object"
}
TaskListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TaskListResult",
"module_id": "Tasks",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TaskProperties
},
"required": true,
"title": "Task property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Task query results",
"type": "object"
}
TaskProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "TaskProperties",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Task properties",
"type": "object"
}
TaskQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "TaskQueryParameters",
"module_id": "Tasks",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"request_uri": {
"description": "Comma-separated request URIs to include in query result",
"title": "Request URI(s) to include in query result",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"status": {
"description": "Comma-separated status values to include in query result",
"title": "Status(es) to include in query result",
"type": "string"
},
"user": {
"description": "Comma-separated user names to include in query result",
"title": "Names of users to include in query result",
"type": "string"
}
},
"type": "object"
}
TaskStatus (type)
{
"enum": [
"running",
"error",
"success",
"canceling",
"canceled",
"killed"
],
"id": "TaskStatus",
"module_id": "Common",
"title": "Current status of the task",
"type": "string"
}
TcpHeader (type)
{
"additionalProperties": false,
"id": "TcpHeader",
"module_id": "Traceflow",
"properties": {
"dst_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port of tcp header",
"type": "integer"
},
"src_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port of tcp header",
"type": "integer"
},
"tcp_flags": {
"maximum": 511,
"minimum": 0,
"required": false,
"title": "TCP flags (9bits)",
"type": "integer"
}
},
"type": "object"
}
TcpMaximumSegmentSizeClamping (type)
{
"additionalProperties": false,
"description": "TCP MSS Clamping Direction and Value.",
"id": "TcpMaximumSegmentSizeClamping",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"direction": {
"default": "NONE",
"description": "Specifies the traffic direction for which to apply MSS Clamping.",
"enum": [
"NONE",
"INBOUND_CONNECTION",
"OUTBOUND_CONNECTION",
"BOTH"
],
"required": false,
"title": "Maximum Segment Size Clamping Direction",
"type": "string"
},
"max_segment_size": {
"description": "MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 216 to 8960.",
"maximum": 8902,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size Value",
"type": "integer"
}
},
"title": "TCP MSS Clamping",
"type": "object"
}
TcpMssClamping (type)
{
"additionalProperties": false,
"description": "Tcp Mss Clamping Direction and value",
"id": "TcpMssClamping",
"module_id": "IPSecVPN",
"properties": {
"direction": {
"default": "NONE",
"description": "Specifies the traffic direction for which to apply MSS Clamping.",
"enum": [
"NONE",
"INBOUND_CONNECTION",
"OUTBOUND_CONNECTION",
"BOTH"
],
"required": false,
"title": "MSS Clamping direction",
"type": "string"
},
"max_segment_size": {
"description": "It defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8902.",
"maximum": 8902,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size value",
"type": "integer"
}
},
"title": "Tcp Mss Clamping Object",
"type": "object"
}
TeamingPolicy (type) (Deprecated)
{
"deprecated": true,
"id": "TeamingPolicy",
"module_id": "UplinkHostSwitchProfile",
"properties": {
"active_list": {
"items": {
"$ref": "Uplink
},
"required": true,
"title": "List of Uplinks used in active list",
"type": "array"
},
"policy": {
"enum": [
"FAILOVER_ORDER",
"LOADBALANCE_SRCID",
"LOADBALANCE_SRC_MAC"
],
"required": true,
"title": "Teaming policy",
"type": "string"
},
"rolling_order": {
"required": false,
"title": "Flag for preemptive mode",
"type": "boolean"
},
"standby_list": {
"items": {
"$ref": "Uplink
},
"required": false,
"title": "List of Uplinks used in standby list",
"type": "array"
}
},
"title": "Uplink Teaming Policy",
"type": "object"
}
TelemetryAgreement (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "TelemetryAgreement",
"module_id": "TelemetryConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"telemetry_agreement_displayed": {
"description": "Determine if telemetry agreement has been displayed. If false, the agreement text will be displayed at login time.",
"required": true,
"title": "Flag to indicate if telemetry agreement has been displayed",
"type": "boolean"
}
},
"type": "object"
}
TelemetryConfig (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "TelemetryConfig",
"module_id": "TelemetryConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"ceip_acceptance": {
"description": "Enable this flag to participate in the Customer Experience Improvement Program.",
"required": true,
"title": "Flag to indicate if CEIP has been accepted",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"proxy_enabled": {
"description": "Enable this flag to specify a proxy, and provide the proxy settings.",
"required": false,
"title": "Flag to indicate if proxy has been configured",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"schedule_enabled": {
"description": "Enable this to schedule data collection and upload times. If enabled, and a schedule is not provided, a default schedule (WEEKLY, Sunday at 2:00 a.m) will be applied.",
"required": true,
"title": "Flag to indicate if data collection is enabled",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"telemetry_deployment_id": {
"description": "Deployment id generated during initialization of telemetry config.",
"readonly": true,
"required": false,
"title": "Deployment id associated with telemetry data",
"type": "string"
},
"telemetry_proxy": {
"$ref": "TelemetryProxy,
"description": "Specify the proxy configuration (scheme, server, port) here.",
"required": false,
"title": "Set config for proxy to be used to send out telemetry data"
},
"telemetry_schedule": {
"$ref": "TelemetrySchedule,
"description": "Specify one of Daily, Weekly or Monthly schedules.",
"required": false,
"title": "Set schedule for when telemetry data should be collected"
}
},
"type": "object"
}
TelemetryProxy (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "TelemetryProxy",
"module_id": "TelemetryConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Certificate ID with a valid certificate, procured from trust-management API. If the scheme property is set to HTTPS, certificate_id is verified if specified.",
"required": false,
"title": "Valid certificate ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"hostname": {
"description": "Specify the fully qualified domain name, or ip address, of the proxy server.",
"format": "hostname-or-ip",
"required": true,
"title": "FQDN or IP address of the proxy server",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"password": {
"description": "Specify the password used to authenticate with the proxy server, if required. A GET call on /telemetry/config returns a non-meaningful password to maintain security. To change the password to a new value, issue a PUT call after updating this field. To remove the password, issue a PUT call after emptying this field. To retain a previously set password, issue a PUT call keeping the non-meaningful value obtained from the GET call.",
"required": false,
"sensitive": true,
"title": "Password",
"type": "secure_string"
},
"port": {
"description": "Specify the port of the proxy server.",
"required": true,
"title": "Configured port for proxy",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scheme": {
"description": "The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.",
"enum": [
"HTTP",
"HTTPS"
],
"required": true,
"title": "The scheme accepted by the proxy server",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"test_connection_url": {
"default": "https://www.vmware.com",
"description": "Specify a url for connection testing when adding proxy config. https://www.vmware.com is used by default if not specified.",
"required": false,
"title": "Test connection url",
"type": "string"
},
"username": {
"description": "Specify the user name used to authenticate with the proxy server, if required.",
"required": false,
"title": "User name",
"type": "string"
}
},
"type": "object"
}
TelemetrySchedule (type)
{
"abstract": true,
"id": "TelemetrySchedule",
"module_id": "TelemetryConfig",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "frequency_type"
},
"properties": {
"frequency_type": {
"description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.",
"required": true,
"title": "Frequency at which data will be collected",
"type": "string"
}
},
"title": "Abstract base type for telemetry schedule configuration",
"type": "object"
}
TenancyContextQueryParameter (type)
{
"description": "The following are the valid values for this query parameter \u2013 - ALL_PROJECTS: The response returned would contain entries corresponding to ALL (i.e. custom and default) projects in the org.",
"enum": [
"ALL_PROJECTS"
],
"id": "TenancyContextQueryParameter",
"module_id": "PolicyIDSMetrics",
"required": false,
"title": "Tenancy Context of the API request",
"type": "string"
}
TepGroupConfig (type)
{
"additionalProperties": false,
"id": "TepGroupConfig",
"module_id": "Policy",
"properties": {
"enable_tep_grouping_on_edge": {
"default": false,
"description": "Indicates if the TEP Grouping is enabled on an Edge TransportNode. Set enable_tep_grouping_on_edge to true to enable flow-based load balancing for overlay traffic in a multi TEP Edge deployment. This feature does not support EVPN, Multicast Routing, Federation and IPv6 TEP functionalities. Do not enable this feature if these functionalities are already configured in your environment. If this feature is enabled and is planned to use the above mentioned unsupported functionalities, please disable the feature first.",
"required": false,
"title": "Enable or disable TEP Grouping on Edge TransportNode.",
"type": "boolean"
}
},
"title": "VTEP Group Configurations",
"type": "object"
}
ThreatStatus (type)
{
"additionalProperties": false,
"id": "ThreatStatus",
"module_id": "Heatmap",
"properties": {
"status": {
"enum": [
"NORMAL",
"ABNORMAL"
],
"title": "Transport node threat status",
"type": "string"
}
},
"type": "object"
}
Tier0 (type)
{
"additionalProperties": false,
"description": "Tier-0 configuration for external connectivity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildCommunityList",
"ChildEvpnConfig",
"ChildIPSecVpnService",
"ChildL2VPNService",
"ChildLocaleServices",
"ChildPolicyDnsForwarder",
"ChildPolicyInterVrfRoutingConfig",
"ChildPrefixList",
"ChildStaticRoutes",
"ChildTier0RouteMap",
"ChildTier0SecurityFeatures"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "Tier0AdvancedConfig,
"description": "NSX specific configuration for tier-0",
"required": false,
"title": "Advanced configuration for tier-0"
},
"arp_limit": {
"description": "Maximum number of ARP entries per transport node.",
"maximum": 50000,
"minimum": 5000,
"required": false,
"title": "ARP limit per transport node",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_rule_logging": {
"default": false,
"deprecated": true,
"description": "Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field.",
"required": false,
"title": "Enable logging for whitelisted rule",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_paths": {
"description": "DHCP configuration for Segments connected to Tier-0. DHCP service is configured in relay mode.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "DHCP configuration for Segments connected to Tier-0",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Tier0"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"disable_firewall": {
"default": false,
"description": "Disable or enable gateway fiewall.",
"required": false,
"title": "Disable gateway firewall",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rd_per_edge": {
"description": "This field is enable that each edge node has a distinct route distinguisher per edge node.",
"nsx_feature": "RdPerSr",
"required": false,
"title": "Flag to enable route distinguisher per edge node",
"type": "boolean"
},
"failover_mode": {
"default": "NON_PREEMPTIVE",
"description": "Determines the behavior when a Tier-0 instance in ACTIVE-STANDBY high-availability mode restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property is not used when the ha_mode property is set to ACTIVE_ACTIVE. Only applicable when edge cluster is configured in Tier0 locale-service.",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode",
"type": "string"
},
"federation_config": {
"$ref": "FederationGatewayConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "This field is deprecated and recommended to change Rule action field. Note that this field is not synchronized with default rule field.",
"required": false,
"title": "Flag to add whitelisting FW rule during realization",
"type": "boolean"
},
"ha_mode": {
"default": "ACTIVE_ACTIVE",
"description": "Specify high-availability mode for Tier-0. Default is ACTIVE_ACTIVE. When ha_mode is changed from ACTIVE_ACTIVE to ACTIVE_STANDBY, inter SR iBGP (in BGP) is disabled. Changing ha_mode from ACTIVE_STANDBY to ACTIVE_ACTIVE will enable inter SR iBGP (in BGP) and previously configured preferred edge nodes (in Tier0 locale-service) are removed.",
"enum": [
"ACTIVE_ACTIVE",
"ACTIVE_STANDBY"
],
"required": false,
"title": "High-availability Mode for Tier-0",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_transit_subnets": {
"description": "Specify subnets that are used to assign addresses to logical links connecting service routers and distributed routers. Only IPv4 addresses are supported. When not specified, subnet 169.254.0.0/24 is assigned by default in ACTIVE_ACTIVE HA mode or 169.254.0.0/28 in ACTIVE_STANDBY mode.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Internal transit subnets in CIDR format",
"type": "array"
},
"intersite_config": {
"$ref": "IntersiteGatewayConfig,
"description": "Inter site routing configuration when the gateway is streched.",
"required": false,
"title": "Inter site routing configuration"
},
"ipv6_profile_paths": {
"description": "IPv6 NDRA and DAD profiles configuration on Tier0. Either or both NDRA and/or DAD profiles can be configured.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA and DAD profiles configuration",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "IPV6_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
},
{
"leftType": [
"Tier0"
],
"relationshipType": "IPV6_DAD_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6DadProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multi_vrf_inter_sr_routing": {
"description": "Flag to enable/disable multi_vrf_inter_sr_routing. Warning: This is one time toggle flag and can't be disabled once enabled.",
"nsx_feature": "FedVrf",
"required": false,
"title": "multi vrf inter sr routing",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"rd_admin_field": {
"$ref": "IPAddress,
"description": "If you are using EVPN service, then route distinguisher administrator address should be defined if you need auto generation of route distinguisher on your VRF configuration.",
"required": false,
"title": "Route distinguisher administrator address"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"stateful_services": {
"$ref": "Tier0StatefulServicesConfig,
"description": "For ACTIVE-ACTIVE, this is used to enable/disable stateful services.",
"required": false,
"title": "Enable/disable stateful services"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transit_subnets": {
"description": "Specify transit subnets that are used to assign addresses to logical links connecting tier-0 and tier-1s. Both IPv4 and IPv6 addresses are supported. When not specified, subnet 100.64.0.0/16 is configured by default. When modifying, for stateful active-active Tier-0 number of IPs should be at least attached Tier-1s count * 16 and for other type of Tier-0 number of IPs should be at least attached Tier-1s count * 2. Modification not allowed if there are child tier-0 VRFs and there are any Tier-1s connected to those VRFs. The value in VRF tier-0 is always inherited from the parent.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"required": false,
"title": "Transit subnets in CIDR format",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vrf_config": {
"$ref": "Tier0VrfConfig,
"description": "VRF config, required for VRF Tier0.",
"required": false,
"title": "VRF config"
},
"vrf_transit_subnets": {
"description": "Specify subnets that are used to assign addresses to logical links connecting default T0 and child VRFs. When not specified, subnet 169.254.2.0/23 is assigned by default.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "VRF transit subnets in CIDR format",
"type": "array"
}
},
"title": "Tier-0 configuration",
"type": "object"
}
Tier0AdvancedConfig (type)
{
"additionalProperties": false,
"description": "NSX specific configuration for tier-0",
"extends": {
"$ref": "ConnectivityAdvancedConfig
},
"id": "Tier0AdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
},
"forwarding_up_timer": {
"default": 5,
"description": "Extra time in seconds the router must wait before sending the UP notification after the peer routing session is established. Default means forward immediately. VRF logical router will set it same as parent logical router.The functionality of this timer is to ensure that a given node when coming up does not claim as active until it has learned the northbound routes. This minimizes any impact on traffic. 5 seconds is a smarter default as it allows to learn a few thousand routes (which should cover a lot of customers). Customers that have larger scale of course today would have to set it to higher value. Exception for the this default setting is single node case, i.e; no redundancy (which is anyway not recommended,not sure if anyone deploys like that). For single node case, it should be set to 0.",
"maximum": 300,
"minimum": 0,
"required": false,
"title": "Forwarding up timer",
"type": "integer"
}
},
"title": "Advanced configuration for tier-0",
"type": "object"
}
Tier0DeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of Tier-0 to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point": {
"description": "Path of enforcement point on which Tier-0 shall be deployed.",
"required": true,
"title": "Absolute Path of Enforcement Point",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-0 Deployment Map",
"type": "object"
}
Tier0DeploymentMapListRequestParameters (type)
{
"additionalProperties": false,
"description": "Tier Deployment Map list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0DeploymentMapListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier0 Deployment Map List Request Parameters",
"type": "object"
}
Tier0DeploymentMapListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Tier-0 Deployment Map.",
"extends": {
"$ref": "ListResult
},
"id": "Tier0DeploymentMapListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Tier-0 Deployment Maps.",
"items": {
"$ref": "Tier0DeploymentMap
},
"required": true,
"title": "Tier-0 Deployment Maps",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Tier-0 Deployment Map",
"type": "object"
}
Tier0GatewayState (type)
{
"additionalProperties": false,
"id": "Tier0GatewayState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"auto_rds": {
"$ref": "AutoRds,
"description": "Object that holds auto assigned route distingushers for this gateway.",
"title": "Auto assigned Route Distingushers"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"evpn_rd_per_edge_mappings": {
"$ref": "RdPerEdgeMapping,
"description": "Object that holds route distingushers for this gateway.",
"title": "Route Distingusher per edge node"
},
"ipv6_status": {
"description": "IPv6 DAD status for interfaces configured on Tier0",
"items": {
"$ref": "IPv6Status
},
"title": "IPv6 DAD status for Tier0 interfaces",
"type": "array"
},
"tier0_state": {
"$ref": "LogicalRouterState,
"description": "Detailed realized state information for Tier0",
"title": "Tier0 state"
},
"tier0_status": {
"$ref": "LogicalRouterStatus,
"description": "Detailed realized status information for Tier0",
"title": "Tier0 status"
},
"transport_zone": {
"$ref": "PolicyTransportZone,
"description": "Transport Zone information which got configured on Gateway.",
"title": "Transport Zone Information"
}
},
"title": "Tier0 gateway state",
"type": "object"
}
Tier0HaVipConfig (type)
{
"additionalProperties": false,
"id": "Tier0HaVipConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this HA VIP config.",
"type": "boolean"
},
"external_interface_paths": {
"description": "Policy paths to Tier0 external interfaces which are to be paired to provide redundancy. Floating IP will be owned by one of these interfaces depending upon which edge node is Active.",
"items": {
"type": "string"
},
"minItems": 2,
"required": true,
"title": "Policy paths to Tier0 external interfaces for providing redundancy",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LocaleServices"
],
"relationshipType": "PROVIDER_HA_VIP_INTERFACE_RELATIONSHIP",
"rightType": [
"Tier0Interface"
]
}
]
},
"vip_subnets": {
"description": "Array of IP address subnets which will be used as floating IP addresses.",
"items": {
"$ref": "InterfaceSubnet
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "VIP floating IP address subnets",
"type": "array"
}
},
"title": "Tier0 HA VIP Config",
"type": "object"
}
Tier0Interface (type)
{
"additionalProperties": false,
"description": "Tier-0 interface configuration for external connectivity.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "Tier0Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_vlan_id": {
"$ref": "VlanID,
"description": "Vlan id.",
"required": false,
"title": "Vlan id"
},
"admin_state": {
"description": "This flag is used to enable/disable admin state on tier-0 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration. This flag should not be set to UP or DOWN if EVPN is configured, and tier-0 LR is in A/S mode. Also this flag can not be set to UP or DOWN for service interfaces which are configured on vrf-lite.",
"enum": [
"UP",
"DOWN"
],
"experimental": true,
"required": false,
"title": "Flag to enable/disable admin_state of tier-0 service port",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_member_index": {
"deprecated": true,
"description": "Specify association of interface with edge cluster member. This property is deprecated, use edge_path instead. When both properties are specifed, only edge_path property is used.",
"minimum": 0,
"required": false,
"title": "Association of interface with edge cluster member",
"type": "int"
},
"edge_path": {
"description": "Policy path to edge node to handle external connectivity. Required when interface type is EXTERNAL. Edge path is required for service interface when tier0 is in ACTIVE_ACTIVE ha_mode. Edge path is required for VRF service interface when parent tier0 is in ACTIVE_ACTIVE ha_mode.",
"required": false,
"title": "Policy path to edge node",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"igmp_local_join_groups": {
"description": "IGMP local join groups configuration.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "IGMP local join groups configuration",
"type": "array"
},
"ipv6_profile_paths": {
"description": "Configuration IPv6 NDRA profile. Only one NDRA profile can be configured.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA profile configuration",
"type": "array"
},
"ls_id": {
"deprecated": true,
"description": "Specify logical switch to which tier-0 interface is connected for external access. This property is deprecated, use segment_path instead. Both properties cannot be used together.",
"required": false,
"title": "Logical switch id to attach tier-0 interface",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.",
"minimum": 64,
"required": false,
"title": "MTU size",
"type": "int"
},
"multicast": {
"$ref": "Tier0InterfacePimConfig,
"description": "Multicast PIM configuration.",
"required": false,
"title": "Multicast PIM configuration"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"ospf": {
"$ref": "PolicyInterfaceOspfConfig,
"description": "OSPF configuration.",
"required": false,
"title": "OSPF configuration"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"proxy_arp_filters": {
"description": "Array of prefix lists used to specify filtering for ARP proxy. Prefixes in this array are used to configure ARP proxy entries on Tier-0 gateway (for uplinks).",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "List of proxy Address Resolution Protocol Filters",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_path": {
"description": "Specify Segment to which this interface is connected to. Either segment_path or ls_id property is required.",
"required": false,
"title": "Segment to attach tier-0 interface",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "INTERFACE_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"default": "EXTERNAL",
"description": "Interface type",
"enum": [
"EXTERNAL",
"SERVICE",
"LOOPBACK",
"INTERVRF"
],
"required": false,
"title": "Interface type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Tier-0 interface configuration",
"type": "object"
}
Tier0InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Tier0 Interface group for interface grouping.",
"extends": {
"$ref": "BaseInterfaceGroup
},
"id": "Tier0InterfaceGroup",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of interface reference. Interface must belong to same location.",
"items": {
"$ref": "GatewayInterfaceReference
},
"required": false,
"title": "Tier0/Tier1 interface memeber list",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier0 Interface group",
"type": "object"
}
Tier0InterfaceGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0InterfaceGroupListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-0 Interface group list request parameters",
"type": "object"
}
Tier0InterfaceGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0InterfaceGroupListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0InterfaceGroup
},
"required": true,
"title": "Tier-0 Interface group list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-0 Interface groups",
"type": "object"
}
Tier0InterfaceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0InterfaceListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-0 Interface list request parameters",
"type": "object"
}
Tier0InterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0InterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0Interface
},
"required": true,
"title": "Tier-0 Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-0 Interfaces",
"type": "object"
}
Tier0InterfacePimConfig (type)
{
"additionalProperties": false,
"description": "Multicast PIM configuration.",
"id": "Tier0InterfacePimConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "enable/disable PIM configuration.",
"title": "enable/disable PIM configuration",
"type": "boolean"
},
"hello_interval": {
"default": 30,
"description": "PIM hello interval(seconds) at interface level.",
"maximum": 180,
"minimum": 1,
"required": false,
"title": "PIM hello interval at interface level",
"type": "int"
},
"hold_interval": {
"description": "PIM hold interval(seconds) at interface level.",
"maximum": 630,
"minimum": 1,
"required": false,
"title": "PIM hold interval at interface level",
"type": "int"
}
},
"title": "Multicast PIM configuration",
"type": "object"
}
Tier0ListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0ListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-0 list request parameters",
"type": "object"
}
Tier0ListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0ListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0
},
"required": true,
"title": "Tier-0 list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-0s",
"type": "object"
}
Tier0NumberOfRoutesRequestParameters (type)
{
"additionalProperties": false,
"id": "Tier0NumberOfRoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point.",
"required": true,
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"include_child_vrf": {
"desciption": "Count all the child VRF routes along with the Tier0 routes.\n",
"required": false,
"title": "Count all the child VRF routes or not.",
"type": "boolean"
}
},
"title": "Tier0 Number Of Routes Request Parameters",
"type": "object"
}
Tier0NumberOfRoutesResult (type)
{
"id": "Tier0NumberOfRoutesResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"number_of_ipv4": {
"description": "Number of IPV4 Routes",
"title": "Number of IPV4 Routes",
"type": "integer"
},
"number_of_ipv6": {
"description": "Number of IPV6 Routes",
"title": "Number of IPV6 Routes",
"type": "integer"
}
},
"title": "Tier 0 Number Of Routes Request Result",
"type": "object"
}
Tier0RouteMap (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0RouteMap",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entries": {
"description": "Ordered list of route map entries.",
"items": {
"$ref": "RouteMapEntry
},
"maxItems": 1000,
"minItems": 1,
"required": true,
"title": "Ordered list of route map entries",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "RouteMap for redistributing routes to BGP and other routing protocols",
"type": "object"
}
Tier0RouteMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0RouteMapListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0RouteMap
},
"required": true,
"title": "Tier0RouteMap results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of RouteMaps",
"type": "object"
}
Tier0RouteRedistributionConfig (type)
{
"additionalProperties": false,
"id": "Tier0RouteRedistributionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bgp_enabled": {
"default": true,
"required": false,
"title": "Flag to enable route redistribution for BGP.",
"type": "boolean"
},
"ospf_enabled": {
"default": false,
"required": false,
"title": "Flag to enable route redistribution for OSPF.",
"type": "boolean"
},
"redistribution_rules": {
"default": [],
"description": "List of redistribution rules.",
"items": {
"$ref": "Tier0RouteRedistributionRule
},
"maxItems": 5,
"minItems": 0,
"required": false,
"type": "array"
}
},
"title": "Route Redistribution config",
"type": "object"
}
Tier0RouteRedistributionRule (type)
{
"additionalProperties": false,
"id": "Tier0RouteRedistributionRule",
"module_id": "PolicyConnectivity",
"properties": {
"destinations": {
"description": "Each rule can have more than one destinations. If destinations not specified for a given rule, default destionation will be BGP",
"items": {
"default": "BGP",
"enum": [
"BGP",
"OSPF"
],
"type": "string"
},
"required": false,
"title": "List of destination for a given redistribution rule",
"type": "array"
},
"name": {
"required": false,
"title": "Rule name",
"type": "string"
},
"route_map_path": {
"description": "Route map to be associated with the redistribution rule",
"required": false,
"type": "string"
},
"route_redistribution_types": {
"items": {
"$ref": "Tier0RouteRedistributionTypes
},
"required": true,
"title": "List of redistribution types",
"type": "array"
}
},
"title": "Single route redistribution rule",
"type": "object"
}
Tier0RouteRedistributionTypes (type)
{
"additionalProperties": false,
"description": "Tier-0 route redistribution types. TIER0_STATIC: Redistribute user added static routes. TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and routes related to TIER0_SEGMENT, TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types. TIER1_STATIC: Redistribute all subnets and static routes advertised by Tier-1s. TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets on Tier-0. TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets on Tier-0. TIER0_SEGMENT: Redistribute subnets configured on Segments connected to Tier-0. TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0 TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets. TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets. TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets. TIER0_NAT: Redistribute NAT IPs owned by Tier-0. TIER0_EVPN_TEP_IP: Redistribute EVPN local endpoint subnets on Tier-0. TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances. TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances. TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances. TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1 instances. TIER1_CONNECTED: Redistribute all subnets configured on Segments and Service Interfaces. TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets. TIER1_SEGMENT: Redistribute subnets configured on Segments connected to Tier1. TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER1. INTER_VRF_STATIC: Redistribute IPs advertised by TIER0/VRF instances Route redistribution destination is BGP.",
"enum": [
"TIER0_STATIC",
"TIER0_CONNECTED",
"TIER0_EXTERNAL_INTERFACE",
"TIER0_SEGMENT",
"TIER0_ROUTER_LINK",
"TIER0_SERVICE_INTERFACE",
"TIER0_LOOPBACK_INTERFACE",
"TIER0_DNS_FORWARDER_IP",
"TIER0_IPSEC_LOCAL_IP",
"TIER0_NAT",
"TIER0_EVPN_TEP_IP",
"TIER1_NAT",
"TIER1_STATIC",
"TIER1_LB_VIP",
"TIER1_LB_SNAT",
"TIER1_DNS_FORWARDER_IP",
"TIER1_CONNECTED",
"TIER1_SERVICE_INTERFACE",
"TIER1_SEGMENT",
"TIER1_IPSEC_LOCAL_ENDPOINT",
"INTER_VRF_STATIC"
],
"id": "Tier0RouteRedistributionTypes",
"module_id": "PolicyConnectivity",
"title": "Tier-0 route redistribution types",
"type": "string"
}
Tier0SecurityFeature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SecurityFeatureBase
},
"id": "Tier0SecurityFeature",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - activate the feature, false - deactivate the feture",
"required": true,
"title": "Flag to activate/deactivate",
"type": "boolean"
},
"feature": {
"$ref": "Tier0SecurityFeaturesSupported,
"required": true
}
},
"title": "T0 Security feature entity with feature details",
"type": "object"
}
Tier0SecurityFeatureParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "Tier0SecurityFeatureParameters",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"feature": {
"$ref": "Tier0SecurityFeaturesSupported
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "T0 Security Feature parameters",
"type": "object"
}
Tier0SecurityFeatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "Tier0SecurityFeature
},
"required": true,
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "T0 Security features entity with feature details",
"type": "object"
}
Tier0SecurityFeaturesSupported (type)
{
"description": "Feature to be activated/deactivated. IDFW - Identity Firewall IDPS - Intrusion Detection System GFW_MULTICAST - Multicast on GFW Use any one of this to enable/disabe it.",
"enum": [
"IDFW",
"IDPS"
],
"id": "Tier0SecurityFeaturesSupported",
"module_id": "PolicyGatewaySecurityFeature",
"readonly": true,
"required": false,
"title": "Collection of T0 supported security features",
"type": "string"
}
Tier0StateRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "Tier0StateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"interface_path": {
"description": "String Path of interface on current Tier0 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.",
"title": "Interface path for interface specific state such as IPv6 DAD state",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"description": "The data source can be either realtime or cached. If not provided, cached data is returned.",
"required": false,
"title": "Source of statistics data"
},
"type": {
"description": "Returns specific information based on the value specified. When not specified response include gateway state, status and DAD status from interfaces.",
"enum": [
"GATEWAY_STATE",
"GATEWAY_STATUS",
"IPV6_STATUS",
"RD_PER_EDGE_MAPPING"
],
"title": "Returns specific information based on the value specified.",
"type": "string"
}
},
"title": "State request parameters for Tier0 gateway",
"type": "object"
}
Tier0StatefulServicesConfig (type)
{
"additionalProperties": false,
"description": "Tier0 stateful services config to define stateful",
"id": "Tier0StatefulServicesConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "This is used to enable or disable ACTIVE-ACTIVE stateful services.",
"required": false,
"title": "Flag to enable ACTIVE-ACTIVE stateful services",
"type": "boolean"
},
"redirection_policy": {
"default": "IP_HASH",
"description": "Redirection policy to load balance traffic among nodes IP_HASH: Hash Source IP or destination ip to redirect packet for load sharing and stateful services. NONE: Disable redirection. It requires user to define static traffic group per edge node and expects external router to forward return packet back to the same edge node. SRC_DST_IP_HASH: Hash both source and desitnation ip to redirect packet for load sharing. This mode doesn't support NAT and presumes source and destination IP remains same in either direction.",
"enum": [
"IP_HASH",
"NONE",
"SRC_DST_IP_HASH"
],
"required": false,
"title": "Redirection policy configuration",
"type": "string"
}
},
"title": "Tier0 stateful services config",
"type": "object"
}
Tier0VrfConfig (type)
{
"additionalProperties": false,
"description": "Tier-0 vrf configuration.",
"id": "Tier0VrfConfig",
"module_id": "PolicyConnectivity",
"properties": {
"evpn_l2_vni_config": {
"$ref": "VrfEvpnL2VniConfig,
"description": "It is required for VRF to participate in the EVPN service in ROUTE_SERVER mode.",
"required": false,
"title": "VRF configurations required for EVPN service in ROUTE_SERVER mode."
},
"evpn_transit_vni": {
"description": "L3 VNI associated with the VRF for overlay traffic of ethernet virtual private network (EVPN). It must be unique and available from the VNI pool defined for EVPN service. It is required for VRF to participate in the EVPN service in INLINE mode.",
"required": false,
"title": "L3 VNI associated with the VRF for overlay traffic",
"type": "int"
},
"rd_per_edge_pool": {
"customValidation": {
"RD_PER_EDGE_POOL_FOUR_BYTE_NUMBER": {
"code": 3,
"maximum": "4294967295L",
"minimum": 0,
"validator": "range"
},
"RD_PER_EDGE_POOL_SIZE": {
"code": 1,
"maxItems": 64,
"maximum": 64,
"minimum": 8,
"validator": "range"
},
"RD_PER_EDGE_POOL_TWO_BYTE_NUMBER": {
"code": 2,
"maximum": 65535,
"minimum": 0,
"validator": "range"
},
"key": "code",
"keyType": "int",
"namespace": "RdPerEdgePoolValidation"
},
"description": "route distinguisher pool for edge nodes.",
"items": {
"type": "string"
},
"nsx_feature": "RdPerSr",
"required": false,
"title": "route distinguisher pool for edge nodes",
"type": "array"
},
"route_distinguisher": {
"description": "Route distinguisher with format in IPAddress:<number> or ASN:<number>.",
"required": false,
"title": "Route distinguisher",
"type": "string"
},
"route_targets": {
"description": "Route targets.",
"items": {
"$ref": "VrfRouteTargets
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Route targets",
"type": "array"
},
"tier0_path": {
"description": "Default tier0 path. Cannot be modified after realization.",
"required": true,
"title": "Tier0 path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "VRF_CONFIG_TIER0_PATH_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Tier-0 vrf configuration",
"type": "object"
}
Tier1 (type)
{
"additionalProperties": false,
"description": "Tier-1 instance configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier1",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildIPSecVpnService",
"ChildL2VPNService",
"ChildLocaleServices",
"ChildPolicyDnsForwarder",
"ChildSecurityFeatures",
"ChildSegment",
"ChildStaticRoutes"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_limit": {
"description": "Maximum number of ARP entries per transport node.",
"maximum": 50000,
"minimum": 5000,
"required": false,
"title": "ARP limit per transport node",
"type": "int"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_rule_logging": {
"default": false,
"deprecated": true,
"description": "Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field.",
"required": false,
"title": "Enable logging for whitelisted rule",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_paths": {
"description": "DHCP configuration for Segments connected to Tier-1. DHCP service is enabled in relay mode.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "DHCP configuration for Segments connected to Tier-1",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Tier1"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"disable_firewall": {
"default": false,
"description": "Disable or enable gateway fiewall.",
"required": false,
"title": "Disable gateway firewall",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable standby service router relocation. Standby relocation is not enabled until edge cluster is configured for Tier1.",
"required": false,
"title": "Flag to enable standby service router relocation.",
"type": "boolean"
},
"failover_mode": {
"default": "NON_PREEMPTIVE",
"description": "Determines the behavior when a Tier-1 instance restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. Only applicable when edge cluster is configured in Tier1 locale-service.",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode",
"type": "string"
},
"federation_config": {
"$ref": "FederationGatewayConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field.",
"required": false,
"title": "Flag to add whitelisting FW rule during realization",
"type": "boolean"
},
"ha_mode": {
"description": "Specify high-availability mode for Tier-1.If Tier-1 is service router, HaMode will be set as ACTIVE_STANDBY. If Tier-1 is distributed router, HaMode will be set as null.",
"enum": [
"ACTIVE_STANDBY",
"ACTIVE_ACTIVE"
],
"required": false,
"title": "High-availability Mode for Tier-1",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intersite_config": {
"$ref": "IntersiteGatewayConfig,
"description": "Inter site routing configuration when the gateway is streched.",
"required": false,
"title": "Inter site routing configuration"
},
"ipv6_profile_paths": {
"description": "Configuration IPv6 NDRA and DAD profiles. Either or both NDRA and/or DAD profiles can be configured.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA and DAD profiles configuration",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "IPV6_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
},
{
"leftType": [
"Tier1"
],
"relationshipType": "IPV6_DAD_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6DadProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_allocation": {
"default": "ROUTING",
"description": "Supports edge node allocation at different sizes for routing and load balancer service to meet performance and scalability requirements. ROUTING: Allocate edge node to provide routing services. LB_SMALL, LB_MEDIUM, LB_LARGE, LB_XLARGE: Specify size of load balancer service that will be configured on TIER1 gateway.",
"enum": [
"ROUTING",
"LB_SMALL",
"LB_MEDIUM",
"LB_LARGE",
"LB_XLARGE"
],
"required": false,
"title": "Edge node allocation size",
"type": "string"
},
"qos_profile": {
"$ref": "GatewayQosProfileConfig,
"description": "QoS Profile configuration for Tier1 router link connected to Tier0 gateway.",
"required": false,
"title": "Gateway QoS Profile configuration"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_advertisement_rules": {
"items": {
"$ref": "RouteAdvertisementRule
},
"required": false,
"title": "Route advertisement rules and filtering",
"type": "array"
},
"route_advertisement_types": {
"description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.",
"items": {
"$ref": "Tier1RouteAdvertisentTypes
},
"required": false,
"title": "Enable different types of route advertisements",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier0_path": {
"description": "The reference to the Tier-0 instance using the policy path of the Tier-0 or label of type Provider. Specify the Tier-1 connectivity to Tier-0 instance. .",
"required": false,
"title": "Tier-1 connectivity to Tier-0",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "PROVIDER_NETWORK_RELATIONSHIP",
"rightType": [
"Tier0"
]
},
{
"leftType": [
"Tier1"
],
"relationshipType": "NETWORK_PROVIDER_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"type": {
"description": "Tier1 connectivity type for reference. Property value is not validated with Tier1 configuration. ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled. ISOLATED: Tier1 is not connected to any Tier0 gateway. NATTED: Tier1 is in ROUTED type with NAT configured locally.",
"enum": [
"ROUTED",
"ISOLATED",
"NATTED"
],
"required": false,
"title": "Tier1 type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-1",
"type": "object"
}
Tier1DeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of Tier-1 to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier1DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point": {
"description": "Path of enforcement point on which Tier-1 shall be deployed.",
"required": true,
"title": "Absolute path of Enforcement Point",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-1 Deployment Map",
"type": "object"
}
Tier1GatewayState (type)
{
"additionalProperties": false,
"id": "Tier1GatewayState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"ipv6_status": {
"description": "IPv6 DAD status for interfaces configured on Tier1",
"items": {
"$ref": "IPv6Status
},
"title": "IPv6 DAD status for Tier1 interfaces",
"type": "array"
},
"tier1_state": {
"$ref": "LogicalRouterState,
"description": "Detailed realized state information for Tier1",
"title": "Tier1 state"
},
"tier1_status": {
"$ref": "LogicalRouterStatus,
"description": "Detailed realized status information for Tier1",
"title": "Tier1 status"
},
"transport_zone": {
"$ref": "PolicyTransportZone,
"description": "Transport Zone information which got configured on Gateway.",
"title": "Transport Zone Information"
}
},
"title": "Tier1 gateway state",
"type": "object"
}
Tier1Interface (type)
{
"additionalProperties": false,
"description": "Tier-1 interface configuration for attaching services.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "Tier1Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_state": {
"description": "This flag is used to enable/disable admin state on tier-1 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration.",
"enum": [
"UP",
"DOWN"
],
"experimental": true,
"required": false,
"title": "Flag to enable/disable admin_state of tier-1 service port",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipv6_profile_paths": {
"description": "Configrue IPv6 NDRA profile. Only one NDRA profile can be configured.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA profile configuration",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.",
"minimum": 64,
"required": false,
"title": "MTU size",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_path": {
"description": "Policy path of Segment to which interface is connected to.",
"required": true,
"title": "Policy path of Segment to attach interface",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1Interface"
],
"relationshipType": "INTERFACE_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Tier-1 interface configuration",
"type": "object"
}
Tier1InterfaceGroup (type)
{
"additionalProperties": false,
"description": "Tier1 Interface group for interface grouping.",
"extends": {
"$ref": "BaseInterfaceGroup
},
"id": "Tier1InterfaceGroup",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of interface reference. Interface must belong to same location.",
"items": {
"$ref": "GatewayInterfaceReference
},
"required": false,
"title": "Tier0/Tier1 interface memeber list",
"type": "array"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"default": "SERVICE",
"description": "Interface group type. It is readonly. Always type SERVICE.",
"enum": [
"SERVICE"
],
"readonly": true,
"required": false,
"title": "Interface group type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier1 Interface group",
"type": "object"
}
Tier1InterfaceGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier1InterfaceGroupListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-1 Interface group list request parameters",
"type": "object"
}
Tier1InterfaceGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier1InterfaceGroupListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier1InterfaceGroup
},
"required": true,
"title": "Tier-1 Interface group list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-1 Interface groups",
"type": "object"
}
Tier1InterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier1InterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier1Interface
},
"required": true,
"title": "Tier-1 Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-1 Interfaces",
"type": "object"
}
Tier1ListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier1ListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-1 list request parameters",
"type": "object"
}
Tier1ListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier1ListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier1
},
"required": true,
"title": "Tier-1 list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-1 instances",
"type": "object"
}
Tier1RouteAdvertisentTypes (type)
{
"additionalProperties": false,
"description": "Control routes advertised by Tier-1 instance. TIER1_STATIC_ROUTES: Advertise all STATIC routes. TIER1_CONNECTED: Advertise all subnets configured on connected Interfaces and Segments. TIER1_NAT: Advertise all NAT IP addresses. TIER1_LB_VIP: Advertise all Load-balancer VIPs. TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses. TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets.",
"enum": [
"TIER1_STATIC_ROUTES",
"TIER1_CONNECTED",
"TIER1_NAT",
"TIER1_LB_VIP",
"TIER1_LB_SNAT",
"TIER1_DNS_FORWARDER_IP",
"TIER1_IPSEC_LOCAL_ENDPOINT"
],
"id": "Tier1RouteAdvertisentTypes",
"module_id": "PolicyConnectivity",
"type": "string"
}
Tier1StateRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "Tier1StateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"interface_path": {
"description": "String Path of interface on current Tier1 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.",
"title": "Interface path for interface specific state such as IPv6 DAD state",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"description": "The data source can be either realtime or cached. If not provided, cached data is returned.",
"required": false,
"title": "Source of statistics data"
},
"type": {
"description": "Returns specific information based on the value specified. When not specified response include gateway state, status and DAD status from interfaces.",
"enum": [
"GATEWAY_STATE",
"GATEWAY_STATUS",
"IPV6_STATUS"
],
"title": "Returns specific information based on the value specified.",
"type": "string"
}
},
"title": "State request parameters for Tier1 gateway",
"type": "object"
}
TierGatewayReprocessParameters (type)
{
"additionalProperties": false,
"id": "TierGatewayReprocessParameters",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"title": "String Path of the enforcement point",
"type": "string"
}
},
"type": "object"
}
TimeRangeDropdownFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for dropdown filter widget for Time Range.",
"extends": {
"$ref": "DropdownFilterWidgetConfiguration
},
"id": "TimeRangeDropdownFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "TimeRangeDropdownFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"default_value": {
"description": "Expression to specify default value of filter.",
"title": "Expression to specify default value",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"dropdown_filter_plot_config": {
"$ref": "DropdownFilterPlotConfiguration,
"description": "Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only.",
"required": false,
"title": "Dropdown filter plotting configuration"
},
"dropdown_item": {
"$ref": "DropdownItem,
"description": "Defines the item of a dropdown.",
"required": false,
"title": "Definition for item of a dropdown"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"placeholder_msg": {
"description": "Placeholder message to be displayed in dropdown filter.",
"title": "Placeholder message to be shown in filter",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"static_filter_condition": {
"description": "If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally.",
"title": "Expression for evaluating condition",
"type": "string"
},
"static_filters": {
"description": "Additional static items to be added in dropdown filter. Example can be 'ALL'.",
"items": {
"$ref": "StaticFilter
},
"title": "Additional static items to be added in dropdown filter",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_range_filter_info": {
"$ref": "TimeRangeFilterInfo,
"description": "Defines the time range filter configuration.",
"required": false,
"title": "Definition for time range filter."
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Time Range Dropdown Filter widget Configuration",
"type": "object"
}
TimeRangeFilterInfo (type)
{
"additionalProperties": false,
"id": "TimeRangeFilterInfo",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"from_param_name": {
"default": "fromDate",
"description": "from parameter name used for time range filter from date value.",
"maxLength": 1024,
"required": false,
"title": "from parameter name for time range filter.",
"type": "string"
},
"to_param_name": {
"default": "toDate",
"description": "to parameter name used for time range filter to date value.",
"maxLength": 1024,
"required": false,
"title": "to parameter name for time range filter",
"type": "string"
},
"value_type": {
"default": "EPOCH",
"description": "type of time range filter value can be epoch, ISO date Format.",
"enum": [
"EPOCH"
],
"required": false,
"title": "type of time range filter value",
"type": "string"
}
},
"title": "time range filter information",
"type": "object"
}
TlsCertificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCertificate",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "Category of certificate. This certificate is used to connect to services only.",
"enum": [
"SERVICE_CERTIFICATE"
],
"readonly": true,
"required": false,
"title": "Category",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"description": "list of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_private_key": {
"default": false,
"description": "whether we have the private key for this certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "pem encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_certificate_type": {
"description": "Classification of the TlsCertificate helps differentiate how a TlsCertificate could be used for various components either as a client trust certificate; CERTIFICATE_CA, or as a server identity certificate; CERTIFICATE_SIGNED,or CERTIFICATE_SELF_SIGNED.",
"enum": [
"CERTIFICATE_CA",
"CERTIFICATE_SIGNED",
"CERTIFICATE_SELF_SIGNED"
],
"readonly": true,
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCertificateList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCertificateList",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "TlsCertificate list.",
"items": {
"$ref": "TlsCertificate
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Certificate queries result",
"type": "object"
}
TlsCiphers (type)
{
"additionalProperties": false,
"enum": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA"
],
"id": "TlsCiphers",
"module_id": "PolicyTlsActionProfile",
"title": "TLS balanced cipher",
"type": "string"
}
TlsConfigSettings (type)
{
"additionalProperties": false,
"description": "Pre-defined config settings. Settings could be one of Balanced, High Fidelity, High Security, Custom",
"enum": [
"BALANCED",
"HIGH_FIDELITY",
"HIGH_SECURITY",
"CUSTOM"
],
"help_summary": "- High Fidelity setting reduces the likelihood of TLS Proxy breaking an otherwise successful connection.\n Specifically, TLS Proxy preserves original client and server preferences (TLS version, ciphers, etc.) in the\n TLS handshake as much as possible.\n - Client side - support TLS versions and Ciphers\n - Server side - no restrictions\n- High Security setting enforces a stricter security posture such as enabling only the most secure\n TLS versions and ciphers.\n - Support TLS Versions and Ciphers\n- Balanced setting strikes a balance between security, performance and compatibility.\n - Support TLS Versions and Ciphers\n- Custom allows user to pick the settings to meet their requirements.\nThese pre-settings per release will be preserved for existing profiles even if changed in future releases.\n",
"id": "TlsConfigSettings",
"module_id": "PolicyTlsActionProfile",
"required": true,
"title": "TLS config settings",
"type": "string"
}
TlsCrl (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCrl",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"$ref": "X509Crl,
"description": "Details of the X509Crl object.",
"readonly": true,
"required": false,
"title": "Details of the X509Crl object"
},
"details_revoked_by_issuer_and_serial_number": {
"items": {
"$ref": "IssuerSerialNumber
},
"readonly": true,
"required": false,
"title": "Certificates revoked by issuer and serial number",
"type": "array"
},
"details_revoked_by_subject_and_public_key_hash": {
"items": {
"$ref": "SubjectPublicKeyHash
},
"readonly": true,
"required": false,
"title": "Certificates revoked by subject and public key hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "Pem encoded crl data.",
"required": false,
"title": "Pem encoded crl data",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCrlListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCrlListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsCrl
},
"required": true,
"title": "TlsCrl list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TlsCrl",
"type": "object"
}
TlsCsr (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCsr",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions,
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCsrListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCsrListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsCsr
},
"required": true,
"title": "TlsCsr list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TlsCsr",
"type": "object"
}
TlsCsrWithDaysValid (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TlsCsr
},
"id": "TlsCsrWithDaysValid",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA",
"EC"
],
"readonly": false,
"required": false,
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"days_valid": {
"default": 825,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions,
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CSR data with days valid",
"type": "object"
}
TlsInspectionExternalProfile (type)
{
"additionalProperties": false,
"description": "External inspection profile is used when the TLS connection is destined to a service not owned by the enterprise.",
"extends": {
"$ref": "TlsProfile
},
"id": "TlsInspectionExternalProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "TlsInspectionExternalProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"client_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites client supports",
"type": "array"
},
"client_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version client supports"
},
"client_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version client supports"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"crypto_enforcement": {
"$ref": "CryptoEnforcement,
"default": "ENFORCE",
"required": false
},
"decryption_fail_action": {
"$ref": "DecryptionFailAction,
"default": "BYPASS",
"required": false
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"invalid_cert_action": {
"$ref": "InvalidCertificateAction,
"default": "ALLOW",
"required": false
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ocsp_must_staple": {
"default": false,
"description": "true - activate the ocsp must staple, false - deactivate it.",
"required": false,
"title": "Flag to activate/deactivate ocsp must staple",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"proxy_trusted_ca_cert": {
"description": "Proxy trusted ca cert and key used to issue valid ca certificate. This is the subordinate CA cert (referred to as Proxy CA) by the Enterprise Issuing CA.",
"required": true,
"title": "Proxy trusted ca cert and key",
"type": "string"
},
"proxy_untrusted_ca_cert": {
"description": "Proxy untrusted ca cert and key used to issue invalid ca certificate",
"required": true,
"title": "Proxy untrusted ca cert and key",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"server_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites server support",
"type": "array"
},
"server_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version server supports"
},
"server_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version server supports"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_config_setting": {
"$ref": "TlsConfigSettings,
"default": "BALANCED",
"required": false
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TLS inspection external profile",
"type": "object"
}
TlsInspectionInternalProfile (type)
{
"additionalProperties": false,
"description": "Internal inspection Profile is used when the TLS connection is destined to a service not owned by the enterprise.",
"extends": {
"$ref": "TlsProfile
},
"id": "TlsInspectionInternalProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "TlsInspectionInternalProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"certificate_validation": {
"default": false,
"description": "true - activate the certificate validation; false - deactivate it.",
"required": false,
"title": "Flag to activate/deactivate certificate validation",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"client_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites client supports",
"type": "array"
},
"client_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version client supports"
},
"client_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version client supports"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"crypto_enforcement": {
"$ref": "CryptoEnforcement,
"default": "ENFORCE",
"required": false
},
"decryption_fail_action": {
"$ref": "DecryptionFailAction,
"default": "BYPASS",
"required": false
},
"default_cert_key": {
"description": "Default server certificate presented to the user.",
"required": false,
"title": "One of the actual server certificate presented to the client",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ocsp_must_staple": {
"default": false,
"description": "true - activate the ocsp must staple, false - deactivate it.",
"required": false,
"title": "Flag to activate/deactivate ocsp must staple",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"server_certs_key": {
"description": "Server certificate presented to the client.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "Actual server certificate key",
"type": "array"
},
"server_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites server support",
"type": "array"
},
"server_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.0, TLS1.1 and TLS1.2",
"required": false,
"title": "Maximum TLS version server supports"
},
"server_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version server supports"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_config_setting": {
"$ref": "TlsConfigSettings,
"default": "BALANCED",
"required": false
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TLS inspection internal profile",
"type": "object"
}
TlsListenerCertificate (type)
{
"additionalProperties": false,
"description": "Returns the certificate and thumbprint of a remote TLS listener, if the listener is running and accepting requests. If the certificate cannot be retrieved, the result property describes the problem.",
"id": "TlsListenerCertificate",
"module_id": "PolicySiteGM",
"properties": {
"certificate": {
"$ref": "X509Certificate,
"description": "The certificate of the TLS listener.",
"readonly": true,
"title": "The certificate of the TLS listener"
},
"result": {
"description": "Result of get certificate operation.",
"enum": [
"SUCCESS",
"CONNECTION_TIMEOUT",
"NO_ROUTE_TO_HOST",
"CONNECTION_REFUSED"
],
"title": "Result of get certificate operation",
"type": "string"
},
"thumbprint": {
"description": "The SHA-256 thumbprint of the TLS listener.",
"readonly": true,
"title": "The SHA-256 thumbprint of the TLS listener",
"type": "string"
}
},
"title": "Remote TLS Listener Certificate",
"type": "object"
}
TlsListenerEndpointAddressRequestParameters (type)
{
"additionalProperties": false,
"description": "The hostname or IP, and TCP port number of the listener to connect to.",
"id": "TlsListenerEndpointAddressRequestParameters",
"module_id": "PolicySiteGM",
"properties": {
"address": {
"description": "Host name or IP address of TLS listener.",
"format": "hostname-or-ip",
"required": true,
"title": "Host name or IP address of TLS listener",
"type": "string"
},
"port": {
"description": "TCP port number of the TLS listener",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "TCP port number of the TLS listener",
"type": "int"
}
},
"title": "TLS Listener Endpoint Address Request Parameters",
"type": "object"
}
TlsPolicy (type)
{
"extends": {
"$ref": "Policy
},
"id": "TlsPolicy",
"module_id": "PolicyTls",
"policy_hierarchical_children": [
"ChildTlsRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "TlsRule
},
"required": false,
"title": "Rules that are a part of this TLSPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for TLSPolicy",
"type": "object"
}
TlsPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "TlsPolicyListRequestParameters",
"module_id": "PolicyTls",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_rule_count": {
"default": false,
"description": "If true, populate the rule_count field with the count of rules in the particular policy. By default, rule_count will not be populated.",
"required": false,
"title": "Include the count of rules in policy",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "TlsPolicy list request parameters",
"type": "object"
}
TlsPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "TlsPolicyListResult",
"module_id": "PolicyTls",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsPolicy
},
"required": true,
"title": "TLSPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TLS inspection policies",
"type": "object"
}
TlsProfile (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "TlsProfileListRequestParameters",
"module_id": "PolicyTlsActionProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TlsProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsProfileListResult",
"module_id": "PolicyTlsActionProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of TLS profiles.",
"items": {
"$ref": "TlsProfile
},
"readonly": true,
"required": false,
"title": "List of the TLS profiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TlsProtocol (type)
{
"additionalProperties": false,
"enum": [
"TLS_V1_2",
"TLS_V1_1",
"TLS_V1_0"
],
"id": "TlsProtocol",
"module_id": "PolicyTlsActionProfile",
"title": "TLS protocol",
"type": "string"
}
TlsRule (type)
{
"additionalProperties": false,
"description": "A rule indicates the decryption actions to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "TlsRule",
"module_id": "PolicyTls",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to deactivate the rule. Default is activated.",
"readonly": false,
"required": false,
"title": "Flag to deactivate the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is deactivated.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of the notes, internally notes will get truncated after 39 characters.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"Rule"
],
"relationshipType": "COMMUNICATION_ENTRY_L7_ACCESS_PROFILE_RELATIONSHIP",
"rightType": [
"L7AccessProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_profile": {
"description": "TLS profile path.",
"required": true,
"title": "TLS inspection action profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_TLS_PROFILE_RELATIONSHIP",
"rightType": [
"TlsProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the TLS policy rule between the workload groups",
"type": "object"
}
TlsRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "TlsRuleListRequestParameters",
"module_id": "PolicyTls",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "TLS Rule list request parameters",
"type": "object"
}
TlsRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "TlsRuleListResult",
"module_id": "PolicyTls",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsRule
},
"required": true,
"title": "TLS Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
TlsServiceEndpoint (type)
{
"additionalProperties": false,
"description": "The hostname or IP and port number of a TLS service endpoint.",
"id": "TlsServiceEndpoint",
"module_id": "CertificateManager",
"properties": {
"host": {
"description": "The hostname or IP address of the TLS service endpoint.",
"format": "hostname-or-ip",
"title": "Hostname or IP of the endpoint",
"type": "string"
},
"port": {
"description": "The TCP port number of the endpoint.",
"maximum": 65535,
"minimum": 0,
"title": "TCP port number",
"type": "int"
}
},
"title": "TLS service endpoint",
"type": "object"
}
TlsStateObject (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsStateObject",
"module_id": "PolicyTlsState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_reasons": {
"default": [],
"description": "TLS inspection failure reasons.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "TLS inspection failure reasons",
"type": "array"
},
"fqdn": {
"description": "Fully Qualified Domain Name.",
"required": true,
"title": "Fully Qualified Domain Name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inspection_action": {
"default": "INVALID",
"description": "TLS inspection bypass action.",
"enum": [
"INVALID",
"BYPASS",
"DROP",
"REJECT"
],
"required": false,
"title": "TLS inspection action",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Tier-0/Tier-1 Logical Router policy path",
"required": false,
"title": "Tier-0/Tier-1 Logical Router policy path",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TLS state\n",
"type": "object"
}
TlsStateObjectListParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "TlsStateObjectListParameters",
"module_id": "PolicyTlsState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"failed_domains": {
"default": true,
"description": "TLS inspection failed domain filter. Could be one of true or false.",
"required": false,
"title": "TLS inspection failed domain filter",
"type": "boolean"
},
"fqdn": {
"description": "Fully Qualified Domain Name.",
"required": false,
"title": "Fully Qualified Domain Name",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tls State Object list parameters",
"type": "object"
}
TlsStateObjectListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsStateObjectListResult",
"module_id": "PolicyTlsState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "TLS state list results.",
"items": {
"$ref": "TlsStateObject
},
"required": true,
"title": "TLS state list results.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TlsTrustData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsTrustData",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key_algo": {
"description": "Key algorithm contained in this certificate.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passphrase": {
"description": "Password for private key encryption.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "secure_string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "pem encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"private_key": {
"description": "private key data",
"readonly": false,
"required": false,
"sensitive": true,
"type": "secure_string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TnAgentStatusType (type)
{
"additionalProperties": false,
"enum": [
"UNKNOWN",
"HEALTHY",
"UNHEALTHY",
"DEGRADED"
],
"id": "TnAgentStatusType",
"module_id": "TnContainerStatus",
"title": "Agent status type",
"type": "string"
}
TnContainerStatusType (type)
{
"additionalProperties": false,
"enum": [
"UNKNOWN",
"HEALTHY",
"DOWN",
"DEGRADED"
],
"id": "TnContainerStatusType",
"module_id": "TnContainerStatus",
"title": "Container status type",
"type": "string"
}
TnHyperbusStatus (type)
{
"id": "TnHyperbusStatus",
"module_id": "TnContainerStatus",
"properties": {
"hyperbus_status": {
"$ref": "TnAgentStatusType,
"description": "Display the hyperbus status",
"required": true,
"title": "Hyperbus status"
},
"transport_node_id": {
"description": "Transport node id.",
"required": true,
"title": "Transport node id",
"type": "string"
}
},
"type": "object"
}
TnNodeAgentStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "TnNodeAgentStatusListResult",
"module_id": "TnContainerStatus",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TnNodeAgentstatus
},
"readonly": true,
"title": "Container agent status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Container agent status list result",
"type": "object"
}
TnNodeAgentstatus (type)
{
"id": "TnNodeAgentstatus",
"module_id": "TnContainerStatus",
"properties": {
"hyperbus_connection_status": {
"$ref": "TnAgentStatusType,
"description": "Show the Node Agent connected VM vif status.",
"required": true,
"title": "Show VIF status"
},
"vif_id": {
"description": "Connected VM vif id.",
"required": true,
"title": "Connected VM VIF id",
"type": "string"
}
},
"type": "object"
}
TnNodeStackSpanStatus (type)
{
"description": "List all the TNs spaned in L3PortMirrorSession mirror stack health status.",
"id": "TnNodeStackSpanStatus",
"module_id": "PortMirroring",
"properties": {
"dedicated_stack_status": {
"$ref": "MirrorStackStatusType,
"description": "Show the dedicated mirror stack health status, if the TN node has the mirror stack, it will show SUCCESS or it will show FAILED.",
"required": true,
"title": "Mirror stack health status"
},
"detail": {
"description": "Give the detail info for mirror stack and vmknic health status. If the stack or vmknic is FAILED, detail info will tell user reason why the stauts is FAILED. So that user can correct their configuration.",
"required": true,
"title": "give detail info and reason about the vmknic and statck status",
"type": "string"
},
"last_updated_time": {
"$ref": "EpochMsTimestamp,
"description": "TN miror stack status will be updated periodically, this item indicates the lastest timestamp of TN node stack status is updated.",
"required": true,
"title": "last updated time of TN node stack status"
},
"tn_node_id": {
"description": "For L3PortMirrorSession configured mirror stack, show the TN node UUID which spaned in L3PortMirrorSession.",
"title": "TN node ID that configured L3PortMirrorSession mirror stack",
"type": "string"
},
"tn_node_name": {
"description": "For L3PortMirrorSession configured mirror stack, show the TN node friendly name which spaned in L3PortMirrorSession.",
"required": true,
"title": "TN node name that configured L3SPAN mirror stack",
"type": "string"
},
"vmknic_status": {
"$ref": "MirrorStackStatusType,
"description": "Show the vmknic health status, if the vmknic has been bouned to mirror stack, it will show SUCCESS or it will show FAILED.",
"required": true,
"title": "Mirror vmknic status"
}
},
"title": "List all L3PortMirrorSession TN nodes mirror stack health status",
"type": "object"
}
TokenBasedPrincipalIdentity (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "TokenBasedPrincipalIdentity",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal. This will be matched to the name provided in the token.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._@]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"roles_for_paths": {
"description": "The roles that are associated with this PI, limiting them to a path. In case the path is '/', the roles apply everywhere.",
"items": {
"$ref": "RolesForPath
},
"readonly": false,
"required": false,
"title": "Roles for Paths",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
TokenBasedPrincipalIdentityListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TokenBasedPrincipalIdentityListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "TokenBasedPrincipalIdentity list.",
"items": {
"$ref": "TokenBasedPrincipalIdentity
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Token-based PrincipalIdentity query result",
"type": "object"
}
Tooltip (type)
{
"additionalProperties": false,
"description": "Tooltip to be shown while hovering over the dashboard UI element.",
"id": "Tooltip",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the tooltip will be applied. If no condition is provided, then the tooltip will be applied unconditionally. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"heading": {
"description": "If true, displays tooltip text in bold",
"title": "Tooltip will be treated as header.",
"type": "boolean"
},
"text": {
"description": "Text to be shown on tooltip while hovering over UI element. The text would be wrapped if it exceeds 80 chars.",
"maxLength": 1024,
"required": true,
"title": "Textbox shown at tooltip",
"type": "string"
}
},
"title": "Tooltip",
"type": "object"
}
TraceActionArgument (type)
{
"id": "TraceActionArgument",
"module_id": "LiveTrace",
"properties": {
"dest_ipsec_vpn_config": {
"$ref": "LiveTraceIpsecVpnConfig,
"description": "It is required only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same IPSec VPN config specified for the reverse direction.",
"readonly": true,
"required": false,
"title": "IPSec VPN configuration for the reverse direction of a livetrace session."
},
"dest_lport": {
"description": "It is required only when the type of trace is bidirectional. Please keep this field aligned with the destination logical port of count action and packet capture action config when the type of count action and packet capture action is bidirectional.",
"readonly": true,
"required": false,
"title": "Destination logical port for bidirectional trace",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "It takes effect only when the type of trace is bidirectional. Please keep this aligned with the packet filter of reverse direction of count action and packet capture action config when the type of count action and packet capture action is bidirectional.",
"readonly": true,
"required": false,
"title": "Packet filter for flows of interest in reverse direction"
},
"trace_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"readonly": true,
"required": true,
"title": "Type of trace",
"type": "string"
}
},
"type": "object"
}
TraceActionConfig (type)
{
"id": "TraceActionConfig",
"module_id": "LiveTrace",
"properties": {
"action_argument": {
"$ref": "TraceActionArgument,
"readonly": true,
"required": true,
"title": "Action argument for trace"
},
"sampling_argument": {
"$ref": "SamplingArgument,
"description": "Only first-N sampling is supported and the maximum sampling number is 50.",
"readonly": true,
"required": true,
"title": "Sample argument for trace"
}
},
"type": "object"
}
TraceResult (type)
{
"id": "TraceResult",
"module_id": "LiveTrace",
"properties": {
"analysis": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Trace action result analysis notes",
"type": "array"
},
"counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "Observation counters"
},
"direction": {
"enum": [
"FORWARD",
"BACKWARD"
],
"readonly": true,
"required": false,
"title": "Direction of a trace",
"type": "string"
},
"logical_counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "Observation counters for logical components"
},
"observations": {
"items": {
"$ref": "TraceflowObservation
},
"readonly": true,
"required": false,
"title": "Trace observation list",
"type": "array"
},
"packet_id": {
"readonly": true,
"required": true,
"title": "Packet ID in the session",
"type": "string"
},
"result_overflowed": {
"readonly": true,
"required": false,
"title": "Whether some observations were deleted from the result set",
"type": "boolean"
}
},
"type": "object"
}
Traceflow (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "Traceflow",
"module_id": "Traceflow",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"analysis": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Traceflow result analysis notes",
"type": "array"
},
"counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "observation counters"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The id of the traceflow round",
"type": "string"
},
"logical_counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "counters of observations from logical components"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "id of the source logical port used for injecting the traceflow packet",
"type": "string"
},
"operation_state": {
"enum": [
"IN_PROGRESS",
"FINISHED",
"FAILED"
],
"readonly": true,
"required": true,
"title": "Represents the traceflow operation state",
"type": "string"
},
"request_status": {
"description": "The status of the traceflow RPC request. SUCCESS - The traceflow request is sent successfully. TIMEOUT - The traceflow request gets timeout. SOURCE_PORT_NOT_FOUND - The source port of the request cannot be found. DATA_PATH_NOT_READY - The datapath component cannot be ready to receive request. CONNECTION_ERROR - There is connection error on datapath component. UNKNOWN - The status of traceflow request cannot be determined.",
"enum": [
"SUCCESS",
"TIMEOUT",
"SOURCE_PORT_NOT_FOUND",
"DATA_PATH_NOT_READY",
"CONNECTION_ERROR",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Traceflow request status",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"result_overflowed": {
"readonly": true,
"required": false,
"title": "A flag, when set true, indicates some observations were deleted from the result set.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"description": "Maximum time (in ms) the management plane will be waiting for this traceflow round. Upper limit for federation case is 90000, for non-federation case is 15000, the maximum is set to 90000 as the higher of the two cases.",
"maximum": 90000,
"minimum": 5000,
"readonly": true,
"required": false,
"title": "Timeout (in ms) for traceflow observations result list",
"type": "integer"
}
},
"type": "object"
}
TraceflowComponentSubType (type)
{
"description": "This field specifies the traceflow component sub type that reports the observation LR_TIER0 - Tier-0 Gateway LR_TIER1 - Tier-1 Gateway LR_VRF_TIER0 - Tier-0 VRF Gateway LS_TRANSIT - Transit Switch SI_CLASSIFIER - Service Insertion Classifier SI_PROXY - Service Insertion Proxy VDR - Virtual Distributed Router ENI - Elastic Network Interface AWS_GATEWAY - Amazon Gateway TGW_ROUTE - Transit Gateway EDGE_UPLINK - Edge Uplink DELL_GATEWAY - Dell Gateway LGW_ROUTE - Local Gateway LR_KNI - Kernel NIC Interface UNKNOWN - Unknown component sub type",
"enum": [
"LR_TIER0",
"LR_TIER1",
"LR_VRF_TIER0",
"LS_TRANSIT",
"SI_CLASSIFIER",
"SI_PROXY",
"VDR",
"ENI",
"AWS_GATEWAY",
"TGW_ROUTE",
"EDGE_UPLINK",
"DELL_GATEWAY",
"LGW_ROUTE",
"LR_KNI",
"UNKNOWN"
],
"id": "TraceflowComponentSubType",
"module_id": "Traceflow",
"readonly": true,
"required": false,
"type": "string"
}
TraceflowComponentType (type)
{
"enum": [
"PHYSICAL",
"LR",
"LS",
"DFW",
"BRIDGE",
"EDGE_TUNNEL",
"EDGE_HOSTSWITCH",
"FW_BRIDGE",
"EDGE_RTEP_TUNNEL",
"LOAD_BALANCER",
"NAT",
"IPSEC",
"SERVICE_INSERTION",
"VMC",
"SPOOFGUARD",
"EDGE_FW",
"DLB",
"ANTREA_SPOOFGUARD",
"ANTREA_LB",
"ANTREA_ROUTING",
"ANTREA_DFW",
"ANTREA_FORWARDING",
"HOST_SWITCH",
"UNKNOWN"
],
"id": "TraceflowComponentType",
"module_id": "Traceflow",
"type": "string"
}
TraceflowConfig (type)
{
"additionalProperties": false,
"description": "TraceflowConfig mainly records what type of packets the user wants to inject into which port. This configuration will be cleaned up by the system after two hours of inactivity if is_transient is true. Traceflow is not supported for VPC Admin role.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TraceflowConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"connected_parent_path_as_source": {
"description": "Policy path of child segment connected to container port. Child segment connection is configured through SegmentConnectionBindingMapDto. This field should be provided only when source_id/segment_port_path is a VIF attached port on the parent segment.",
"nsx_feature": "ChildSegment",
"required": false,
"title": "PolicyPath of segment connected to container port",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"packet": {
"$ref": "PacketData,
"description": "Configuration of packet data",
"required": true,
"title": "Packet configuration"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_port_path": {
"deprecated": true,
"description": "Policy path or UUID of segment port to start traceflow from. Auto-plumbed ports don't have corresponding policy path. Ports auto-created by policy as part of connecting segment to Tier-0 or Tier-1 or DHCP server cannot be used. UUID is validated for syntax only. This configuration will be cleaned up by the system after two hours of inactivity.",
"title": "Segment Port Path or UUID",
"type": "string"
},
"source_id": {
"description": "Policy path or UUID (validated for syntax only) of segment port to start traceflow from. Auto-plumbed ports don't have corresponding policy path. Both overlay backed port and VLAN backed port are supported.",
"title": "Segment Port Path or UUID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10,
"description": "Maximum time in seconds the management plane will wait for observation result to be generated. The default, minimum and maximum timeout values, in seconds, for: Single site environment - minimum 5, default 10, maximum 15. Federated enviroment - minimum 15, default 30, maximum 60. These values are validated by the system based on type of environment.",
"maximum": 60,
"minimum": 5,
"required": false,
"title": "Timeout for traceflow observation results",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Traceflow configuration",
"type": "object"
}
TraceflowConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TraceflowConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TraceflowConfig
},
"required": true,
"title": "TraceflowConfig list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TraceflowConfigs",
"type": "object"
}
TraceflowListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "TraceflowListParameters",
"module_id": "Traceflow",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"lport_id": {
"required": false,
"title": "id of the source logical port where the trace flows originated",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Traceflow list parameters",
"type": "object"
}
TraceflowListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "TraceflowListResult",
"module_id": "Traceflow",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Traceflow
},
"readonly": true,
"title": "Traceflow Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Traceflow queries result",
"type": "object"
}
TraceflowObservation (type)
{
"abstract": true,
"additionalProperties": false,
"id": "TraceflowObservation",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationCounters (type)
{
"id": "TraceflowObservationCounters",
"module_id": "Traceflow",
"properties": {
"delivered_count": {
"description": "Total number of delivered observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Delivered observation count",
"type": "integer"
},
"dropped_count": {
"description": "Total number of dropped observations for this round.",
"readonly": true,
"required": false,
"title": "Dropped observation count",
"type": "integer"
},
"forwarded_count": {
"description": "Total number of forwarded observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Forwarded observation count",
"type": "integer"
},
"protected_count": {
"description": "Total number of protected observations for this traceflow round, which current user does not have access.",
"readonly": true,
"required": false,
"title": "Protected observation count",
"type": "integer"
},
"received_count": {
"description": "Total number of received observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Received observation count",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationDelivered (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationDelivered",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDelivered"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"resolution_type": {
"description": "This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by IP table. ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table. ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP. ARP_VM - No suppression and the ARP request is resolved by VM. ARP_LRP - No suppression and the ARP request is resolved by logical router.",
"enum": [
"UNKNOWN",
"ARP_SUPPRESSION_PORT_CACHE",
"ARP_SUPPRESSION_TABLE",
"ARP_SUPPRESSION_CP_QUERY",
"ARP_VM",
"ARP_LRP"
],
"readonly": true,
"required": false,
"title": "The resolution type of the delivered message for ARP",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"target_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address of the resolved IP by ARP",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan_id": {
"$ref": "VlanID,
"required": false,
"title": "VLAN on bridged network"
}
},
"type": "object"
}
TraceflowObservationDropped (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationDropped",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDropped"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"ipsec_fail_reason": {
"description": "This field specifies the IPSec VPN fails reason IPSEC_SA_NOT_FOUND - IPSec SA required for processing the packet does not exist IPSEC_UDP_ENC_STATE_MISMATCH - ESP packet is UDP encapsulated but IPsec SA does not expect UDP encapsulation IPSEC_SEQ_ROLLOVER - IPSec SA sequence number has exceeded the maximum value IPSEC_FRAG_NEEDED - Received packet has DF bit set in IP header but requires fragmentation due to ESP encapsulation IPSEC_TUN_IFACE_DOWN - IPSec tunnel interface is down IPSEC_POLICY_NOMATCH - Received packet does not match IPSec policy IPSEC_POLICY_BLOCK - IPSec packet processing failed IPSEC_POLICY_ERROR - IPSec packet processing failed IPSEC_REPLAY_SEQ_NUM_REPEAT - IPSec packet is dropped due to replay IPSEC_REPLAY_RECV_DELAY - IPSec packet is dropped due to replay IPSEC_REPLAY_PROC_DELAY - IPSec packet is dropped due to replay IPSEC_ZERO_SEQ_NUM_RECVD - ESP packet is received with sequence number as zero IPSEC_ENQUEUE_FAIL - Packet processing failed during crypto operation IPSEC_AUTH_DGST_MISMATCH - Packet integrity check failed due to digest mismatch IPSEC_AUTH_DGST_SIZE_MISMATCH - Packet integrity check failed due to invalid digest length IPSEC_AUTH_UNSUPPORTED_ALGO - Packet integrity check failed due to unsupported hash algorithm IPSEC_CRYPTO_FAIL - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_INCOMPLETE - Packet processing failed during crypto operation IPSEC_CRYPTO_SESSION_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_ARGS_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_ERROR - Packet processing failed during crypto operation IPSEC_CRYPTO_NO_BUF_SPACE - Packet processing failed during crypto operation IPSEC_CRYPTO_UNSUPPORTED_CIPHER - Packet processing failed during crypto operation IPSEC_MALFORMED - Received ESP packet is malformed IPSEC_MALFORMED_INV_PADDING - Received ESP packet is malformed IPSEC_PADDING_REMOVAL_FAILED - Received ESP packet is malformed IPSEC_INNER_MALFORMED - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_IP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_UDP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_TCP - IP packet after ESP decryption is malformed IPSEC_UNKNOWN - IPSec VPN failure reason is unknown",
"enum": [
"IPSEC_SA_NOT_FOUND",
"IPSEC_UDP_ENC_STATE_MISMATCH",
"IPSEC_SEQ_ROLLOVER",
"IPSEC_FRAG_NEEDED",
"IPSEC_TUN_IFACE_DOWN",
"IPSEC_POLICY_NOMATCH",
"IPSEC_POLICY_BLOCK",
"IPSEC_POLICY_ERROR",
"IPSEC_REPLAY_SEQ_NUM_REPEAT",
"IPSEC_REPLAY_RECV_DELAY",
"IPSEC_REPLAY_PROC_DELAY",
"IPSEC_ZERO_SEQ_NUM_RECVD",
"IPSEC_ENQUEUE_FAIL",
"IPSEC_AUTH_DGST_MISMATCH",
"IPSEC_AUTH_DGST_SIZE_MISMATCH",
"IPSEC_AUTH_UNSUPPORTED_ALGO",
"IPSEC_CRYPTO_FAIL",
"IPSEC_CRYPTO_PROC_INCOMPLETE",
"IPSEC_CRYPTO_SESSION_INV",
"IPSEC_CRYPTO_ARGS_INV",
"IPSEC_CRYPTO_PROC_ERROR",
"IPSEC_CRYPTO_NO_BUF_SPACE",
"IPSEC_CRYPTO_UNSUPPORTED_CIPHER",
"IPSEC_MALFORMED",
"IPSEC_MALFORMED_INV_PADDING",
"IPSEC_PADDING_REMOVAL_FAILED",
"IPSEC_INNER_MALFORMED",
"IPSEC_INNER_MALFORMED_IP",
"IPSEC_INNER_MALFORMED_UDP",
"IPSEC_INNER_MALFORMED_TCP",
"IPSEC_UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of IPSec VPN traceflow packet",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall NO_MAC - Drop by vswitch as no destination MAC hit MAC Table. FILTERED_UPLINK - Filtering applied at the corresponding UPLINK having no aggregation.",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN",
"FILTERED_UPLINK"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationDroppedLogical (type)
{
"extends": {
"$ref": "TraceflowObservationDropped
},
"id": "TraceflowObservationDroppedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDroppedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that dropped the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"ipsec_fail_reason": {
"description": "This field specifies the IPSec VPN fails reason IPSEC_SA_NOT_FOUND - IPSec SA required for processing the packet does not exist IPSEC_UDP_ENC_STATE_MISMATCH - ESP packet is UDP encapsulated but IPsec SA does not expect UDP encapsulation IPSEC_SEQ_ROLLOVER - IPSec SA sequence number has exceeded the maximum value IPSEC_FRAG_NEEDED - Received packet has DF bit set in IP header but requires fragmentation due to ESP encapsulation IPSEC_TUN_IFACE_DOWN - IPSec tunnel interface is down IPSEC_POLICY_NOMATCH - Received packet does not match IPSec policy IPSEC_POLICY_BLOCK - IPSec packet processing failed IPSEC_POLICY_ERROR - IPSec packet processing failed IPSEC_REPLAY_SEQ_NUM_REPEAT - IPSec packet is dropped due to replay IPSEC_REPLAY_RECV_DELAY - IPSec packet is dropped due to replay IPSEC_REPLAY_PROC_DELAY - IPSec packet is dropped due to replay IPSEC_ZERO_SEQ_NUM_RECVD - ESP packet is received with sequence number as zero IPSEC_ENQUEUE_FAIL - Packet processing failed during crypto operation IPSEC_AUTH_DGST_MISMATCH - Packet integrity check failed due to digest mismatch IPSEC_AUTH_DGST_SIZE_MISMATCH - Packet integrity check failed due to invalid digest length IPSEC_AUTH_UNSUPPORTED_ALGO - Packet integrity check failed due to unsupported hash algorithm IPSEC_CRYPTO_FAIL - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_INCOMPLETE - Packet processing failed during crypto operation IPSEC_CRYPTO_SESSION_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_ARGS_INV - Packet processing failed during crypto operation IPSEC_CRYPTO_PROC_ERROR - Packet processing failed during crypto operation IPSEC_CRYPTO_NO_BUF_SPACE - Packet processing failed during crypto operation IPSEC_CRYPTO_UNSUPPORTED_CIPHER - Packet processing failed during crypto operation IPSEC_MALFORMED - Received ESP packet is malformed IPSEC_MALFORMED_INV_PADDING - Received ESP packet is malformed IPSEC_PADDING_REMOVAL_FAILED - Received ESP packet is malformed IPSEC_INNER_MALFORMED - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_IP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_UDP - IP packet after ESP decryption is malformed IPSEC_INNER_MALFORMED_TCP - IP packet after ESP decryption is malformed IPSEC_UNKNOWN - IPSec VPN failure reason is unknown",
"enum": [
"IPSEC_SA_NOT_FOUND",
"IPSEC_UDP_ENC_STATE_MISMATCH",
"IPSEC_SEQ_ROLLOVER",
"IPSEC_FRAG_NEEDED",
"IPSEC_TUN_IFACE_DOWN",
"IPSEC_POLICY_NOMATCH",
"IPSEC_POLICY_BLOCK",
"IPSEC_POLICY_ERROR",
"IPSEC_REPLAY_SEQ_NUM_REPEAT",
"IPSEC_REPLAY_RECV_DELAY",
"IPSEC_REPLAY_PROC_DELAY",
"IPSEC_ZERO_SEQ_NUM_RECVD",
"IPSEC_ENQUEUE_FAIL",
"IPSEC_AUTH_DGST_MISMATCH",
"IPSEC_AUTH_DGST_SIZE_MISMATCH",
"IPSEC_AUTH_UNSUPPORTED_ALGO",
"IPSEC_CRYPTO_FAIL",
"IPSEC_CRYPTO_PROC_INCOMPLETE",
"IPSEC_CRYPTO_SESSION_INV",
"IPSEC_CRYPTO_ARGS_INV",
"IPSEC_CRYPTO_PROC_ERROR",
"IPSEC_CRYPTO_NO_BUF_SPACE",
"IPSEC_CRYPTO_UNSUPPORTED_CIPHER",
"IPSEC_MALFORMED",
"IPSEC_MALFORMED_INV_PADDING",
"IPSEC_PADDING_REMOVAL_FAILED",
"IPSEC_INNER_MALFORMED",
"IPSEC_INNER_MALFORMED_IP",
"IPSEC_INNER_MALFORMED_UDP",
"IPSEC_INNER_MALFORMED_TCP",
"IPSEC_UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of IPSec VPN traceflow packet",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall NO_MAC - Drop by vswitch as no destination MAC hit MAC Table. FILTERED_UPLINK - Filtering applied at the corresponding UPLINK having no aggregation.",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN",
"FILTERED_UPLINK"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_path_index": {
"description": "The index of service path that is a chain of services represents the point where the traceflow packet was dropped.",
"readonly": true,
"required": false,
"title": "The index of service path",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationForwarded (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationForwarded",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationForwarded"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"context": {
"required": false,
"title": "The 64bit tunnel context carried on the wire",
"type": "integer"
},
"dst_transport_node_id": {
"description": "This field will not be always available. Use remote_ip_address when this field is not set.",
"readonly": true,
"required": false,
"title": "The id of the transport node to which the traceflow packet is forwarded",
"type": "string"
},
"dst_transport_node_name": {
"readonly": true,
"required": false,
"title": "The name of the transport node to which the traceflow packet is forwarded",
"type": "string"
},
"local_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the source end of the tunnel"
},
"remote_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the destination end of the tunnel"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"required": false,
"title": "The name of the uplink the traceflow packet is forwarded on",
"type": "string"
},
"vtep_label": {
"required": false,
"title": "The virtual tunnel endpoint label",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationForwardedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationForwardedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationForwardedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to forward the traceflow packet",
"type": "integer"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that forwarded the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_component_id": {
"readonly": true,
"required": false,
"title": "The id of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_name": {
"readonly": true,
"required": false,
"title": "The name of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the destination component to which the traceflow packet was forwarded."
},
"ipsec_vpn": {
"$ref": "TraceflowObservationIpsecVpn,
"description": "This field is specified when the traceflow packet was forwarded through IPSec VPN.",
"readonly": true,
"required": false,
"title": "IPSec VPN on which the traceflow packet was forwarded"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to forward the traceflow packet",
"type": "integer"
},
"next_hop": {
"$ref": "IPAddress,
"description": "This field is specified when the traceflow packet was routed by logical router.",
"readonly": true,
"required": false,
"title": "Next hop IP address of matched routing entry"
},
"resend_type": {
"description": "ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type",
"enum": [
"UNKNOWN",
"ARP_UNKNOWN_FROM_CP",
"ND_NS_UNKNWON_FROM_CP"
],
"readonly": true,
"required": false,
"title": "The type of packet resending",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"route_prefix": {
"$ref": "IPCIDRBlock,
"description": "This field is specified when the traceflow packet was routed by logical router.",
"readonly": true,
"required": false,
"title": "Prefix of matched routing entry"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_index": {
"readonly": true,
"required": false,
"title": "The index of the service insertion component",
"type": "integer"
},
"service_path_index": {
"readonly": true,
"required": false,
"title": "The path index of the service insertion component",
"type": "integer"
},
"service_ttl": {
"readonly": true,
"required": false,
"title": "The ttl of the service insertion component",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"spoofguard_ip": {
"$ref": "IPCIDRBlock,
"description": "This field specified the prefix IP address a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "Prefix IP address matched in the whitelist in spoofguard"
},
"spoofguard_mac": {
"$ref": "MACAddress,
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address matched in the whitelist in spoofguard"
},
"spoofguard_vlan_id": {
"$ref": "VlanID,
"description": "This field specified the VLAN id a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "VLAN id matched in the whitelist in spoofguard"
},
"svc_nh_mac": {
"description": "MAC address of nexthop for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of nexthop",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"translated_dst_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated destination IP address of VNP/NAT"
},
"translated_src_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated source IP address of VPN/NAT"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was forwarded by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was forwarded"
},
"vni": {
"description": "This field is specified when the traceflow packet was forwarded by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was forwarded.",
"type": "int"
}
},
"type": "object"
}
TraceflowObservationIpsecVpn (type)
{
"additionalProperties": false,
"description": "IPSec VPN traceflow observation.",
"id": "TraceflowObservationIpsecVpn",
"module_id": "Traceflow",
"properties": {
"inner_dst_ip": {
"$ref": "IPAddress,
"description": "Inner destination IP Address.",
"readonly": true,
"required": false,
"title": "Inner destination IP"
},
"inner_src_ip": {
"$ref": "IPAddress,
"description": "Inner source IP Address.",
"readonly": true,
"required": false,
"title": "Inner source IP"
},
"local_ip": {
"$ref": "IPAddress,
"description": "Local VPN endpoint IP Address.",
"readonly": true,
"required": false,
"title": "Local VPN endpoint IP"
},
"policy_id": {
"description": "IPSec tunnel interface universally unique identifier in case of Policy-based IPSec VPN.",
"readonly": true,
"required": false,
"title": "IPSec tunnel interface UUID in case of Policy-based IPSec VPN",
"type": "string"
},
"remote_ip": {
"$ref": "IPAddress,
"description": "Peer VPN endpoint IP Address.",
"readonly": true,
"required": false,
"title": "Peer VPN endpoint IP"
},
"session_id": {
"description": "IPSec VPN session universally unique identifier.",
"readonly": true,
"required": false,
"title": "VPN session UUID",
"type": "string"
},
"spi": {
"description": "Security Parameter Index is used to uniquely identify a particular IPSec Security Association.",
"maximum": 4294967295,
"minimum": 1,
"readonly": true,
"required": false,
"title": "Security Parameter Index",
"type": "integer"
},
"vti_id": {
"description": "Virtual tunnel interface universally unique identifier in case of Route-based IPSec VPN.",
"readonly": true,
"required": false,
"title": "Virtual tunnel interface UUID in case of Route-based IPSec VPN",
"type": "string"
}
},
"title": "IPSec VPN traceflow observation",
"type": "object"
}
TraceflowObservationListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "TraceflowObservationListParameters",
"module_id": "Traceflow",
"properties": {
"component_name": {
"description": "Observations of all component names will be listed if not given.",
"required": false,
"title": "Observations having the given component name will be listed.",
"type": "string"
},
"component_type": {
"$ref": "TraceflowComponentType,
"description": "Observations of all component types will be listed if not given.",
"required": false,
"title": "Observations having the given component type will be listed."
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"description": "Prefix matching; e.g. TraceflowObservationReceived will also matches TraceflowObservationReceivedLogical. Observations of all types will be listed if not given.",
"required": false,
"title": "The type of observations that will be listed."
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_name": {
"description": "Observations of all transport node names will be listed if not given.",
"required": false,
"title": "Observations having the given transport node name will be listed.",
"type": "string"
}
},
"title": "Traceflow Observation list parameters",
"type": "object"
}
TraceflowObservationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TraceflowObservationListResult",
"module_id": "Traceflow",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TraceflowObservation
},
"required": false,
"title": "TraceflowObservation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TraceflowObservationProtected (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationProtected",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationProtected"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"original_type": {
"$ref": "TraceflowObservationType,
"description": "Holding the type of observation before converted to protected type.",
"required": true,
"title": "Type of observation before converted to protected."
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationReceived (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReceived",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReceived"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"local_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the destination end of the tunnel"
},
"remote_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the source end of the tunnel"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"required": false,
"title": "The name of the uplink the traceflow packet is received on",
"type": "string"
},
"vtep_label": {
"required": false,
"title": "The virtual tunnel endpoint label",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationReceivedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReceivedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReceivedLogical"
},
"properties": {
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that received the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"ipsec_vpn": {
"$ref": "TraceflowObservationIpsecVpn,
"description": "This field is specified when the traceflow packet was received on IPSec VPN.",
"readonly": true,
"required": false,
"title": "IPSec VPN on which the traceflow packet was received."
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was received",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was received",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"src_component_id": {
"readonly": true,
"required": false,
"title": "The id of the source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_name": {
"readonly": true,
"required": false,
"title": "The name of source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the source component from which the traceflow packet was received."
},
"svc_mac": {
"description": "MAC address of SAN volume controller for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of SAN volume controller",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was received by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was received."
},
"vni": {
"description": "This field is specified when the traceflow packet was received by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was received.",
"type": "int"
}
},
"type": "object"
}
TraceflowObservationRelayedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationRelayedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationRelayedLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the destination which the packet will be relayed.",
"readonly": true,
"required": true,
"title": "The IP address of the destination"
},
"logical_comp_uuid": {
"description": "This field specified the logical component that relay service located.",
"readonly": true,
"required": false,
"title": "The id of the component which relay service located",
"type": "string"
},
"message_type": {
"default": "REQUEST",
"description": "This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client",
"enum": [
"REQUEST",
"REPLY"
],
"readonly": true,
"required": true,
"title": "The type of the relay service",
"type": "string"
},
"relay_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the relay service.",
"readonly": true,
"required": true,
"title": "The IP address of relay service"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationReplicationLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReplicationLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReplicationLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"local_ip_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "Local IP address of the component that replicates the packet."
},
"replication_type": {
"description": "This field specifies the type of replication message TX_VTEP - Transmit replication to all VTEPs TX_MTEP - Transmit replication to all MTEPs RX - Receive replication",
"enum": [
"TX_VTEP",
"TX_MTEP",
"RX"
],
"readonly": true,
"required": false,
"title": "The replication type of the message",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"readonly": true,
"required": false,
"title": "The name of uplink",
"type": "string"
},
"vtep_label": {
"readonly": true,
"required": false,
"title": "The label of VTEP",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationType (type)
{
"enum": [
"TraceflowObservationForwarded",
"TraceflowObservationDropped",
"TraceflowObservationDelivered",
"TraceflowObservationReceived",
"TraceflowObservationForwardedLogical",
"TraceflowObservationDroppedLogical",
"TraceflowObservationReceivedLogical",
"TraceflowObservationReplicationLogical",
"TraceflowObservationRelayedLogical",
"TraceflowObservationProtected"
],
"id": "TraceflowObservationType",
"module_id": "Traceflow",
"type": "string"
}
TraceflowRequest (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "TraceflowRequest",
"module_id": "Traceflow",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lport_id": {
"required": true,
"title": "id of the source logical port to inject the traceflow packet into",
"type": "string"
},
"packet": {
"$ref": "PacketData,
"required": true,
"title": "Packet configuration"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10000,
"description": "Maximum time (in ms) the management plane will wait for observation result list to be sent by controller plane. Upper limit for federation case is 90000, for non-federation case is 15000, the maximum is set to 90000 as the higher of the two cases.",
"maximum": 90000,
"minimum": 5000,
"required": false,
"title": "Timeout (in ms) for traceflow observations result list",
"type": "integer"
}
},
"type": "object"
}
TraceflowRequestParameter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyRequestParameter
},
"id": "TraceflowRequestParameter",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowRequestParameter"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on which traceflow session was created.",
"required": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Traceflow request parameter, used in hierarchical API.",
"type": "object"
}
TraceflowStatusRequest (type)
{
"additionalProperties": false,
"id": "TraceflowStatusRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on which traceflow session was created.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Traceflow request status",
"type": "object"
}
TrafficRateLimits (type)
{
"description": "Activates traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to deactivate rate limiting for a specific traffic type",
"id": "TrafficRateLimits",
"module_id": "PolicySegmentSecurity",
"properties": {
"rx_broadcast": {
"default": 0,
"description": "Incoming broadcast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Broadcast receive limit",
"type": "int"
},
"rx_multicast": {
"default": 0,
"description": "Incoming multicast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Multicast receive limit",
"type": "int"
},
"tx_broadcast": {
"default": 0,
"description": "Outgoing broadcast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Broadcast transmit limit",
"type": "int"
},
"tx_multicast": {
"default": 0,
"description": "Outgoing multicast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Multicast transmit limit",
"type": "int"
}
},
"title": "Rate limiting configuration",
"type": "object"
}
TransportInfo (type)
{
"id": "TransportInfo",
"module_id": "LiveTrace",
"properties": {
"dst_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port",
"type": "integer"
},
"protocol": {
"enum": [
"TCP",
"UDP",
"ICMPv4",
"ICMPv6",
"ESP"
],
"required": false,
"title": "Protocol type over IP layer",
"type": "string"
},
"spi": {
"description": "Security Parameter Index is to uniquely identify a particular IPSec Security Association",
"maximum": 4294967295,
"minimum": 1,
"required": false,
"title": "Security Parameter Index",
"type": "integer"
},
"src_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port",
"type": "integer"
}
},
"type": "object"
}
TransportNode (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "TransportNode",
"module_id": "TransportNode",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_domain_id": {
"description": "Set failure domain of edge transport node which will help in auto placement of TIER1 logical routers, DHCP Servers and MDProxies, if failure domain based allocation is enabled in edge cluster API. It is only supported for edge transport node and not for host transport node. In case failure domain is not set by user explicitly, it will be always assigned with default system created failure domain.",
"required": false,
"title": "Id of the failure domain",
"type": "string"
},
"host_switch_spec": {
"$ref": "HostSwitchSpec,
"description": "This property is used to either create standard host switches or to inform NSX about preconfigured host switches that already exist on the transport node. Pass an array of either StandardHostSwitchSpec objects or PreconfiguredHostSwitchSpec objects. It is an error to pass an array containing different types of HostSwitchSpec objects.",
"required": false,
"title": "Transport node host switch specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_overridden": {
"description": "This flag is relevant to only those hosts which are part of a compute collection which has transport node profile (TNP) applied on it. If you change the transport node configuration and it is different than cluster level TNP then this flag will be set to true",
"readonly": true,
"required": false,
"title": "Indicates if config is different than compute collection.",
"type": "boolean"
},
"maintenance_mode": {
"description": "The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call.",
"enum": [
"ENABLED",
"FORCE_ENABLED",
"DISABLED"
],
"readonly": true,
"title": "transport node maintenance mode desired state",
"type": "string"
},
"node_deployment_info": {
"$ref": "Node,
"required": false
},
"node_id": {
"deprecated": true,
"readonly": true,
"required": false,
"title": "Unique Id of the fabric node",
"type": "string"
},
"remote_tunnel_endpoint": {
"$ref": "TransportNodeRemoteTunnelEndpointConfig,
"description": "This should be configured only on a single host switch. It is only supported for edge transport nodes and not for host transport nodes. This configuration will be used by overlay traffic that is meant to be sent between NSX intersite domains.",
"required": false,
"title": "Configuration for a remote tunnel endpoint"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Transport Node",
"type": "object"
}
TransportNodeCollection (type)
{
"description": "Entity to indicate relation between Compute collection and Transport node profile",
"extends": {
"$ref": "ManagedResource
},
"id": "TransportNodeCollection",
"module_id": "TransportNodeCollection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"compute_collection_id": {
"required": true,
"title": "Compute collection id",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_nvds": {
"deprecated": true,
"required": false,
"title": "Flag indicating if applied profile has NVDS",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"install_mode": {
"enum": [
"MICROSEG",
"NORMAL"
],
"readonly": true,
"required": false,
"title": "Flag indicating security status of Transport Node Collection",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_node_profile_id": {
"required": true,
"title": "Transport Node Profile ID",
"type": "string"
}
},
"title": "Compute collection transport node profile",
"type": "object"
}
TransportNodeCollectionListRequestParameters (type)
{
"id": "TransportNodeCollectionListRequestParameters",
"module_id": "TransportNodeCollection",
"properties": {
"cluster_moid": {
"description": "Managed object ID of cluster in VC. vc_instance_uuid has to be provided along with this parameter otherwise it will return empty list.",
"required": false,
"title": "Managed object ID of cluster in VC",
"type": "string"
},
"compute_collection_id": {
"description": "Compute collection id against which the serach will be done. If this parameter is provided then other parameters will be ignored.",
"required": false,
"title": "Compute collection id",
"type": "string"
},
"vc_instance_uuid": {
"description": "This is UUID of VC deployment as seen in managed objects of VC as \"instanceUuid\". cluster_moid has to be provided along with this parameter otherwise it will return empty list.",
"required": false,
"title": "UUID for VC deployment",
"type": "string"
}
},
"title": "Filter criteria for listing transport node collections.",
"type": "object"
}
TransportNodeCollectionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeCollectionListResult",
"module_id": "TransportNodeCollection",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeCollection
},
"readonly": true,
"title": "Transport Node collection results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport Node collections list result",
"type": "object"
}
TransportNodeCollectionRequestParameters (type)
{
"extends": {
"$ref": "ManagedObjectOwnershipRequestParameters
},
"id": "TransportNodeCollectionRequestParameters",
"module_id": "TransportNodeCollection",
"properties": {
"apply_profile": {
"additionalProperties": false,
"default": true,
"description": "This flag should be used when the configuration specified by the transport_node_profile_id should not be applied to existing hosts referred to by the compute_collection_id during transport node collection creation. If this flag is set to false, the TNP configuration will not be applied to any of the hosts in the cluster during creation. Any transport node that exists in the cluster that has a different configuration than the TNP configuration will have the is_overridden flag set to true. This will result in the transport node collection creation completing with a status of PROFILE_MISMATCH. If this flag is set to true, the default value, the TNP configuration will be applied to all hosts in the cluster during transport node collection creation.",
"required": false,
"title": "Indicates if the Transport Node Profile (TNP) configuration should be applied during creation",
"type": "boolean"
},
"override_nsx_ownership": {
"default": false,
"description": "Flag indicating whether the NSX ownership constraints (on Managed Objects like Host/Cluster/DVS) should be overridden/bypassed. Note: Overriding/bypassing NSX ownership constraints is not recommended at all. This indicates, you want to use/configure/own certain Managed Objects (like Cluster, Host or DVS) which seem to be already in use/configured/owned by some other NSX instance. This option should be used with caution. It should only be used to come out of situations where: a. The other NSX instance no longer intends to use the Managed Objects (and has already unconfigured NSX configurations) but the ownership still lies with it (incorrectly) and you want those Managed Objects to be used/configured/owned by this NSX instance. b. The other NSX instance has crashed or decommisioned but the ownership still lies with it and you want those Managed Objects to be used/configured/owned by this NSX instance. Enabling this option, while the Managed Objects affected by this operation are actively used by other NSX, can lead to problematic states on both the NSX instances. For example, if a TN is forcefully reconfigured by this NSX instance (using override_nsx_ownership=true), while it was already configured and in use by the other NSX instance, it could corrupt the HostSwitch configurations pushed down by the other NSX instance.",
"required": false,
"title": "Override NSX Ownership",
"type": "boolean"
}
},
"title": "Parameters that dictate how operations are processed",
"type": "object"
}
TransportNodeCollectionState (type)
{
"additionalProperties": false,
"description": "Realization state of attaching or detaching Transport node profile on compute collection.",
"id": "TransportNodeCollectionState",
"module_id": "TransportNodeCollection",
"properties": {
"aggregate_progress_percentage": {
"description": "Average of all transport node deployment progress in a cluster. Applicable only if transport node profile is applied on a cluster.",
"readonly": true,
"required": false,
"title": "Aggregate percentage of compute collection deployment",
"type": "integer"
},
"cluster_level_error": {
"description": "Errors while applying transport node profile which need cluster level action to resolve",
"title": "Errors which needs cluster level to resolution",
"type": "string"
},
"state": {
"description": "If the host preparation or transport node creation is going on for any host then state will be \"IN_PROGRESS\". If setting desired state of the transport node failed for any of the host then state will be \"FAILED_TO_CREATE\" If realization of transport node failed for any of the host then state will be \"FAILED_TO_REALIZE\" If Transport node is successfully created for all of the hosts in compute collection then state will be \"SUCCESS\" You can override the configuration for one or more hosts in the compute collection by update TN(transport node) request on individual TN. If TN is successfully created for all hosts in compute collection and one or more hosts have overridden configuration then transport node collection state will be \"PROFILE_MISMATCH\". The installations triggered via VC import to VCF and Quick Start will support the following additional states: TZ_CREATE - When the install activity is reading VDS inventory from vCenter and creating corresponding VLAN transport zone objects TNP_CREATE - When the install activity is creating transport-node-profile based on the VDS to ESX host membership for a given cluster SEG_SYNC - This indicates that NSX is reading all DVPortgroup inventory associated with the vCenter cluster and creating the corresponding discovered segments. This state depends on the transport node states. If any update is done (e.g. update transport node profile attached to a cluster, update another transport node profile on a cluster), then transport node collection state might still show same state as before(e.g. SUCCESS if all transport nodes are in SUCCESS state before) until the transport node realization gets started.",
"enum": [
"FAILED_TO_CREATE",
"FAILED_TO_REALIZE",
"IN_PROGRESS",
"PROFILE_MISMATCH",
"SUCCESS",
"TZ_CREATE",
"TNP_CREATE",
"SEG_SYNC"
],
"readonly": true,
"title": "Application state of transport node profile on compute collection",
"type": "string"
},
"state_detail": {
"description": "Detailed information about the current state of the installation",
"title": "Installation state detail",
"type": "string"
},
"validation_errors": {
"description": "Transport node profile(TNP) will not be applied to a discovered node(DN) if some validations are not passed. In this case transport node is not created or existing transport node is not updated with TNP configurations.",
"items": {
"$ref": "ValidationError
},
"title": "Errors while applying transport node profile on discovered node",
"type": "array"
},
"vlcm_transition_error": {
"description": "When vLCM is enabled on a compute collection in vSphere the transition workflow is triggered. This field indicates error in this special case.",
"readonly": true,
"required": false,
"title": "Errors while enabling vLCM on the compute collection",
"type": "string"
}
},
"title": "Transport node profile application state",
"type": "object"
}
TransportNodeCollectionUpdateRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedObjectOwnershipRequestParameters
},
"id": "TransportNodeCollectionUpdateRequestParameters",
"module_id": "TransportNodeCollection",
"properties": {
"override_nsx_ownership": {
"default": false,
"description": "Flag indicating whether the NSX ownership constraints (on Managed Objects like Host/Cluster/DVS) should be overridden/bypassed. Note: Overriding/bypassing NSX ownership constraints is not recommended at all. This indicates, you want to use/configure/own certain Managed Objects (like Cluster, Host or DVS) which seem to be already in use/configured/owned by some other NSX instance. This option should be used with caution. It should only be used to come out of situations where: a. The other NSX instance no longer intends to use the Managed Objects (and has already unconfigured NSX configurations) but the ownership still lies with it (incorrectly) and you want those Managed Objects to be used/configured/owned by this NSX instance. b. The other NSX instance has crashed or decommisioned but the ownership still lies with it and you want those Managed Objects to be used/configured/owned by this NSX instance. Enabling this option, while the Managed Objects affected by this operation are actively used by other NSX, can lead to problematic states on both the NSX instances. For example, if a TN is forcefully reconfigured by this NSX instance (using override_nsx_ownership=true), while it was already configured and in use by the other NSX instance, it could corrupt the HostSwitch configurations pushed down by the other NSX instance.",
"required": false,
"title": "Override NSX Ownership",
"type": "boolean"
}
},
"title": "Parameters for TransportNodeCollection update",
"type": "object"
}
TransportNodeDatapathStats (type)
{
"description": "Datapath statistics in a transport node.",
"id": "TransportNodeDatapathStats",
"module_id": "LiveTrace",
"properties": {
"datapath_counter_results": {
"description": "The datapath counter results in a transport node.",
"items": {
"$ref": "DatapathCounterResult
},
"readonly": true,
"required": false,
"title": "Datapath counter results in a transport node",
"type": "array"
},
"transport_node_id": {
"descirption": "The ID of transport node where the datapath statistics action is performed.\n",
"readonly": true,
"required": true,
"title": "Transport node ID",
"type": "string"
},
"transport_node_name": {
"descirption": "The name of transport node where the datapath statistics action is performed.\n",
"readonly": true,
"required": false,
"title": "Transport node name",
"type": "string"
}
},
"title": "Datapath statistics in a transport node",
"type": "object"
}
TransportNodeDeleteParameters (type) (Deprecated)
{
"additionalProperties": {},
"deprecated": true,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "TransportNodeDeleteParameters",
"module_id": "TransportNodeLcm",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
},
"unprepare_host": {
"default": true,
"required": false,
"title": "Uninstall NSX components from host while deleting",
"type": "boolean"
}
},
"title": "Parameters that affect how delete operations are processed",
"type": "object"
}
TransportNodeDeploymentProgressState (type) (Deprecated)
{
"deprecated": true,
"description": "Deployment progress state of transport node. Object has current deployment step title and progress in percentage.",
"id": "TransportNodeDeploymentProgressState",
"module_id": "TransportNode",
"properties": {
"current_step_title": {
"readonly": true,
"required": false,
"title": "Deployment step title",
"type": "string"
},
"progress": {
"readonly": true,
"required": false,
"title": "Percentage of deployment completed",
"type": "integer"
}
},
"title": "Deployment progress of transport node",
"type": "object"
}
TransportNodeFilter (type)
{
"additionalProperties": false,
"description": "Transport node filter",
"id": "TransportNodeFilter",
"module_id": "Heatmap",
"properties": {
"node_type": {
"description": "Transport node type",
"enum": [
"HOST",
"EDGE"
],
"title": "Transport node type",
"type": "string"
}
},
"title": "Transport node filter",
"type": "object"
}
TransportNodeIdParameters (type)
{
"extends": {
"$ref": "DataSourceParameters
},
"id": "TransportNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
TransportNodeListParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "TransportNodeListParameters",
"module_id": "TransportNode",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"in_maintenance_mode": {
"description": "If the flag is true, transport node with 'ENABLED' or 'FORCE_ENABLED' desired state will be returned, otherwise transport nodes in 'DISABLED' will be returned.",
"required": false,
"title": "maintenance mode flag",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"node_id": {
"description": "This property can be used by itself or along with 'transport_zone_id'.",
"required": false,
"title": "node identifier",
"type": "string"
},
"node_ip": {
"description": "This property can only be used alone. It can not be combined with other filtering properties. If the ESX host has both IPv4 and IPv6 addresses, and the NSX Manager has both IPv4 and IPv6 addresses, then this filter will work only on the IPv6 address of the ESX host. In all other cases, this filter will work only on the IPv4 address of ESX host.",
"required": false,
"title": "Fabric node IP address",
"type": "string"
},
"node_types": {
"description": "The fabric node type is the resource_type of the Node such as HostNode, EdgeNode and PublicCloudGatewayNode. If a list of fabric node types are given, all transport nodes of all given types will be returned. Sorting the TransportNode list is supported only if this attribute is provided.",
"required": false,
"title": "a list of fabric node types separated by comma or a single type",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"transport_zone_id": {
"description": "This propery can be used along with 'node_id'.",
"required": false,
"title": "Transport zone identifier",
"type": "string"
}
},
"title": "Transport Node list parameters",
"type": "object"
}
TransportNodeListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeListResult",
"module_id": "TransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNode
},
"readonly": true,
"required": false,
"title": "TransportNode Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport Node queries result",
"type": "object"
}
TransportNodeMemberInfo (type) (Deprecated)
{
"deprecated": true,
"id": "TransportNodeMemberInfo",
"module_id": "TransportZone",
"nsx_feature": "NsxtOnVds",
"properties": {
"compute_collection_id": {
"readonly": true,
"title": "Id of the compute collection to which this transport node belongs. Empty if this is standalone transport node or non ESX type node.",
"type": "string"
},
"host_switches": {
"items": {
"$ref": "HostSwitchInfo
},
"maxItem": 1,
"readonly": true,
"title": "List of host switches using the transport zone",
"type": "array"
},
"transport_node_display_name": {
"readonly": true,
"title": "Display name of the transport node which has one or more host switches which belong to associated transport zone.",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "Id of the transport node which has one or more host switches which belong to associated transport zone.",
"type": "string"
}
},
"title": "Information about participating transport nodes",
"type": "object"
}
TransportNodePlacementConfig (type)
{
"id": "TransportNodePlacementConfig",
"module_id": "TransportNodeLcm",
"properties": {
"node_settings": {
"$ref": "EdgeNodeSettings,
"description": "Reports the current configuration of host name, SSH and servers configured for DNS, syslog, NTP.",
"required": false,
"title": "Current configuration on edge node."
},
"node_user_settings": {
"$ref": "NodeUserSettings,
"description": "Username and password settings for the node. Note - these settings will be honored only during node deployment. Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect.",
"required": true,
"title": "Node user settings"
},
"vm_deployment_config": {
"$ref": "DeploymentConfig,
"required": true
},
"vm_id": {
"description": "The edge node vm which is a transport node.",
"required": true,
"title": "VM identifier for specified vcenter server in vm_deployment_config.",
"type": "string"
}
},
"title": "Transport Node placement Config",
"type": "object"
}
TransportNodeProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "TransportNodeProfile",
"module_id": "TransportNodeProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_switch_spec": {
"$ref": "HostSwitchSpec,
"description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications. Only standard host switches are supported in the transport node profile.",
"required": false,
"title": "Transport node host switch specification"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_overridden_hosts": {
"default": false,
"description": "Transport Node Profiles specify the configuration that is applied to all hosts in a cluster. The user has the ability to update the configuration on individual hosts within a cluster which will cause the host configuration to differ from the Transport Node Profile and results in the host to be marked as overridden. If a Transport Node Profile is edited or a new Transport Node Profile is applied on a Transport Node Collection, by default, the host configuration will be overwritten with the Transport Node Profile configuration and the overridden flag will be reset to false. This flag should be used when hosts that are set as overridden should not adopt the Transport Node Profile configuration when it is being updated or a new one is applied to the Transport Node Collection. In other words, when this flag is set to the default value of false and configuration is applied at the cluster level, the configuration will be applied on all hosts regardless if overridden or not. When this flag is set to true, all hosts that are set as overridden, i.e., have been updated invidivually, will be ignored and the cluster-level configuration will not be applied. Note, Transport Node Profiles can be applied on multiple clusters. This field will dictate the behavior followed by all clusters using this Transport Node Profile.",
"required": false,
"title": "Determines if cluster-level configuration should be applied on overridden hosts",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Transport Node Profile",
"type": "object"
}
TransportNodeProfileListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeProfileListResult",
"module_id": "TransportNodeProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeProfile
},
"readonly": true,
"required": false,
"title": "TransportNodeProfile Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport Node Profile queries result",
"type": "object"
}
TransportNodeProfileSubConfig (type)
{
"id": "TransportNodeProfileSubConfig",
"module_id": "TransportNode",
"nsx_feature": "HostSwitchSubset",
"properties": {
"host_switch_config_option": {
"$ref": "HostSwitchConfigOption,
"description": "This field is applicable only for a VDS based host switch and not for an NVDS based host switch. Using this field, one or more configurations from the host switch can be overridden. The remaining fields will be derived from the global host switch configuration.",
"readonly": false,
"required": true,
"title": "Subset of the host switch configuration"
},
"name": {
"description": "This field represents the name of the subset of the host switch configuration under a Transport Node Profile. This field is applicable only for a VDS based host switch and not for an NVDS based host switch. This name should be unique across a specific host switch.",
"readonly": false,
"required": true,
"title": "Name of the tranport node profile config option",
"type": "string"
}
},
"title": "Transport Node Profile sub-configuration option specification",
"type": "object"
}
TransportNodeRemoteTunnelEndpointConfig (type)
{
"id": "TransportNodeRemoteTunnelEndpointConfig",
"module_id": "TransportNode",
"properties": {
"host_switch_name": {
"description": "The host switch name should reference an existing host switch specified in the transport node configuration. The name will be used to identify the host switch responsible for processing remote tunnel endpoint traffic.",
"readonly": false,
"required": true,
"title": "The host switch name to be used for the remote tunnel endpoint",
"type": "string"
},
"ip_assignment_spec": {
"$ref": "IpAssignmentSpec,
"description": "IPs can come from either a static IP pool or an explicitly specified IP list. Therefore, specifying any other IP assignment type will result in error. In case a list of IPs is specified, the number of IPs provided should be sufficient as per the teaming policy associated with the host switch uplink profile used by the remote tunnel endpoint.",
"readonly": false,
"required": true,
"title": "Specification for IPs to be used with host switch remote tunnel endpoints"
},
"named_teaming_policy": {
"description": "Specifying this field will override the default teaming policy of the host switch and will be used by remote tunnel endpoint traffic.",
"readonly": false,
"required": false,
"title": "The named teaming policy to be used by the remote tunnel endpoint",
"type": "string"
},
"rtep_vlan": {
"$ref": "VlanID,
"description": "The transport VLAN id used for tagging intersite overlay traffic between remote tunnel endpoints.",
"readonly": false,
"required": true,
"title": "VLAN id for remote tunnel endpoint"
}
},
"title": "Remote tunnel endpoint configuration",
"type": "object"
}
TransportNodeReportParameters (type)
{
"extends": {
"$ref": "DataSourceParameters
},
"id": "TransportNodeReportParameters",
"module_id": "Heatmap",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"status": {
"enum": [
"UP",
"DOWN",
"DEGRADED"
],
"title": "Transport node",
"type": "string"
}
},
"type": "object"
}
TransportNodeSpanEnforcedStatus (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an Intent on a span of Transport Nodes.",
"extends": {
"$ref": "EnforcedStatusPerScopeNsxT
},
"id": "TransportNodeSpanEnforcedStatus",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeSpanEnforcedStatus"
},
"properties": {
"enforced_status_per_transport_node": {
"description": "List of Detailed Realized Status per Transport Node.",
"items": {
"$ref": "EnforcedStatusPerTransportNode
},
"readonly": true,
"title": "List of Enforced Realized Status per Transport Node",
"type": "array"
},
"resource_type": {
"description": "Enforced Realized Status Per Scope Resource Type.",
"enum": [
"TransportNodeSpanEnforcedStatus"
],
"readonly": true,
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Enforced Realized Status across Transport Nodes",
"type": "object"
}
TransportNodeState (type)
{
"extends": {
"$ref": "ConfigurationState
},
"id": "TransportNodeState",
"module_id": "TransportNode",
"properties": {
"deployment_progress_state": {
"$ref": "TransportNodeDeploymentProgressState,
"readonly": true,
"required": false,
"title": "Deployment progress state of transport node realization"
},
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"hardware_version": {
"readonly": true,
"required": false,
"title": "Hardware version of the edge fabric node virtual machine.",
"type": "string"
},
"host_switch_states": {
"items": {
"$ref": "HostSwitchState
},
"readonly": true,
"title": "States of HostSwitches on the host",
"type": "array"
},
"maintenance_mode_state": {
"$ref": "MaintenanceModeState,
"readonly": true,
"title": "the present realized maintenance mode state"
},
"node_deployment_state": {
"$ref": "ConfigurationState,
"readonly": true,
"title": "Deployment status of installation"
},
"pending_user_actions": {
"description": "These are actions which user needs to perform to complete the transport node realization. One action is PENDING_HOST_MAINTENANCE_MODE which informs user to move the host into maintenance mode from VC side to complete the transport node realization.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Pending actions from user side to complete the transport node configuration.",
"type": "array"
},
"remote_tunnel_endpoint_state": {
"$ref": "RemoteTunnelEndpointConfigState,
"readonly": true,
"required": false,
"title": "Remote tunnel endpoint configuration state"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS",
"ADVANCED_CONFIG_EDIT_FAILED",
"UPT_MODE_REALIZATION_POLL_TIMED_OUT",
"DATAPATH_CONFIGURATION_EDIT_FAILED",
"MAINTENANCE_MODE_ENABLED",
"ERROR_IN_ENABLE_MAINTENANCE_MODE",
"ERROR_IN_DISABLE_MAINTENANCE_MODE",
"CONFIGURE_UPT_ON_VM_FAILED",
"VM_VERSION_IS_UPT_INCOMPATIBLE",
"DELETE_FAILED_FOR_DIFFERENT_MOREF_ID",
"DELETE_FAILED_ON_VM_NOT_FOUND",
"DELETE_FAILED_FOR_NON_LCM_EDGE",
"ADVANCED_CONFIG_EDIT_PENDING",
"DUPLICATE_VLANS_SHARING_SAME_PNIC",
"MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"REDEPLOY_ACTIVITY_FAILED",
"REDEPLOY_ACTIVITY_IN_PROGRESS",
"REDEPLOY_ACTIVITY_SCHEDULED",
"REDEPLOY_ACTIVITY_SUCCESSFUL",
"REPLACE_ACTIVITY_FAILED",
"REPLACE_ACTIVITY_IN_PROGRESS",
"REPLACE_ACTIVITY_SCHEDULED",
"REPLACE_ACTIVITY_SUCCESSFUL",
"REPLACED_RPC_CLIENT_OF_TN",
"RETRYING_REPLACE",
"UNABLE_TO_DELETE_EDGE_NODE_VM_INTERNAL_ERROR",
"VM_REDEPLOY_FAILED",
"VM_RESOURCE_RESERVATION_EDIT_PENDING",
"REDEPLOYED_VM_REGISTRATION_PENDING"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"title": "Unique Id of the TransportNode",
"type": "string"
}
},
"title": "Transport Node State",
"type": "object"
}
TransportNodeStateListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeStateListResult",
"module_id": "TransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeState
},
"readonly": true,
"title": "Transport Node State Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport node state queries result",
"type": "object"
}
TransportNodeStateParameters (type)
{
"additionalProperties": false,
"id": "TransportNodeStateParameters",
"module_id": "TransportNode",
"properties": {
"mm_state": {
"$ref": "MaintenanceModeState,
"required": false,
"title": "Realized maintenance node state"
},
"status": {
"enum": [
"PENDING",
"IN_PROGRESS",
"SUCCESS",
"PARTIAL_SUCCESS",
"FAILED",
"ORPHANED"
],
"required": false,
"title": "Realized state of transport nodes",
"type": "string"
},
"vtep_ip": {
"required": false,
"title": "Virtual tunnel endpoint ip address of transport node",
"type": "string"
}
},
"type": "object"
}
TransportNodeStatus (type)
{
"additionalProperties": false,
"id": "TransportNodeStatus",
"module_id": "Heatmap",
"properties": {
"agent_status": {
"$ref": "AgentStatusCount,
"title": "NSX agents status"
},
"control_connection_status": {
"$ref": "StatusCount,
"title": "Control connection status"
},
"evpn_tunnel_status": {
"$ref": "TunnelStatusCount,
"title": "EVPN Tunnel Status"
},
"last_aggsvc_heartbeat": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last agg-service heartbeat, in epoch milliseconds."
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last status change, in epoch milliseconds."
},
"mgmt_connection_status": {
"enum": [
"UP",
"DOWN"
],
"title": "Management connection status",
"type": "string"
},
"node_display_name": {
"description": "Transport node display name",
"title": "Display name",
"type": "string"
},
"node_path": {
"title": "Transport node path",
"type": "string"
},
"node_status": {
"$ref": "NodeStatus,
"title": "Node status"
},
"node_uuid": {
"title": "Transport node uuid",
"type": "string"
},
"pnic_status": {
"$ref": "StatusCount,
"title": "pNIC status"
},
"status": {
"description": "Roll-up status of pNIC, management connection, control connection, tunnel status, agent status",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"title": "Roll-up status of connections",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
},
"threat_status": {
"$ref": "ThreatStatus,
"title": "Threat status"
},
"tunnel_status": {
"$ref": "TunnelStatusCount,
"title": "Tunnel Status"
},
"vm_uuid": {
"description": "Edge node virtual machine unique identifier. This is reported only for Edge Virtual Machine Type deployed on NSX configured host nodes.",
"title": "Edge VM UUID",
"type": "string"
}
},
"type": "object"
}
TransportNodeStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeStatusListResult",
"module_id": "Heatmap",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeStatus
},
"title": "List of transport node statuses",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TransportNodeStatusParametersWithDataSource (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "TransportNodeStatusParametersWithDataSource",
"module_id": "Heatmap",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_dfw_heap_stats": {
"default": false,
"description": "If true, DFW heap stats information will be returned in API",
"required": false,
"title": "Include DFW Heap stats information",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"status": {
"description": "Rolled-up status of pNIC, management connection, control connection, tunnel status and agent status. UP means all of these are up; DOWN represents the state when pNIC or agent status is down. DEGRADED status here represents the state for a node when its pNIC bond status is DEGRADED, or, its Control connection status is either DEGRADED or DOWN. UNKNOWN is the case when both control connection, tunnel and agent status are unknown. If none of these conditions are true, the node status is considered DOWN.",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"title": "Transport node",
"type": "string"
}
},
"type": "object"
}
TransportNodeStatusReport (type)
{
"additionalProperties": false,
"id": "TransportNodeStatusReport",
"module_id": "Heatmap",
"properties": {
"agent_status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "Agent status",
"type": "string"
},
"control_connection_status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "Ccp connection status",
"type": "string"
},
"down_agent_count": {
"title": "Agent down count",
"type": "int"
},
"down_tunnel_count": {
"title": "Tunnel down count",
"type": "int"
},
"mgmt_connection_status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "Management connection status",
"type": "string"
},
"node_uuid": {
"title": "Node uuid",
"type": "string"
},
"pnic_status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "Pnic status",
"type": "string"
},
"threat_status": {
"enum": [
"NORMAL",
"ABNORMAL"
],
"title": "Transport node threat status",
"type": "string"
},
"tunnel_status": {
"enum": [
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED"
],
"title": "Tunnel status",
"type": "string"
},
"up_agent_count": {
"title": "Agent up count",
"type": "int"
},
"up_tunnel_count": {
"title": "Tunnel up count",
"type": "int"
}
},
"title": "transport node status report item",
"type": "object"
}
TransportNodeStatusReportListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeStatusReportListResult",
"module_id": "Heatmap",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeStatusReport
},
"title": "List of transport node status report",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TransportNodeType (type)
{
"enum": [
"ESX",
"RHELKVM",
"UBUNTUKVM",
"CENTOSKVM",
"RHELCONTAINER",
"CENTOSCONTAINER",
"RHELSERVER",
"UBUNTUSERVER",
"CENTOSSERVER",
"SLESKVM",
"SLESSERVER",
"WINDOWSSERVER",
"RHELSMARTNIC",
"OELSERVER",
"UBUNTUSMARTNIC",
"EDGE",
"PUBLIC_CLOUD_GATEWAY_NODE",
"OTHERS",
"HYPERV"
],
"id": "TransportNodeType",
"module_id": "Traceflow",
"type": "string"
}
TransportNodeUpdateParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Transport node update parameters are mainly used for migrating ESX VMkernel (vmk) interfaces and VM NICs into or out-of logical switches. The 'esx_mgmt_if_migration_dest' and 'if_id' must be used as a pair to migrate vmk interfaces; they can not be used to migrate VM NICs. NSX manager will auto-create logical ports and vif ids for the vmk interfaces when they are used to migrate vmks into logical switches. The 'vnic' and 'vnic_migration_dest' must also be used as a pair; they can be used to migrate both vmk interfaces and VM NICs. When they are used to migrate interfaces into logical switches, logical ports and vif ids must be created in advance because 'vnic_migration_dest' must contain existing vif ids. These two paires can not be specified together.",
"extends": {
"$ref": "ManagedObjectOwnershipRequestParameters
},
"id": "TransportNodeUpdateParameters",
"module_id": "TransportNode",
"properties": {
"esx_mgmt_if_migration_dest": {
"description": "A comma separated list of network ids. When migrating vmks into logical switches, the ids are the logical switches's ids. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). This property can only used together with 'if_id'.",
"required": false,
"title": "The network ids to which the ESX vmk interfaces will be migrated",
"type": "string"
},
"if_id": {
"description": "A comma separated list of vmk interfaces (for example, vmk0,vmk1). This property can only used along with 'esx_mgmt_if_migration_dest'. If all vmk interfaces will be migrated into the same logical switch or DV portgroup, the 'esx_mgmt_if_migration_dest' can be just one logical switch id or DV portgroup name. Otherwise the number of vmks in this list must equal the number of ids in 'esx_mgmt_if_migration_dest' list, and the orders of the two lists are important because the vmks match the network ids one by one in the same order.",
"required": false,
"title": "The ESX vmk interfaces to migrate",
"type": "string"
},
"override_nsx_ownership": {
"default": false,
"description": "Flag indicating whether the NSX ownership constraints (on Managed Objects like Host/Cluster/DVS) should be overridden/bypassed. Note: Overriding/bypassing NSX ownership constraints is not recommended at all. This indicates, you want to use/configure/own certain Managed Objects (like Cluster, Host or DVS) which seem to be already in use/configured/owned by some other NSX instance. This option should be used with caution. It should only be used to come out of situations where: a. The other NSX instance no longer intends to use the Managed Objects (and has already unconfigured NSX configurations) but the ownership still lies with it (incorrectly) and you want those Managed Objects to be used/configured/owned by this NSX instance. b. The other NSX instance has crashed or decommisioned but the ownership still lies with it and you want those Managed Objects to be used/configured/owned by this NSX instance. Enabling this option, while the Managed Objects affected by this operation are actively used by other NSX, can lead to problematic states on both the NSX instances. For example, if a TN is forcefully reconfigured by this NSX instance (using override_nsx_ownership=true), while it was already configured and in use by the other NSX instance, it could corrupt the HostSwitch configurations pushed down by the other NSX instance.",
"required": false,
"title": "Override NSX Ownership",
"type": "boolean"
},
"ping_ip": {
"description": "A comma separated list of IP addresses that match the vmk interfaces given in property 'if_id\" or 'vnic' one-by-one in the same order. '0.0.0.0' is a special IP that indicates the pre-migration gateway of the vmk will be pinged post-migration. If a VMK does not need the ping ip or a VM NIC is given inside 'vnic', the ping ip must be skipped but the comma has to stay. For example, '0.0.0.0,,10.1.1.1' indicates the vmk or VM NIC at the 2nd position does not need ping post-migration. Right after all ESX vmk interfaces are migrated, ping packets will be sent through each vmk to its given ping_ip to check if the migraton will break the network connectivity or not. If any vmk_ping fails, the whole migration of all vmks will be rolled back and transport-node will be in failed state.",
"required": false,
"title": "IP Addresses to ping right after ESX vmk interfaces were migrated.",
"type": "string"
},
"skip_validation": {
"default": false,
"description": "If this property is set true, all front-end validation for vmk, vnic, and/or pnic migration will be skipped. This is useful when the remote host becomes unreachable as a result of a migration; in which case the front-end validation will always fail because data from the remote host is no longer available. Skipping the validation will allow user to undo the migration by updating the transport node first and then restoring the host network connectivity.",
"required": false,
"title": "Whether to skip front-end validation for vmk/vnic/pnic migration",
"type": "boolean"
},
"vnic": {
"description": "A comma separated list of vmk interfaces and/or one VM NIC. Only one VM NIC is allowed in the list; the format must be vmInstanceUuid:DeviceId like '50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. An example list is 'vmk0,vmk1,50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. The property can only be used along with 'vnic_migration_dest'.",
"required": false,
"title": "The ESX vmk interfaces and/or VM NIC to migrate",
"type": "string"
},
"vnic_migration_dest": {
"description": "A comma separated list of vif ids, or port group names. When migrating into logical switches, the ids are vif ids in the logical ports created in the logical switches. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). The property can only be used in combination with property 'vnic'. The number of vnic interfaces in 'vnic' must equal the number of vif ids or port-group names in this list. The items in the two lists match by the the order.",
"required": false,
"title": "The migration destinations of ESX vmk interfaces and/or VM NIC",
"type": "string"
}
},
"title": "Transport node update parameters",
"type": "object"
}
TransportNodeVtepAction (type)
{
"abstract": true,
"id": "TransportNodeVtepAction",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "action_type"
},
"properties": {
"action_type": {
"required": true,
"title": "Type of action",
"type": "string"
}
},
"title": "An object representing an action on one or more VTEPs",
"type": "object"
}
TransportNodeVtepActionReference (type)
{
"id": "TransportNodeVtepActionReference",
"module_id": "PolicyHostTransportNode",
"properties": {
"id": {
"required": true,
"title": "Action identifier",
"type": "string"
}
},
"title": "An object containing a reference to a submitted action",
"type": "object"
}
TransportNodeVtepActionStatus (type)
{
"abstract": true,
"id": "TransportNodeVtepActionStatus",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "status_type"
},
"properties": {
"id": {
"required": true,
"title": "Action identifier",
"type": "string"
},
"status": {
"enum": [
"PENDING",
"IN_PROGRESS",
"FAILED"
],
"required": true,
"title": "Action status",
"type": "string"
},
"status_message": {
"required": false,
"title": "Action status message",
"type": "string"
},
"status_type": {
"required": true,
"title": "Type of action status",
"type": "string"
}
},
"title": "An object representing the status of an action on one or more VTEPs",
"type": "object"
}
TransportNodeVtepActionsStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "TransportNodeVtepActionsStatusListResult",
"module_id": "PolicyHostTransportNode",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportNodeVtepActionStatus
},
"readonly": true,
"required": true,
"title": "Status of all VTEP actions for a given TransportNode",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "An object containing status of all VTEP actions for a given TransportNode",
"type": "object"
}
TransportNodeVtepAdminStateMgmtRequest (type)
{
"extends": {
"$ref": "TransportNodeVtepAction
},
"id": "TransportNodeVtepAdminStateMgmtRequest",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeVtepAdminStateMgmtRequest"
},
"properties": {
"action_type": {
"required": true,
"title": "Type of action",
"type": "string"
},
"admin_state_up": {
"required": true,
"title": "Admin State to be turned up or not",
"type": "boolean"
},
"device_name": {
"required": true,
"title": "VTEP device name",
"type": "string"
}
},
"title": "An object representing a request to manage the Admin State of a VTEP",
"type": "object"
}
TransportNodeVtepAdminStateMgmtStatus (type)
{
"extends": {
"$ref": "TransportNodeVtepActionStatus
},
"id": "TransportNodeVtepAdminStateMgmtStatus",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeVtepAdminStateMgmtStatus"
},
"properties": {
"admin_state_up": {
"required": true,
"title": "The request is to turn on Admin State or not",
"type": "boolean"
},
"device_name": {
"required": true,
"title": "VTEP device name",
"type": "string"
},
"id": {
"required": true,
"title": "Action identifier",
"type": "string"
},
"status": {
"enum": [
"PENDING",
"IN_PROGRESS",
"FAILED"
],
"required": true,
"title": "Action status",
"type": "string"
},
"status_message": {
"required": false,
"title": "Action status message",
"type": "string"
},
"status_type": {
"required": true,
"title": "Type of action status",
"type": "string"
}
},
"title": "An object representing the status of a VTEP Admin State mgmt request",
"type": "object"
}
TransportNodeVtepRecoveryRequest (type)
{
"extends": {
"$ref": "TransportNodeVtepAction
},
"id": "TransportNodeVtepRecoveryRequest",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeVtepRecoveryRequest"
},
"properties": {
"action_type": {
"required": true,
"title": "Type of action",
"type": "string"
},
"device_name": {
"required": true,
"title": "VTEP device name",
"type": "string"
}
},
"title": "An object representing a request to recover an unhealthy VTEP",
"type": "object"
}
TransportNodeVtepRecoveryStatus (type)
{
"extends": {
"$ref": "TransportNodeVtepActionStatus
},
"id": "TransportNodeVtepRecoveryStatus",
"module_id": "PolicyHostTransportNode",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeVtepRecoveryStatus"
},
"properties": {
"device_name": {
"required": true,
"title": "VTEP device name",
"type": "string"
},
"id": {
"required": true,
"title": "Action identifier",
"type": "string"
},
"status": {
"enum": [
"PENDING",
"IN_PROGRESS",
"FAILED"
],
"required": true,
"title": "Action status",
"type": "string"
},
"status_message": {
"required": false,
"title": "Action status message",
"type": "string"
},
"status_type": {
"required": true,
"title": "Type of action status",
"type": "string"
}
},
"title": "An object representing the status of a VTEP recovery request",
"type": "object"
}
TransportProtocolHeader (type)
{
"additionalProperties": false,
"id": "TransportProtocolHeader",
"module_id": "Traceflow",
"properties": {
"dhcp_header": {
"$ref": "DhcpHeader,
"required": false,
"title": "DHCP header"
},
"dhcpv6_header": {
"$ref": "Dhcpv6Header,
"required": false,
"title": "DHCP v6 header"
},
"dns_header": {
"$ref": "DnsHeader,
"required": false,
"title": "DNS header"
},
"icmp_echo_request_header": {
"$ref": "IcmpEchoRequestHeader,
"required": false,
"title": "ICMP echo request header"
},
"ndp_header": {
"$ref": "NdpHeader,
"required": false,
"title": "Neighbor discovery protocol header"
},
"tcp_header": {
"$ref": "TcpHeader,
"required": false,
"title": "TCP header"
},
"udp_header": {
"$ref": "UdpHeader,
"required": false,
"title": "UDP header"
}
},
"type": "object"
}
TransportTunnelResourceType (type)
{
"additionalProperties": false,
"enum": [
"IPSecVPNTransportStatus"
],
"id": "TransportTunnelResourceType",
"module_id": "L2VPNStatistics",
"title": "Resource types of L2VPN Transport tunnels",
"type": "string"
}
TransportType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"OVERLAY",
"VLAN"
],
"id": "TransportType",
"module_id": "Switching",
"type": "string"
}
TransportZone (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "TransportZone",
"module_id": "TransportZone",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authorized_vlans": {
"description": "This field lists vlan ids allowed on logical network entities, eg. Segments, bridges, etc. created under this transport zone. Can be empty, VLAN id or a range of VLAN ids specified with '-' in between. An empty list allows all vlan ids.",
"items": {
"type": "string"
},
"required": false,
"title": "Authorized VLAN ids for this TransportZone",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"forwarding_mode": {
"$ref": "ForwardingMode,
"nsx_feature": "L2Ipv6",
"required": false,
"title": "The forwarding mode of this transport zone."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "Only one transport zone can be the default one for a given transport zone type. APIs that need transport zone can choose to use the default transport zone if a transport zone is not given.",
"title": "Flag to indicate if the transport zone is the default one.",
"type": "boolean"
},
"nested_nsx": {
"default": false,
"description": "This flag should be set to true in nested NSX environment. When the \"allow_changing_vdr_mac_in_use\" property in the global config object RoutingGlobalConfig is false, this flag can not be changed if this transport zone is OVERLAY and the change will make any transport node in this transport zone to change the VDR MAC used in any host switch. When this flag is true and this transport zone is OVERLAY, all host switches in this transport zone will use the VDR MAC in the \"vdr_mac_nested\" property in the global config object RoutingGlobalConfig.",
"required": false,
"title": "Flag to indicate if all transport nodes in this transport zone are connected through nested NSX.",
"type": "boolean"
},
"origin_id": {
"description": "This field is populated only if the transport zone was created by NSX system to support security on vSphere Distributed Switch (vDS). The origin_id will refer to the identifier of corresponding vDS from it's parent vCenter server.",
"readonly": true,
"required": false,
"title": "The host switch id generated by the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"$ref": "TransportType,
"required": true,
"title": "The transport type of this transport zone."
},
"transport_zone_profile_ids": {
"items": {
"$ref": "TransportZoneProfileTypeIdEntry
},
"required": false,
"title": "Identifiers of the transport zone profiles associated with this TransportZone.",
"type": "array"
},
"uplink_teaming_policy_names": {
"description": "The names of switching uplink teaming policies that all transport nodes in this transport zone must support. An exception will be thrown if a transport node within the transport zone does not support a named teaming policy. The user will need to first ensure all trasnport nodes support the desired named teaming policy before assigning it to the transport zone. If the field is not specified, the host switch's default teaming policy will be used.",
"items": {
"type": "string"
},
"required": false,
"title": "Names of the switching uplink teaming policies that are supported by this transport zone.",
"type": "array"
}
},
"search_dsl_name": [
"transport zone (manager)"
],
"type": "object"
}
TransportZoneEndPoint (type) (Deprecated)
{
"deprecated": true,
"description": "Specify which HostSwitch from this TransportNode is used handle traffic for given TransportZone",
"id": "TransportZoneEndPoint",
"module_id": "TransportNode",
"properties": {
"transport_zone_id": {
"description": "For MP APIs provide UUID of transport zone. For Policy APIs provide policyPath of transport zone.",
"required": true,
"title": "Unique ID identifying the transport zone for this endpoint",
"type": "string"
},
"transport_zone_profile_ids": {
"description": "For MP APIs provide UUID of transport zone profiles. For Policy APIs provide policyPath of transport zone profiles.",
"items": {
"$ref": "TransportZoneProfileTypeIdEntry
},
"required": false,
"title": "Identifiers of the transport zone profiles associated with this transport zone endpoint on this transport node.",
"type": "array"
}
},
"title": "This object associates TransportNode to a certain TransportZone",
"type": "object"
}
TransportZoneListParameters (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "TransportZoneListParameters",
"module_id": "TransportZone",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"description": "If set, all transport zones with matching display name will be returned.",
"title": "The transport zone's display name",
"type": "string"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Filter to indicate whether to include system owned Transport Zones.",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"is_default": {
"description": "If set to true, only the default transport zones will be returned. If set to false, all transport zones except the default ones will be returned. If unset, all transport zones will be returned.",
"title": "Filter to choose if default transport zones will be returned",
"type": "boolean"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"transport_type": {
"$ref": "TransportType,
"description": "If set, only transport zones of the given type will be returned; otherwise transport zones of all types will be returned.",
"title": "Filter to choose the type of transport zones to return"
},
"uplink_teaming_policy_name": {
"description": "All transport zone's with the specified uplink teaming policy name. Otherwise, transport zones with any uplink teaming policy will be returned.",
"required": false,
"title": "The transport zone's uplink teaming policy name",
"type": "string"
}
},
"title": "Transport Zone list parameters",
"type": "object"
}
TransportZoneListResult (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "TransportZoneListResult",
"module_id": "TransportZone",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportZone
},
"required": true,
"title": "Transport Zone Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport zone queries result",
"type": "object"
}
TransportZoneProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ManagedResource
},
"id": "TransportZoneProfile",
"module_id": "TransportZoneProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"enum": [
"BfdHealthMonitoringProfile"
],
"help_summary": "Possible value is 'BfdHealthMonitoringProfile'",
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
TransportZoneProfileListParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListRequestParameters
},
"id": "TransportZoneProfileListParameters",
"module_id": "TransportZoneProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_system_owned": {
"default": false,
"required": false,
"title": "Whether the list result contains system resources",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"resource_type": {
"required": false,
"title": "comma-separated list of transport zone profile types, e.g. ?resource_type=BfdHealthMonitoringProfile",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport zone profile list parameters",
"type": "object"
}
TransportZoneProfileListResult (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "TransportZoneProfileListResult",
"module_id": "TransportZoneProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TransportZoneProfile
},
"readonly": true,
"required": true,
"title": "Transport zone profile results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Transport zone profile queries result",
"type": "object"
}
TransportZoneProfileType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"BfdHealthMonitoringProfile"
],
"id": "TransportZoneProfileType",
"module_id": "TransportZoneProfile",
"title": "Supported transport zone profiles.",
"type": "string"
}
TransportZoneProfileTypeIdEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "TransportZoneProfileTypeIdEntry",
"module_id": "TransportZoneProfile",
"properties": {
"profile_id": {
"description": "profile id of the resource type",
"readonly": false,
"required": true,
"type": "string"
},
"resource_type": {
"$ref": "TransportZoneProfileType,
"description": "Selects the type of the transport zone profile"
}
},
"type": "object"
}
TransportZoneStatus (type) (Deprecated)
{
"deprecated": true,
"id": "TransportZoneStatus",
"module_id": "TransportZone",
"properties": {
"num_logical_ports": {
"readonly": true,
"required": true,
"title": "Count of logical ports in the transport zone",
"type": "int"
},
"num_logical_switches": {
"readonly": true,
"required": true,
"title": "Count of logical switches in the transport zone",
"type": "int"
},
"num_transport_nodes": {
"readonly": true,
"required": true,
"title": "Count of transport nodes in the transport zone",
"type": "int"
},
"transport_node_members": {
"items": {
"$ref": "TransportNodeMemberInfo
},
"nsx_feature": "NsxtOnVds",
"readonly": true,
"title": "Information about transport nodes which are part of this transport zone",
"type": "array"
},
"transport_zone_id": {
"readonly": true,
"required": true,
"title": "Unique ID identifying the transport zone",
"type": "string"
}
},
"title": "Transport zone runtime status information",
"type": "object"
}
TriggerUcUpgradeParameters (type)
{
"id": "TriggerUcUpgradeParameters",
"properties": {
"product_version": {
"description": "Target upgrade coordinator version.",
"pattern": "^[a-zA-Z0-9-.]+$",
"title": "Target upgrade coordinator version.",
"type": "string"
}
},
"type": "object"
}
TrunkVlanRange (type) (Deprecated)
{
"deprecated": true,
"id": "TrunkVlanRange",
"module_id": "LogicalSwitch",
"properties": {
"end": {
"$ref": "VlanID,
"required": true
},
"start": {
"$ref": "VlanID,
"required": true
}
},
"title": "Trunk VLAN id range",
"type": "object"
}
TrustManagementData (type)
{
"additionalProperties": false,
"id": "TrustManagementData",
"module_id": "CertificateManager",
"properties": {
"supported_algorithms": {
"description": "List of supported algorithms.",
"items": {
"$ref": "CryptoAlgorithm
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
TrustObjectData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "TrustObjectData",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key_algo": {
"description": "Key algorithm contained in this certificate.",
"type": "string"
},
"passphrase": {
"description": "Password for private key encryption.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "secure_string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"private_key": {
"description": "Private key data.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "secure_string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
Tunnel (type)
{
"additionalProperties": false,
"description": "polymorphic resource type and support resource types - GreTunnel",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tunnel",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable/Disable Tunnel",
"required": false,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"default": 1476,
"description": "Maximum transmission unit(MTU) in bytes specifies the size of the largest packet that a tunnel can transmit.",
"minimum": 64,
"required": false,
"title": "Maximum transmission unit",
"type": "int"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "Indicates Resource type of tunnel, GreTunnel - Resource type as GreTunnel will be used to configure P2P GRE Tunnel.",
"enum": [
"GreTunnel"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tunnel_address": {
"description": "Specify list of IP address per every edge node for tunnel interface. Supports both IPv4 and IPv6 address.",
"items": {
"$ref": "TunnelAddress
},
"maxItems": 8,
"minItems": 1,
"required": true,
"title": "Tunnel Address object parameter",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tunnel",
"type": "object"
}
TunnelAddress (type)
{
"additionalProperties": false,
"id": "TunnelAddress",
"module_id": "PolicyConnectivity",
"properties": {
"edge_path": {
"description": "policy path of edge node where tunnel will be realized with the subnet specified.",
"required": true,
"title": "Policy edge node path",
"type": "string"
},
"source_address": {
"$ref": "IPv4Address,
"description": "Specify IPv4 source addresses as the tunnel local end point addresses.",
"required": true,
"title": "IPv4 souurce address"
},
"tunnel_interface_subnet": {
"description": "IP addresses in CIDR format for both IP4 and IPv6 assigned to tunnel interface on a given edge node",
"items": {
"$ref": "InterfaceSubnet
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "Interface Subnet object parameter",
"type": "array"
}
},
"title": "Tunnel Address request parameters",
"type": "object"
}
TunnelDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The TunnelDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "TunnelDigestAlgorithm",
"module_id": "IPSecVPN",
"title": "Digest Algorithms used in tunnel establishment",
"type": "string"
}
TunnelEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256",
"NO_ENCRYPTION_AUTH_AES_GMAC_128",
"NO_ENCRYPTION_AUTH_AES_GMAC_192",
"NO_ENCRYPTION_AUTH_AES_GMAC_256",
"NO_ENCRYPTION"
],
"id": "TunnelEncryptionAlgorithm",
"module_id": "IPSecVPN",
"title": "Encryption algorithm used in tunnel",
"type": "string"
}
TunnelInterfaceIPSubnet (type)
{
"additionalProperties": false,
"id": "TunnelInterfaceIPSubnet",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IPv4 or IPv6 Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 127,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length maximum prefixlen for IPv4 address - 31, IPv6 address - 127.",
"type": "integer"
}
},
"type": "object"
}
TunnelKeepAlive (type)
{
"additionalProperties": false,
"id": "TunnelKeepAlive",
"module_id": "PolicyConnectivity",
"properties": {
"dead_time_multiplier": {
"default": 3,
"maximum": 5,
"minimum": 3,
"required": false,
"title": "Dead time multiplier",
"type": "int"
},
"enable_keepalive_ack": {
"default": true,
"required": false,
"title": "Enable tunnel keep alive acknowledge",
"type": "boolean"
},
"enabled": {
"default": false,
"required": false,
"title": "Enable/Disable tunnel keep alive",
"type": "boolean"
},
"keepalive_interval": {
"default": 10,
"maximum": 120,
"minimum": 2,
"required": false,
"title": "Keep alive interval",
"type": "int"
}
},
"title": "Tunnel Keep Alive",
"type": "object"
}
TunnelList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TunnelList",
"module_id": "Tunnel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"tunnels": {
"items": {
"$ref": "TunnelProperties
},
"readonly": true,
"title": "List of transport node tunnels",
"type": "array"
}
},
"type": "object"
}
TunnelPortConfig (type)
{
"additionalProperties": false,
"description": "IP Tunnel port configuration.",
"id": "TunnelPortConfig",
"module_id": "IPSecVPN",
"properties": {
"ip_subnets": {
"description": "IP Tunnel port (commonly referred as VTI) subnet.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 2,
"required": true,
"title": "IP Tunnel port subnet",
"type": "array"
},
"tunnel_port_id": {
"description": "Logical route port identifier.",
"readonly": true,
"title": "Logical route port identifier",
"type": "string"
}
},
"title": "IP Tunnel port configuration",
"type": "object"
}
TunnelPortStatisticsPerNode (type)
{
"extends": {
"$ref": "LogicalRouterPortStatisticsPerNode
},
"id": "TunnelPortStatisticsPerNode",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_path": {
"description": "Edge node policy path",
"readonly": true,
"title": "Edge node policy path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"description": "ID of the tunnel router port",
"readonly": true,
"title": "ID of the tunnel router port",
"type": "string"
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"source": {
"$ref": "IPAddress,
"description": "Tunnel source address",
"readonly": true,
"title": "Tunnel source address"
},
"sub_cluster_id": {
"description": "The subcluster ID of logical router port. Active-Active service router cluster forms pariwise sub cluster of nodes and syncs states among them.",
"readonly": true,
"required": false,
"title": "The ID of the Pairwise subcluster in Active-Active service router cluster",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "The ID of the TransportNode",
"type": "string"
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
TunnelProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "TunnelProperties",
"module_id": "Tunnel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"bfd": {
"$ref": "BFDProperties,
"readonly": true,
"required": false,
"title": "Detailed information about BFD configured on interface"
},
"egress_interface": {
"description": "Corresponds to the interface where local_ip_address is routed.",
"readonly": true,
"required": false,
"title": "Name of local transport interface carrying tunnel traffic",
"type": "string"
},
"encap": {
"enum": [
"STT",
"VXLAN",
"GENEVE",
"NONE",
"UNKNOWN_ENCAP"
],
"readonly": true,
"required": false,
"title": "Tunnel encap",
"type": "string"
},
"last_updated_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Time at which the Tunnel status has been fetched last time."
},
"latency_type": {
"description": "Latency type.",
"enum": [
"UNKNOWN_LATENCY",
"VALID",
"NOT_READY",
"TIMEOUT"
],
"readonly": true,
"required": false,
"title": "Latency type",
"type": "string"
},
"latency_value": {
"description": "The latency value is set only when latency_type is VALID.",
"readonly": true,
"required": false,
"title": "Latency value",
"type": "integer"
},
"local_ip": {
"format": "ip",
"readonly": true,
"required": false,
"title": "Local IP address of tunnel",
"type": "string"
},
"name": {
"readonly": true,
"required": false,
"title": "Name of tunnel",
"type": "string"
},
"remote_ip": {
"format": "ip",
"readonly": true,
"required": false,
"title": "Remote IP address of tunnel",
"type": "string"
},
"remote_node_display_name": {
"description": "Represents the display name of the remote transport node at the other end of the tunnel.",
"readonly": true,
"title": "Display name of the remote transport node",
"type": "string"
},
"remote_node_id": {
"readonly": true,
"required": false,
"title": "UUID of the remote transport node",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Status of tunnel",
"type": "string"
}
},
"type": "object"
}
TunnelStatus (type)
{
"id": "TunnelStatus",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Indicates Resource type of TunnelStatus, GreTunnelStatus - Resource type as GreTunnelStatus will be used to populate P2P GRE Tunnel status",
"enum": [
"GreTunnelStatus"
],
"required": true,
"title": "resource type",
"type": "string"
}
},
"type": "object"
}
TunnelStatusCount (type)
{
"additionalProperties": false,
"extends": {
"$ref": "StatusCount
},
"id": "TunnelStatusCount",
"module_id": "Heatmap",
"properties": {
"bfd_diagnostic": {
"$ref": "BFDDiagnosticCount,
"title": "BFD Diagnostic"
},
"bfd_status": {
"$ref": "BFDStatusCount,
"title": "BFD Status"
},
"degraded_count": {
"title": "Degraded count",
"type": "int"
},
"down_count": {
"title": "Down count",
"type": "int"
},
"down_pnics": {
"description": "List Down or Degraded pnics",
"items": {
"$ref": "PnicBondStatus
},
"title": "Down pnics",
"type": "array"
},
"last_status_changed_time": {
"$ref": "EpochMsTimestamp,
"title": "Timestamp of the last status change, in epoch milliseconds"
},
"status": {
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"title": "Roll-up status",
"type": "string"
},
"status_description": {
"description": "Describe what makes the status not UP",
"title": "Status description",
"type": "string"
},
"up_count": {
"title": "Up count",
"type": "int"
}
},
"type": "object"
}
TunnelSubnet (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "TunnelSubnet",
"module_id": "PolicyL3Vpn",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Subnet ip addresses",
"type": "array",
"uniqueItems": true
},
"prefix_length": {
"maximum": 31,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
TunnelTrafficStatistics (type)
{
"description": "Tunnel Traffic Statistics parent object",
"id": "TunnelTrafficStatistics",
"module_id": "PolicyConnectivityStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "GreTunnelTrafficStatistics - Resource type as GreTunnelTrafficStatistics will be used to populate P2P GRE Tunnel traffic statistics",
"enum": [
"GreTunnelTrafficStatistics"
],
"required": true,
"title": "Indicates Resource type of tunnel",
"type": "string"
}
},
"title": "Tunnel Traffic Statistics parent object",
"type": "object"
}
UAAgentCommonResource (type)
{
"description": "Common parameters needed to onboard/offboard site to/from NSXi, NDR, and Metrics.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "UAAgentCommonResource",
"module_id": "UAAgentCommon",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_action": {
"description": "Action to perform for NSX+ agents",
"enum": [
"ONBOARD",
"OFFBOARD",
"FORCE_OFFBOARD"
],
"required": true,
"title": "Admin Action",
"type": "string"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"correlation_id": {
"description": "Unique identifier created by DGS",
"required": true,
"title": "Correlation Identifier provided by DGS",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"instance_id": {
"description": "Id of the NSX+ Instance where the site is onboarded.",
"required": true,
"title": "Instance id",
"type": "string"
},
"log_level": {
"default": "INFO",
"description": "Configure log level for NSX+ agents",
"enum": [
"INFO",
"DEBUG"
],
"required": false,
"title": "Log Level",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"org_id": {
"description": "Id of the NSX+ Organization where the site is onboarded.",
"required": true,
"title": "Org id",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receiver_endpoint": {
"description": "Receiver endpoint used by NSX+ agents to communicate with the cloud",
"required": true,
"title": "Receiver Endpoint",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NSX+ Common Agent Resource",
"type": "object"
}
UcBundleMetadata (type)
{
"additionalProperties": false,
"description": "Provides the information about previous uploaded bundle.",
"id": "UcBundleMetadata",
"module_id": "Upgrade",
"properties": {
"upgrade_bundle_file_name": {
"readonly": true,
"required": false,
"title": "Uc bundle file name",
"type": "string"
},
"upgrade_bundle_type": {
"enum": [
"MUB",
"PUB"
],
"readonly": true,
"required": false,
"title": "upgrade bundle type",
"type": "string"
},
"upgrade_bundle_upload_type": {
"enum": [
"LOCAL_BUNDLE",
"DOWNLOAD_URL",
"DOWNLOAD_SITE"
],
"readonly": true,
"required": false,
"title": "upgrade bundle upload type",
"type": "string"
},
"upgrade_bundle_url": {
"readonly": true,
"required": false,
"title": "Uc bundle url",
"type": "string"
},
"upgrade_bundle_version": {
"readonly": true,
"required": false,
"title": "upgrade bundle version",
"type": "string"
},
"upload_start_time": {
"readonly": true,
"required": false,
"title": "Uc bundle start time epoch",
"type": "string"
}
},
"title": "Uc Bundle Metadata for last uploaded bundle.",
"type": "object"
}
UcFunctionalState (type)
{
"additionalProperties": false,
"description": "Upgrade coordinator Uc functional State.",
"id": "UcFunctionalState",
"module_id": "Upgrade",
"properties": {
"error_message": {
"description": "error message that explains why UC is on standby mode.",
"readonly": true,
"required": false,
"title": "error message",
"type": "string"
},
"state": {
"description": "function state of the upgrade coordinator",
"enum": [
"RUNNING",
"STANDBY"
],
"readonly": true,
"required": true,
"title": "State of UC UI",
"type": "string"
}
},
"title": "Uc Functional State",
"type": "object"
}
UcStateProperties (type)
{
"additionalProperties": false,
"id": "UcStateProperties",
"properties": {
"update_uc_state_properties": {
"default": true,
"required": false,
"title": "Flag for updating upgrade-coodinator state properties to database",
"type": "boolean"
}
},
"title": "Upgrade Coordinator state properties",
"type": "object"
}
UcUpgradeMetadata (type)
{
"additionalProperties": false,
"description": "Provides the information about previous Uc upgrade operation.",
"id": "UcUpgradeMetadata",
"module_id": "Upgrade",
"properties": {
"uc_upgrade_time": {
"readonly": true,
"required": false,
"title": "Uc upgrade time epoch",
"type": "string"
},
"upgrade_bundle_name": {
"readonly": true,
"required": false,
"title": "upgrade bundle name",
"type": "string"
},
"upgrade_bundle_type": {
"readonly": true,
"required": false,
"title": "upgrade bundle type",
"type": "string"
},
"upgrade_bundle_version": {
"readonly": true,
"required": false,
"title": "upgrade bundle version",
"type": "string"
}
},
"title": "UC Upgrade status",
"type": "object"
}
UcUpgradeStatus (type)
{
"additionalProperties": false,
"description": "Upgrade status of upgrade-coordinator",
"id": "UcUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"errors": {
"description": "List of failure messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of failure messages",
"type": "array"
},
"progress_messages": {
"description": "List of progress messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Progress messages",
"type": "array"
},
"progress_percentage": {
"readonly": true,
"required": false,
"title": "Upgrade Coordinator Upgrade Progress Percentage",
"type": "int"
},
"state": {
"description": "Current state of UC upgrade",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "State of UC upgrade",
"type": "string"
},
"status": {
"description": "Status of UC upgrade.",
"readonly": true,
"required": false,
"title": "Status of UC upgrade",
"type": "string"
}
},
"title": "UC Upgrade status",
"type": "object"
}
UdpHeader (type)
{
"additionalProperties": false,
"id": "UdpHeader",
"module_id": "Traceflow",
"properties": {
"dst_port": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port of udp header",
"type": "integer"
},
"src_port": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port of udp header",
"type": "integer"
}
},
"type": "object"
}
UnaryOperation (type)
{
"additionalProperties": false,
"description": "Unary Operation.",
"id": "UnaryOperation",
"module_id": "PolicyReaction",
"properties": {
"operand": {
"$ref": "ResourceFieldPointer,
"description": "Represents an argument of the operation pointing to a specific field value.",
"required": true,
"title": "Operand"
},
"operator": {
"description": "Logical Operator describing the operation to apply to the operand.",
"enum": [
"APPEND",
"SUBTRACT"
],
"required": true,
"title": "Operator",
"type": "string"
}
},
"title": "Unary Operation",
"type": "object"
}
UnaryOperationBasedInjectionValue (type)
{
"additionalProperties": false,
"description": "Operation based Injection Value.",
"extends": {
"$ref": "InjectionValue
},
"id": "UnaryOperationBasedInjectionValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "UnaryOperationBasedInjectionValue"
},
"properties": {
"initial_value": {
"$ref": "ResourceFieldPointer,
"description": "Resource field pointer representing the initial value for the injection value. If an operation is supplied, the value is handed to the operation function to produce a final result.",
"required": true,
"title": "Intitial value"
},
"operation": {
"$ref": "UnaryOperation,
"description": "Represents an optional operation to be done on the initial value.",
"title": "Operation Function"
},
"resource_type": {
"description": "Injection Value resource type.",
"enum": [
"UnaryOperationBasedInjectionValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Operation based Injection Value",
"type": "object"
}
UnassociatedVMListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UnassociatedVMListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of VMs which are not associated with any NSGroup",
"items": {
"$ref": "VirtualMachine
},
"required": true,
"title": "Unassociated Vitual Machine list results\n",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UnboundedKeyValuePair (type)
{
"additionalProperties": false,
"id": "UnboundedKeyValuePair",
"module_id": "Common",
"properties": {
"key": {
"readonly": false,
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"readonly": false,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "A key-value pair with no limitations on size",
"type": "object"
}
UnicastPacketFlooding (type)
{
"id": "UnicastPacketFlooding",
"module_id": "ObservabilityCounters",
"properties": {
"hostswitch_unknown_l2_unicast_from_uplink_rxpps": {
"description": "Unknown L2 unicast packets receveied by hostswitch from the uplink.",
"required": false,
"type": "number"
},
"hostswitch_unknown_l2_unicast_to_uplink_txpps": {
"description": "Unknown L2 unicast packets sent by hostswtich to the uplink.",
"required": false,
"type": "number"
},
"overlay_flooded_l2_unicast_to_uplink_txpps": {
"description": "L2 overlay unicast TX packets flooded to the uplink.",
"required": false,
"type": "number"
}
},
"type": "object"
}
UnidirectionalServicePath (type)
{
"description": "Representing either forward or reverse service path for ingress or egress traffic respectively.",
"id": "UnidirectionalServicePath",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"hops": {
"description": "List of service path hops that constitutes the forward or reverse service path.",
"items": {
"$ref": "ServicePathHop
},
"readonly": true,
"required": false,
"title": "Forward or reverse service path hops",
"type": "array"
},
"host_cross_count": {
"description": "The number of times the traffic needs to cross hosts for the given forward or reverse service path.",
"readonly": true,
"required": false,
"title": "Host crossing count",
"type": "integer"
},
"in_maintenance_mode": {
"description": "Is forward or revserse service path in maintenance mode or not.",
"readonly": true,
"required": false,
"title": "Is in maintenance mode",
"type": "boolean"
},
"is_active": {
"description": "Is forward or revserse service path active or not.",
"readonly": true,
"required": false,
"title": "Is active",
"type": "boolean"
},
"unidir_service_path_id": {
"description": "Unique identifier of one directional service path.",
"readonly": true,
"required": false,
"title": "Unidirectional service path id",
"type": "integer"
}
},
"title": "Forward or reverse service path",
"type": "object"
}
UpdateOidcEndPointThumbprintRequest (type)
{
"additionalProperties": false,
"description": "Request to update the thumbprint of an OpenID Connect end-point with a new thumbprint.",
"extends": {
"$ref": "ManagedResource
},
"id": "UpdateOidcEndPointThumbprintRequest",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"oidc_uri": {
"description": "URI where to download the meta-data of the OIDC end-point.",
"maxLength": 255,
"readonly": false,
"required": true,
"title": "OpenID Connect end-point URI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Thumbprint of the OIDC URI to make an SSL connection.",
"readonly": false,
"required": false,
"title": "Thumbprint",
"type": "string"
}
},
"title": "Request to update the thumbprint of an OpenId Connect end-point",
"type": "object"
}
UpdatePrincipalIdentityCertificateRequest (type)
{
"additionalProperties": false,
"description": "Request to update the certificate of a principal identity with a new certificate.",
"extends": {
"$ref": "ManagedResource
},
"id": "UpdatePrincipalIdentityCertificateRequest",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Id of the stored certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"principal_identity_id": {
"description": "Unique ID of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Principal Identity ID",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Request to update the certificate of a principal identity",
"type": "object"
}
UpdateStatusWithFiltersParameter (type)
{
"extends": {
"$ref": "AlarmFilterParameter
},
"id": "UpdateStatusWithFiltersParameter",
"module_id": "Monitoring",
"properties": {
"after": {
"$ref": "EpochMsTimestamp,
"description": "Filter to fetch alarms after the specified time.",
"required": false,
"title": "Filter to fetch alarms after the specified time"
},
"before": {
"$ref": "EpochMsTimestamp,
"description": "Filter to fetch alarms before the specified time.",
"required": false,
"title": "Filter to fetch alarms before the specified time"
},
"cursor": {
"description": "Opaque cursor to be used for getting next page of records (supplied by current result page).",
"readonly": false,
"required": false,
"title": "Cursor for pagination",
"type": "string"
},
"event_tag": {
"description": "Specify tags for which alarms should be filtered, for example, INFRASTRUCTURE or INTELLIGENCE.",
"required": false,
"title": "Event tag",
"type": "string"
},
"event_type": {
"description": "Specify one or more event types for which alarms should be filtered.",
"required": false,
"title": "Event Type Filter",
"type": "string"
},
"feature_name": {
"description": "Specify one or more feature names for which alarms should be filtered.",
"required": false,
"title": "Feature Name",
"type": "string"
},
"id": {
"description": "Specify one or more alarm IDs for which alarms should be filtered.",
"required": false,
"title": "Alarm ID",
"type": "string"
},
"intent_path": {
"description": "Specify one or more intent paths for which alarms should be filtered.",
"required": false,
"title": "Intent Path for entity ID",
"type": "string"
},
"new_status": {
"$ref": "MonitoringStatus,
"description": "Specify new alarm status for filtered alarms. Can be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": true,
"title": "Status"
},
"node_id": {
"description": "Specify one or more node IDs for which alarms should be filtered.",
"required": false,
"title": "Node ID",
"type": "string"
},
"node_resource_type": {
"description": "Specify one or more node resource types for which alarms should be filtered.",
"required": false,
"title": "Node Resource Type",
"type": "string"
},
"org": {
"description": "Specify Org ID for which alarms should be filtered.",
"required": false,
"title": "Org ID",
"type": "string"
},
"page_size": {
"description": "Maximum number of results to return in this page (server may return fewer).",
"required": false,
"title": "Page Size for pagination",
"type": "integer"
},
"project": {
"description": "Specify Project ID for which alarms should be filtered.",
"required": false,
"title": "Project ID",
"type": "string"
},
"severity": {
"description": "Specify one or more severity levels for which alarms should be filtered. Must be one of CRITICAL, HIGH, MEDIUM, LOW.",
"required": false,
"title": "Severity",
"type": "string"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"required": false,
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_by": {
"description": "Sorting on column is based on the sort_by. sort_by represents the field in the output data on which sort is requested.",
"required": false,
"title": "Key for sorting on this column",
"type": "string"
},
"status": {
"description": "Specify one or more status for which alarms should be filtered. Must be one of OPEN, ACKNOWLEDGED, SUPPRESSED, RESOLVED.",
"required": false,
"title": "Status",
"type": "string"
},
"suppress_duration": {
"description": "Specify duration in hours for which Alarm should be suppressed.This value must be specified if the new_status is SUPPRESSED.",
"title": "Duration in hours for which Alarm should be suppressed",
"type": "integer"
},
"vpc": {
"description": "Specify VPC ID for which alarms should be filtered.",
"required": false,
"title": "VPC ID",
"type": "string"
}
},
"title": "Parameters to update status of alarm",
"type": "object"
}
UpgradeBundle (type)
{
"additionalProperties": false,
"id": "UpgradeBundle",
"module_id": "Upgrade",
"properties": {
"file": {
"readonly": false,
"required": true,
"title": "Upgrade bundle file",
"type": "multipart_file"
},
"install": {
"readonly": false,
"required": false,
"title": "Hint to install bundle after upload",
"type": "boolean"
}
},
"type": "object"
}
UpgradeBundleFetchRequest (type)
{
"additionalProperties": false,
"description": "URL and other fetch requests of upgrade bundle",
"id": "UpgradeBundleFetchRequest",
"module_id": "Upgrade",
"properties": {
"bundle_type": {
"description": "Bundle type i.e. pre-upgrade bundle or main upgrade bundle.",
"enum": [
"PRE-UPGRADE",
"UPGRADE"
],
"readonly": false,
"required": false,
"title": "Bundle type i.e. pre-upgrade bundle or main upgrade bundle.",
"type": "string"
},
"password": {
"description": "Password for Username provided in this request for VMware Download site.",
"readonly": false,
"required": false,
"title": "Password for VMware Download Site.",
"type": "secure_string"
},
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": false,
"required": false,
"title": "URL of upgrade bundle",
"type": "string"
},
"username": {
"description": "Username representing user on VMware Download site.",
"readonly": false,
"required": false,
"title": "Username for VMware Download Site.",
"type": "string"
},
"version": {
"description": "Version available on the VMware Download site, targeted for upgrade.",
"readonly": false,
"required": false,
"title": "version to be downloaded",
"type": "string"
}
},
"title": "Fetch request for fetching upgrade bundle",
"type": "object"
}
UpgradeBundleId (type)
{
"additionalProperties": false,
"description": "Identifier of the upgrade bundle",
"id": "UpgradeBundleId",
"module_id": "Upgrade",
"properties": {
"bundle_id": {
"description": "Identifier of bundle upload",
"readonly": true,
"required": false,
"title": "Bundle Id of upgrade bundle uploaded",
"type": "string"
}
},
"title": "Bundle id of upgrade bundle",
"type": "object"
}
UpgradeBundleInfo (type)
{
"additionalProperties": false,
"description": "Information about the upgrade bundle",
"id": "UpgradeBundleInfo",
"module_id": "Upgrade",
"properties": {
"bundle_size": {
"readonly": true,
"required": false,
"title": "size of upgrade bundle",
"type": "string"
},
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": true,
"required": false,
"title": "URL of the upgrade bundle",
"type": "string"
}
},
"title": "Information about upgrade bundle",
"type": "object"
}
UpgradeBundleStatus (type)
{
"id": "UpgradeBundleStatus",
"module_id": "Upgrade",
"properties": {
"error_messages": {
"description": "List of failure messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of failure messages",
"type": "array"
},
"operation": {
"description": "Current running operation",
"enum": [
"UPLOAD",
"INSTALL"
],
"readonly": true,
"required": false,
"title": "Current operation",
"type": "string"
},
"percentage": {
"description": "Progress percentage of the Upgrade Bundle Operations",
"readonly": true,
"required": false,
"title": "Progress percentage of the Upgrade Bundle Operations",
"type": "int"
},
"progress_messages": {
"description": "List of progress messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Progress messages",
"type": "array"
},
"status": {
"description": "State of Upgrade Bundle",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "State of Upgrade Bundle",
"type": "string"
},
"step": {
"description": "Current state of UC upgrade",
"enum": [
"START_UPLOAD_BUNDLE",
"UPLOAD_BUNDLE",
"EXTRACT_OUTER_BUNDLE",
"VERIFY",
"CHECK_COMPATIBILITY",
"MOVE_BUNDLE",
"CLEAN",
"UPLOAD_CANCELLED",
"UPLOAD_COMPLETE",
"START_UC_UPGRADE",
"EXTRACT",
"LOAD_METADATA",
"RESTART",
"REPO_SYNC",
"UPGRADE_OTHER_NODES",
"UPGRADE_COMPLETE",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "current step in the process.",
"type": "string"
},
"upgradeBundleType": {
"description": "Type of upgrade bundle uploaded. \\n MUB type represents upgrade bundle,\\n PUB type represents pre-check bundle, \\n UNKNOWN type represents the default type, \\n COMPATIBILITY_MATRIX type represents the compatibility bundle.",
"enum": [
"MUB",
"PUB",
"COMPATIBILITY_MATRIX",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Type of upgrade bundle",
"type": "string"
}
},
"type": "object"
}
UpgradeBundleStatusQueryParameters (type)
{
"id": "UpgradeBundleStatusQueryParameters",
"module_id": "Upgrade",
"properties": {
"operation": {
"description": "Target operation",
"enum": [
"UPLOAD",
"INSTALL"
],
"readonly": true,
"required": false,
"title": "Target operation",
"type": "string"
}
},
"type": "object"
}
UpgradeBundleUploadParameters (type)
{
"additionalProperties": false,
"description": "Upload request Parameters of upgrade bundle",
"id": "UpgradeBundleUploadParameters",
"module_id": "Upgrade",
"properties": {
"install": {
"description": "URL for uploading upgrade bundle",
"readonly": false,
"required": false,
"title": "Hint to install the bundle after upload.",
"type": "boolean"
}
},
"title": "Parameters for uploading upgrade bundle",
"type": "object"
}
UpgradeBundleUploadStatus (type)
{
"additionalProperties": false,
"description": "Upload status of upgrade bundle uploaded from url",
"id": "UpgradeBundleUploadStatus",
"module_id": "Upgrade",
"properties": {
"detailed_status": {
"description": "Detailed status of upgrade bundle upload",
"readonly": true,
"required": false,
"title": "Detailed status of bundle upload",
"type": "string"
},
"percent": {
"description": "Percent of bundle uploaded from URL",
"readonly": true,
"required": false,
"title": "Percent of upload completed",
"type": "number"
},
"status": {
"description": "Current status of upgrade bundle upload",
"enum": [
"UPLOADING",
"VERIFYING",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "Status of upgrade bundle upload",
"type": "string"
},
"upgradeBundleType": {
"description": "Type of upgrade bundle uploaded. \\n MUB type represents upgrade bundle,\\n PUB type represents pre-check bundle, \\n UNKNOWN type represents the default type, \\n COMPATIBILITY_MATRIX type represents the compatibility bundle.",
"enum": [
"MUB",
"PUB",
"COMPATIBILITY_MATRIX",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Type of upgrade bundle",
"type": "string"
},
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": true,
"required": false,
"title": "URL from which the bundle was uploaded",
"type": "string"
}
},
"title": "Upload status of upgrade bundle",
"type": "object"
}
UpgradeCheck (type)
{
"additionalProperties": false,
"description": "Check to identify potential pre/post-upgrade issues",
"id": "UpgradeCheck",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the pre/post-upgrade check",
"type": "string"
},
"failure_messages": {
"deprecated": true,
"description": "List of failure messages. This field is deprecated now. Please use failures instead.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of failure messages",
"type": "array"
},
"failures": {
"items": {
"$ref": "UpgradeCheckFailureMessage
},
"readonly": true,
"required": false,
"title": "List of failures",
"type": "array"
},
"status": {
"enum": [
"SUCCESS",
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Status of pre/post-upgrade check",
"type": "string"
}
},
"title": "Pre/post-upgrade check",
"type": "object"
}
UpgradeCheckCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "UpgradeCheckCsvListResult",
"module_id": "Upgrade",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "UpgradeCheckCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
UpgradeCheckCsvRecord (type)
{
"additionalProperties": false,
"description": "CSV record for a pre/post-upgrade check",
"extends": {
"$ref": "CsvRecord
},
"id": "UpgradeCheckCsvRecord",
"module_id": "Upgrade",
"properties": {
"check_description": {
"description": "Description of the pre/post-upgrade check",
"readonly": false,
"required": false,
"title": "Description of the upgrade check",
"type": "string"
},
"check_name": {
"description": "Display name of the pre/post-upgrade check",
"readonly": false,
"required": true,
"title": "Name of the upgrade check",
"type": "string"
},
"failure_messages": {
"description": "Space-separated list of failure messages",
"readonly": true,
"required": false,
"title": "Failure messages",
"type": "string"
},
"status": {
"description": "Status of the pre/post-upgrade check",
"enum": [
"SUCCESS",
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Status of the upgrade check",
"type": "string"
},
"upgrade_unit_id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of the upgrade unit",
"type": "string"
},
"upgrade_unit_metadata": {
"description": "Meta-data of the upgrade-unit",
"readonly": true,
"required": false,
"title": "Meta-data of the upgrade-unit",
"type": "string"
},
"upgrade_unit_type": {
"description": "Component type of the upgrade unit",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"title": "CSV record for an upgrade-check",
"type": "object"
}
UpgradeCheckFailure (type)
{
"additionalProperties": false,
"description": "Pre/post-upgrade check failure",
"id": "UpgradeCheckFailure",
"module_id": "Upgrade",
"properties": {
"acked": {
"description": "Flag which tells if the precheck is acknowledged",
"readonly": true,
"required": false,
"title": "Flag which tells if the precheck is acknowledged",
"type": "boolean"
},
"component_type": {
"description": "Component type of the origin of failure",
"readonly": true,
"required": true,
"title": "Component type",
"type": "string"
},
"group_name": {
"description": "Name of the upgrade group of the origin of failure. Only applicable when origin_type is UPGRADE_UNIT.",
"readonly": false,
"required": false,
"title": "Name of upgrade group",
"type": "string"
},
"id": {
"description": "Precheckid of the pre upgrade check",
"readonly": true,
"required": false,
"title": "precheck id of the check",
"type": "string"
},
"message": {
"$ref": "UpgradeCheckFailureMessage,
"description": "Pre/post-upgrade check failure message",
"readonly": true,
"required": true,
"title": "Upgrade check failure message"
},
"needs_ack": {
"description": "Flag which identifies if acknowledgement is required for the precheck",
"readonly": true,
"required": false,
"title": "Flag which identifies if acknowledgement is required for the precheck",
"type": "boolean"
},
"needs_resolve": {
"description": "Flag which identifies if resolution is required for the precheck",
"readonly": true,
"required": false,
"title": "Flag which identifies if resolution is required for the precheck",
"type": "boolean"
},
"origin_id": {
"description": "Unique id of origin of pre/post-upgrade check failure",
"readonly": true,
"required": true,
"title": "Unique id of origin of failure",
"type": "string"
},
"origin_name": {
"description": "Name of origin of pre/post-upgrade check failure",
"readonly": true,
"required": true,
"title": "Name of origin of failure",
"type": "string"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check failure",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": true,
"required": true,
"title": "Type of origin of failure",
"type": "string"
},
"resolution_error": {
"description": "Error occured while resolving precheck",
"readonly": true,
"required": false,
"title": "Error occured while resolving",
"type": "string"
},
"resolution_status": {
"description": "Type of resolution status of precheck",
"enum": [
"UNRESOLVED",
"RESOLVING",
"RESOLVED",
"FAILURE"
],
"readonly": true,
"required": false,
"title": "Type of Resolution status",
"type": "string"
},
"type": {
"description": "Type of the pre/post-upgrade check failure",
"enum": [
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Type of failure",
"type": "string"
}
},
"title": "Upgrade check failure",
"type": "object"
}
UpgradeCheckFailureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeCheckFailureListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type on which upgrade check failures are to be filtered",
"readonly": false,
"required": false,
"title": "Component type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_text": {
"description": "Text to filter the results on. The filter text is matched with origin name and failure message. String matching for the filter is case-insensitive.",
"readonly": false,
"required": false,
"title": "Filter text",
"type": "string"
},
"group_id": {
"description": "Group id for filter to be applied.",
"readonly": false,
"required": false,
"title": "Filter on the group id",
"type": "string"
},
"group_name": {
"description": "Group name for filter to be applied.",
"readonly": false,
"required": false,
"title": "Filter on the group name",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"needs_ack": {
"description": "Filter based on if acknowledgement is required.",
"readonly": false,
"required": false,
"title": "Filter based on acknowledgement required",
"type": "boolean"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check failure",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": false,
"required": false,
"title": "Type of origin of failure",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Status of the pre/post-upgrade check to filter the results on",
"enum": [
"FAILURE",
"WARNING"
],
"readonly": false,
"required": false,
"title": "Status of the upgrade check",
"type": "string"
},
"unit_id": {
"description": "Unit id for filter to be applied.",
"readonly": false,
"required": false,
"title": "Filter on the unit id",
"type": "string"
},
"unit_name": {
"description": "Unit name for filter to be applied.",
"readonly": false,
"required": false,
"title": "Filter on the unit name",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckFailureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeCheckFailureListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeCheckFailure
},
"required": true,
"title": "Collection of pre/post-upgrade check failures",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckFailureMessage (type)
{
"description": "Pre/post-upgrade check failure message",
"id": "UpgradeCheckFailureMessage",
"module_id": "Upgrade",
"properties": {
"error_code": {
"description": "Error code for the error/warning",
"readonly": true,
"required": true,
"title": "Error code",
"type": "integer"
},
"message": {
"description": "Error/warning message",
"readonly": true,
"required": true,
"title": "Error/warning message",
"type": "string"
}
},
"title": "Upgrade check failure message",
"type": "object"
}
UpgradeCheckInfo (type)
{
"additionalProperties": false,
"description": "Meta-data of a pre/post-upgrade check",
"id": "UpgradeCheckInfo",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the pre/post-upgrade check",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"description": {
"description": "Description of the pre/post-upgrade check",
"readonly": true,
"required": false,
"title": "Description",
"type": "string"
},
"id": {
"description": "Unique identifier of the pre/post-upgrade check",
"readonly": true,
"required": false,
"title": "Unique identifier of the upgrade check",
"type": "string"
},
"name": {
"description": "Display name of the pre/post-upgrade check",
"readonly": true,
"required": true,
"title": "Name of the upgrade check",
"type": "string"
}
},
"title": "Meta-data of a pre/post-upgrade check",
"type": "object"
}
UpgradeCheckInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeCheckInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade checks are to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeCheckListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"checks": {
"items": {
"$ref": "UpgradeCheck
},
"required": true,
"title": "Paged Collection of pre/post-upgrade checks",
"type": "array"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckListResults (type)
{
"additionalProperties": false,
"id": "UpgradeCheckListResults",
"module_id": "Upgrade",
"properties": {
"checks_with_warnings": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
},
"failed_checks": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
},
"successful_checks": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
}
},
"type": "object"
}
UpgradeCheckSuccess (type)
{
"additionalProperties": false,
"description": "Pre/post-upgrade check success",
"id": "UpgradeCheckSuccess",
"module_id": "Upgrade",
"properties": {
"acked": {
"description": "Flag which tells if the precheck is acknowledged",
"readonly": true,
"required": false,
"title": "Flag which tells if the precheck is acknowledged",
"type": "boolean"
},
"component_type": {
"description": "Component type of the origin of success",
"readonly": true,
"required": true,
"title": "Component type",
"type": "string"
},
"group_name": {
"description": "Name of the upgrade group of the origin of success. Only applicable when origin_type is UPGRADE_UNIT.",
"readonly": false,
"required": false,
"title": "Name of upgrade group",
"type": "string"
},
"id": {
"description": "Precheck id of the upgrade check",
"readonly": true,
"required": false,
"title": "Precheck id of the check",
"type": "string"
},
"message": {
"$ref": "UpgradeCheckSuccessMessage,
"description": "Pre/post-upgrade check failure message",
"readonly": true,
"required": true,
"title": "Upgrade check failure message"
},
"needs_ack": {
"description": "Flag which identifies if acknowledgement is required for the precheck",
"readonly": true,
"required": false,
"title": "Flag which identifies if acknowledgement is required for the precheck",
"type": "boolean"
},
"needs_resolve": {
"description": "Flag which identifies if resolution is required for the precheck",
"readonly": true,
"required": false,
"title": "Flag which identifies if resolution is required for the precheck",
"type": "boolean"
},
"origin_id": {
"description": "Unique id of origin of pre/post-upgrade check success",
"readonly": true,
"required": true,
"title": "Unique id of origin of sucess",
"type": "string"
},
"origin_name": {
"description": "Name of origin of pre/post-upgrade check success",
"readonly": true,
"required": true,
"title": "Name of origin of success",
"type": "string"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check success",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": true,
"required": true,
"title": "Type of origin of success",
"type": "string"
},
"resolution_error": {
"description": "Error occured while resolving precheck",
"readonly": true,
"required": false,
"title": "Error occured while resolving",
"type": "string"
},
"resolution_status": {
"description": "Type of resolution status of precheck",
"enum": [
"UNRESOLVED",
"RESOLVING",
"RESOLVED",
"FAILURE"
],
"readonly": true,
"required": false,
"title": "Type of Resolution status",
"type": "string"
},
"type": {
"description": "Type of the pre/post-upgrade check success",
"enum": [
"SUCCESS"
],
"readonly": true,
"required": true,
"title": "Type of success",
"type": "string"
}
},
"title": "Upgrade check success",
"type": "object"
}
UpgradeCheckSuccessListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeCheckSuccessListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type on which upgrade check successes are to be filtered",
"readonly": false,
"required": false,
"title": "Component type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_text": {
"description": "Text to filter the results on. The filter text is matched with origin name and success message. String matching for the filter is case-insensitive.",
"readonly": false,
"required": false,
"title": "Filter text",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check success",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": false,
"required": false,
"title": "Type of origin of success",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Status of the pre/post-upgrade check to filter the results on",
"enum": [
"SUCCESS"
],
"readonly": false,
"required": false,
"title": "Status of the upgrade check",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckSuccessListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeCheckSuccessListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeCheckSuccess
},
"required": true,
"title": "Collection of pre/post-upgrade check success",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckSuccessMessage (type)
{
"description": "Pre/post-upgrade check success message",
"id": "UpgradeCheckSuccessMessage",
"module_id": "Upgrade",
"properties": {
"message": {
"description": "success message",
"readonly": true,
"required": true,
"title": "success message",
"type": "string"
}
},
"title": "Upgrade check success message",
"type": "object"
}
UpgradeChecksExecutionStatus (type)
{
"additionalProperties": false,
"description": "Execution status of pre/post-upgrade checks",
"id": "UpgradeChecksExecutionStatus",
"module_id": "Upgrade",
"properties": {
"details": {
"readonly": true,
"required": false,
"title": "Details about current execution of pre/post-upgrade checks",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks completed\n"
},
"error_count": {
"description": "Total count of generated Failures in last execution of pre/post upgrade checks",
"readonly": true,
"required": false,
"title": "Failure count",
"type": "int"
},
"failure_count": {
"description": "Total count of generated failures or warnings in last execution of pre/post-upgrade checks",
"readonly": true,
"required": false,
"title": "Failure count",
"type": "int"
},
"node_with_issues_count": {
"deprecated": true,
"description": "Number of nodes which generated failures or warnings in last execution of pre/post-upgrade checks. This field has been deprecated. Please use failure_count instead.",
"readonly": true,
"required": false,
"title": "Number of nodes with failures/warnings",
"type": "int"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks started\n"
},
"status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"ABORTING",
"ABORTED",
"COMPLETED"
],
"readonly": true,
"required": true,
"title": "Status of execution of pre/post-upgrade checks",
"type": "string"
},
"warning_count": {
"description": "Total count of generated warnings in last execution of pre/post upgrade checks.",
"readonly": true,
"required": false,
"title": "Warning count",
"type": "int"
}
},
"title": "Execution status of pre/post-upgrade checks",
"type": "object"
}
UpgradeComponentType (type)
{
"additionalProperties": false,
"id": "UpgradeComponentType",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": true,
"required": false,
"title": "Type of the component",
"type": "string"
}
},
"type": "object"
}
UpgradeCoordinatorDeploymentConfig (type)
{
"additionalProperties": false,
"description": "Configuration for upgrade-coordinator deployment.",
"extends": {
"$ref": "CloudNativeDeploymentConfig
},
"id": "UpgradeCoordinatorDeploymentConfig",
"module_id": "PolicyCloudNativeUpgradeCoordinator",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"cluster_id": {
"description": "Unique id to identify kubernetes guest cluster.",
"required": false,
"title": "Kubernetes cluster id",
"type": "string"
},
"deployment_action": {
"$ref": "CloudNativeDeploymentAction,
"title": "Deployment action"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"kubeconf_info": {
"$ref": "KubeconfigInfo,
"description": "Information about kubeconfig file.",
"title": "Kubeconfig info"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"storage_class": {
"description": "Kubernetes cluster storage class",
"title": "Storage class",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Deployment version in use.",
"title": "Deployment version",
"type": "string"
}
},
"title": "Deployment configuration",
"type": "object"
}
UpgradeHistory (type)
{
"additionalProperties": false,
"id": "UpgradeHistory",
"module_id": "UpgradeTypes",
"properties": {
"initial_version": {
"description": "Version before the upgrade started",
"required": true,
"title": "Initial Version",
"type": "string"
},
"target_version": {
"description": "Version being upgraded to",
"required": true,
"title": "Target Version",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "Timestamp (in milliseconds since epoch) when the upgrade was performed"
},
"upgrade_status": {
"enum": [
"STARTED",
"SUCCESS",
"FAILED"
],
"required": true,
"title": "Status of the upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeHistoryList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeHistoryList",
"module_id": "UpgradeTypes",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeHistory
},
"readonly": true,
"required": false,
"title": "Upgrade history list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradePlanResetRequest (type)
{
"additionalProperties": false,
"id": "UpgradePlanResetRequest",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"type": "object"
}
UpgradePlanSettings (type)
{
"additionalProperties": false,
"id": "UpgradePlanSettings",
"module_id": "Upgrade",
"properties": {
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade Method to specify whether the upgrade is to be performed serially or in parallel",
"type": "boolean"
},
"pause_after_each_group": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the upgrade after upgrade of each group is completed",
"type": "boolean"
},
"pause_on_error": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the upgrade plan execution when an error occurs",
"type": "boolean"
}
},
"type": "object"
}
UpgradeProgressStatus (type)
{
"id": "UpgradeProgressStatus",
"properties": {
"last_upgrade_step_status": {
"title": "Status of last upgrade step",
"type": "object"
},
"upgrade_bundle_present": {
"title": "True if upgrade bundle is present",
"type": "boolean"
},
"upgrade_metadata": {
"title": "Meta info of upgrade",
"type": "object"
}
},
"title": "Upgrade progress status",
"type": "object"
}
UpgradeResourceFilter (type)
{
"additionalProperties": false,
"id": "UpgradeResourceFilter",
"module_id": "Upgrade",
"properties": {
"field_name": {
"description": "Resource type. It is mandatory field.",
"enum": [
"id",
"name",
"enabled",
"mode",
"status",
"ip",
"host-os",
"host-os-version",
"version",
"vlcm-sah"
],
"readonly": false,
"required": true,
"title": "Resource type",
"type": "string"
},
"values": {
"description": "Values to be searched. For searching exact string use simple string e.g. Cluster-1 , for wildcard , use *Cluster*1*. This values are Or'ed while filtering i.e. if resource matches any of the value in array (case-insensitive) then it will be returned.",
"items": {
"type": "string"
},
"readonly": false,
"required": true,
"title": "array of exact value / wildcard patterns to be searched",
"type": "array"
}
},
"type": "object"
}
UpgradeResourceFilters (type)
{
"additionalProperties": false,
"id": "UpgradeResourceFilters",
"module_id": "Upgrade",
"properties": {
"filters": {
"description": "filter query",
"items": {
"$ref": "UpgradeResourceFilter
},
"readonly": false,
"required": true,
"title": "filter query",
"type": "array"
},
"resource_type": {
"description": "Resource type. It is mandatory field. The valid values are \"\"",
"enum": [
"UPGRADE_GROUP",
"UPGRADE_UNIT"
],
"readonly": false,
"required": true,
"title": "Resource type",
"type": "string"
}
},
"type": "object"
}
UpgradeResourcesFilterListRequestParameters (type)
{
"additionalProperties": false,
"id": "UpgradeResourcesFilterListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "The component_type the resource belongs to. This is mandatory parameter.",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"query": {
"description": "Upgrade Resource filters",
"items": {
"$ref": "UpgradeResourceFilters
},
"readonly": true,
"required": false,
"title": "Upgrade Resource filters",
"type": "array"
},
"sync": {
"default": false,
"description": "If the flag is true , sync operation will be performed before executing the request. If flag is false ,sync is skipped. Please note, sync operation is sometimes expensive and will increase the response time. Any error occurred during sync is ignored.",
"readonly": false,
"required": false,
"title": "Hint to whether perform sync before operation or not",
"type": "boolean"
}
},
"type": "object"
}
UpgradeStatus (type)
{
"additionalProperties": false,
"id": "UpgradeStatus",
"module_id": "Upgrade",
"properties": {
"ccp_status": {
"$ref": "CCPUpgradeStatus,
"readonly": true,
"required": false,
"title": "CCP upgrade status"
},
"component_status": {
"items": {
"$ref": "ComponentUpgradeStatus
},
"readonly": true,
"required": true,
"title": "List of component statuses",
"type": "array"
},
"edge_status": {
"$ref": "EdgeUpgradeStatus,
"readonly": true,
"required": false,
"title": "Edge upgrade status"
},
"host_status": {
"$ref": "HostUpgradeStatus,
"readonly": true,
"required": false,
"title": "Host upgrade status"
},
"overall_upgrade_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeStatusSummary (type)
{
"id": "UpgradeStatusSummary",
"properties": {
"upgrade_bundle_present": {
"title": "True if upgrade bundle is present",
"type": "boolean"
},
"upgrade_metadata": {
"title": "Meta info of upgrade",
"type": "object"
},
"upgrade_steps": {
"items": {
"type": "object"
},
"title": "List of all upgrade steps performed",
"type": "array"
}
},
"title": "Upgrade status summry",
"type": "object"
}
UpgradeSummary (type)
{
"additionalProperties": false,
"id": "UpgradeSummary",
"module_id": "Upgrade",
"properties": {
"component_target_versions": {
"items": {
"$ref": "ComponentTargetVersion
},
"readonly": true,
"required": false,
"type": "array"
},
"pre_upgrade_bundle_version": {
"readonly": true,
"required": true,
"title": "Current version of pre-upgrade bundle",
"type": "string"
},
"system_version": {
"readonly": true,
"required": true,
"title": "Current system version",
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"title": "Target system version",
"type": "string"
},
"upgrade_bundle_file_name": {
"readonly": true,
"required": false,
"title": "Name of the last successfully uploaded upgrade bundle file",
"type": "string"
},
"upgrade_coordinator_updated": {
"readonly": true,
"required": false,
"title": "Has upgrade coordinator been updated after upload of upgrade bundle file",
"type": "boolean"
},
"upgrade_coordinator_version": {
"readonly": true,
"required": true,
"title": "Current version of upgrade coordinator",
"type": "string"
},
"upgrade_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeTaskActionParameters (type)
{
"id": "UpgradeTaskActionParameters",
"properties": {
"action": {
"description": "The upgrade task to perform.",
"pattern": "^[^/]+$",
"title": "Upgrade task",
"type": "string"
}
},
"type": "object"
}
UpgradeTaskProperties (type)
{
"additionalProperties": false,
"id": "UpgradeTaskProperties",
"properties": {
"bundle_name": {
"required": true,
"title": "Name of Bundle",
"type": "string"
},
"parameters": {
"readonly": true,
"required": false,
"title": "Bundle arguments",
"type": "object"
},
"step": {
"required": false,
"title": "Step name",
"type": "string"
}
},
"title": "Task properties",
"type": "object"
}
UpgradeTaskStatusQueryParameters (type)
{
"id": "UpgradeTaskStatusQueryParameters",
"properties": {
"bundle_name": {
"description": "Provide a bundle name",
"pattern": "^[a-zA-Z0-9-.]+$",
"title": "Bundle Name",
"type": "string"
},
"upgrade_task_id": {
"description": "Provide a task id",
"pattern": "^[a-z0-9-]+$",
"title": "Upgrade Task ID",
"type": "string"
}
},
"type": "object"
}
UpgradeTopology (type)
{
"id": "UpgradeTopology",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"topology": {
"items": {
"$ref": "NvdsUpgradeTopology
},
"required": true,
"title": "All resultant VDS mapping for a NVDS after the migration",
"type": "array"
}
},
"title": "Recommended topology for migrating NVDS to VDS",
"type": "object"
}
UpgradeUIPreferences (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "UpgradeUIPreferences",
"module_id": "Upgrade",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"preferences": {
"description": "Hints for the upgrade UI.",
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Hints for UI in key-value format.",
"type": "array"
},
"product": {
"description": "The preferences specified in 'preferences' sections is only applicable for the product name specified here. This hints are only for UI and are product specific. The keys are contract between UI and backend.",
"readonly": true,
"required": false,
"title": "Product name",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
UpgradeUnit (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "UpgradeUnit",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"current_version": {
"description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.",
"readonly": true,
"required": false,
"title": "Current version of upgrade unit",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the upgrade unit",
"type": "string"
},
"group": {
"$ref": "UpgradeUnitGroupInfo,
"readonly": true,
"required": false,
"title": "Info of the group to which this upgrade unit belongs"
},
"id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of the upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "UpgradeUnitAggregateInfo",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"current_version": {
"description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.",
"readonly": true,
"required": false,
"title": "Current version of upgrade unit",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the upgrade unit",
"type": "string"
},
"error_details": {
"items": {
"$ref": "ErrorClass
},
"readonly": true,
"required": false,
"title": "List of detailed errors with error code that occurred during upgrade of this upgrade unit",
"type": "array"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during upgrade of this upgrade unit",
"type": "array"
},
"group": {
"$ref": "UpgradeUnitGroupInfo,
"readonly": true,
"required": false,
"title": "Info of the group to which this upgrade unit belongs"
},
"id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "Identifier of the upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"post_check_status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"readonly": true,
"required": false,
"title": "Status of upgrade unit",
"type": "string"
},
"post_upgrade_checks": {
"$ref": "UpgradeCheckListResults,
"readonly": true,
"required": false
},
"pre_upgrade_checks": {
"$ref": "UpgradeCheckListResults,
"readonly": true,
"required": false
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade unit",
"type": "string"
},
"type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitAggregateInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitAggregateInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "Identifier of group based on which upgrade units to be filtered",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about upgrade unit to filter on",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"selection_status": {
"default": "ALL",
"enum": [
"SELECTED",
"DESELECTED",
"ALL"
],
"required": false,
"title": "Flag to indicate whether to return only selected, only deselected or both type of upgrade units",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"upgrade_unit_display_name": {
"description": "Display name of upgrade unit to filter the results on. String matching for the filter is case-insensitive.",
"readonly": false,
"required": false,
"title": "Display name of upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitAggregateInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of UpgradeUnit AggregateInfo",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitFilterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitFilterListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "Identifier of group based on which upgrade units to be filtered",
"type": "string"
},
"group_name": {
"readonly": false,
"required": false,
"title": "Group name to be filtered",
"type": "string"
},
"hypervisor": {
"readonly": false,
"required": false,
"title": "Hypervisor to be filtered for the upgrade unit",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"status": {
"readonly": false,
"required": false,
"title": "Status of the upgrade unit to filtered",
"type": "string"
},
"unit_ip": {
"readonly": false,
"required": false,
"title": "IP of the upgrade unit to be filtered",
"type": "string"
},
"unit_name": {
"readonly": false,
"required": false,
"title": "Unit name to be filtered for the group",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "UpgradeUnitGroup",
"module_id": "Upgrade",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether upgrade of this group is enabled or not",
"type": "boolean"
},
"extended_configuration": {
"description": "Extended configuration for the group. Following extended_configuration is supported: Key: upgrade_mode Supported values: maintenance_mode, in_place, stage_in_vlcm Key: maintenance_mode_config_vsan_mode Supported values: evacuate_all_data, ensure_object_accessibility, no_action Key: maintenance_mode_config_evacuate_powered_off_vms Supported values: true, false Key: rebootless_upgrade Supported values: true, false",
"items": {
"$ref": "KeyValuePair
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "Extended configuration for the group",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially",
"type": "boolean"
},
"pause_after_each_upgrade_unit": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether upgrade should be paused after upgrade of each upgrade-unit",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"upgrade_unit_count": {
"description": "Number of upgrade units in the group",
"readonly": true,
"required": false,
"title": "Count of upgrade units in the group",
"type": "int"
},
"upgrade_units": {
"items": {
"$ref": "UpgradeUnit
},
"maxItems": 512,
"readonly": false,
"required": false,
"title": "List of upgrade units in the group",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitGroupAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "UpgradeUnitGroupAggregateInfo",
"module_id": "Upgrade",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether upgrade of this group is enabled or not",
"type": "boolean"
},
"extended_configuration": {
"items": {
"$ref": "KeyValuePair
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "Extended configuration for the group",
"type": "array"
},
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the upgrade unit group that failed upgrade",
"type": "int"
},
"group_level_failure": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Reports failures that occured at the group or cluster level.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially",
"type": "boolean"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"post_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Post-upgrade status of group"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of upgrade unit group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"upgrade_unit_count": {
"description": "Number of upgrade units in the group",
"readonly": true,
"required": false,
"title": "Count of upgrade units in the group",
"type": "int"
},
"upgrade_units": {
"items": {
"$ref": "UpgradeUnit
},
"maxItems": 512,
"readonly": false,
"required": false,
"title": "List of upgrade units in the group",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitGroupAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupAggregateInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroupAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of upgrade status for upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupFilterListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitGroupFilterListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type based on which upgrade unit groups to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enabled": {
"readonly": false,
"required": false,
"title": "Status of the group to apply filter",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "Identifier of group based on which upgrade unit groups to be filtered",
"type": "string"
},
"group_name": {
"readonly": false,
"required": false,
"title": "Group name to be filtered",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"status": {
"readonly": false,
"required": false,
"title": "Status of the group to apply filter",
"type": "string"
},
"unit_ip": {
"readonly": false,
"required": false,
"title": "IP of upgrade units to be filtered",
"type": "string"
},
"unit_name": {
"readonly": false,
"required": false,
"title": "Unit name to be filtered for the group",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupInfo (type)
{
"additionalProperties": false,
"id": "UpgradeUnitGroupInfo",
"module_id": "Upgrade",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "Name of the group",
"type": "string"
},
"id": {
"description": "Identifier of group",
"readonly": true,
"required": true,
"title": "UUID of group",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitGroupListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade unit groups to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"summary": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag indicating whether to return summary",
"type": "boolean"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning upgrade unit groups",
"required": false,
"title": "Synchronize before returning upgrade unit groups",
"type": "boolean"
}
},
"type": "object"
}
UpgradeUnitGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroup
},
"required": true,
"title": "Paged Collection of Upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupStatus (type)
{
"additionalProperties": false,
"id": "UpgradeUnitGroupStatus",
"module_id": "Upgrade",
"properties": {
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the upgrade unit group that failed upgrade",
"type": "int"
},
"group_id": {
"description": "Identifier for upgrade unit group",
"readonly": true,
"required": true,
"title": "UUID of upgrade unit group",
"type": "string"
},
"group_name": {
"description": "Name of the upgrade unit group",
"readonly": true,
"required": true,
"title": "Upgrade unit group Name",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of upgrade unit group",
"type": "string"
},
"upgrade_unit_count": {
"readonly": true,
"required": true,
"title": "Number of upgrade units in the group",
"type": "int"
}
},
"type": "object"
}
UpgradeUnitGroupStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupStatusListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroupStatus
},
"readonly": true,
"required": true,
"title": "Paged collection of upgrade status for upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitList (type)
{
"additionalProperties": false,
"id": "UpgradeUnitList",
"module_id": "Upgrade",
"properties": {
"list": {
"items": {
"$ref": "UpgradeUnit
},
"required": true,
"title": "Collection of Upgrade units",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"current_version": {
"readonly": false,
"required": false,
"title": "Current version of upgrade unit based on which upgrade units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "UUID of group based on which upgrade units to be filtered",
"type": "string"
},
"has_warnings": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with warnings",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about upgrade unit to filter on",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"upgrade_unit_type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type based on which upgrade units to be filtered",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnit
},
"required": true,
"title": "Paged Collection of Upgrade units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitStatus (type)
{
"additionalProperties": false,
"id": "UpgradeUnitStatus",
"module_id": "Upgrade",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "Name of upgrade unit",
"type": "string"
},
"error_details": {
"items": {
"$ref": "ErrorClass
},
"readonly": true,
"required": false,
"title": "List of detailed errors with error code that occurred during upgrade of this upgrade unit",
"type": "array"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during upgrade of this upgrade unit",
"type": "array"
},
"id": {
"description": "Identifier of upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitStatusListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitStatus
},
"required": true,
"title": "Paged Collection of upgrade units status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitTypeStats (type)
{
"additionalProperties": false,
"id": "UpgradeUnitTypeStats",
"module_id": "Upgrade",
"properties": {
"node_count": {
"readonly": true,
"required": true,
"title": "Number of nodes",
"type": "int"
},
"node_with_issues_count": {
"readonly": true,
"required": false,
"title": "Number of nodes with issues that may cause upgrade failure",
"type": "int"
},
"type": {
"readonly": true,
"required": true,
"title": "Type of upgrade unit",
"type": "string"
},
"upgrade_unit_subtype": {
"enum": [
"RESOURCE",
"ACTION"
],
"readonly": true,
"required": false,
"title": "UpgradeUnit sub type",
"type": "string"
},
"version": {
"readonly": true,
"required": true,
"title": "Version of the upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitTypeStatsList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitTypeStatsList",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitTypeStats
},
"readonly": true,
"required": false,
"title": "List of upgrade unit type stats",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitsStatsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitsStatsRequestParameters",
"module_id": "Upgrade",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning upgrade unit stats",
"required": false,
"title": "Synchronize before returning upgrade unit stats",
"type": "boolean"
}
},
"type": "object"
}
Uplink (type)
{
"id": "Uplink",
"module_id": "UplinkHostSwitchProfile",
"properties": {
"uplink_info": {
"description": "Additional information indicating if the uplink is being configured for certain data-path features. An uplink can be considered as DPU capable if the corresponding host-switch data-path processing is offloaded to the SmartNic. PRP_LAN enums are not supported currently.",
"enum": [
"PRP_LAN_A",
"PRP_LAN_B",
"DPU"
],
"nsx_feature": "DualDpuNetwork",
"required": false,
"title": "Additional information about the uplink",
"type": "string"
},
"uplink_name": {
"help_summary": "the max length of the name is 47-byte in UTF-8 encoding",
"required": true,
"title": "Name of this uplink",
"type": "string"
},
"uplink_type": {
"enum": [
"PNIC",
"LAG"
],
"required": true,
"title": "Type of the uplink",
"type": "string"
}
},
"title": "Object to identify an uplink based on its type and name",
"type": "object"
}
UplinkHostSwitchProfile (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "BaseHostSwitchProfile
},
"id": "UplinkHostSwitchProfile",
"module_id": "UplinkHostSwitchProfile",
"polymorphic-type-descriptor": {
"type-identifier": "UplinkHostSwitchProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lags": {
"help_summary": "Valid only for a NVDS Hostswitch. For VDS Lags are configured from VC.",
"items": {
"$ref": "Lag
},
"maxItems": 64,
"required": false,
"title": "list of LACP group",
"type": "array"
},
"mtu": {
"help_summary": "If this field is not provided, the value of the \"physical_uplink_mtu\" from the GlobalConfigs module will be used as the default.",
"minimum": 1280,
"required": false,
"title": "Maximum Transmission Unit used for uplinks",
"type": "int"
},
"named_teamings": {
"help_summary": "If this field is not provided, logical switches will not have specific teaming policies applied to them; the default teaming policy will be used. For Non-ESX transport nodes that do not support specific uplink teaming policies on logical switches, their UplinkHostSwitchProfiles must NOT set this property; the default TeamingPolicy will always be used.",
"items": {
"$ref": "NamedTeamingPolicy
},
"maxItems": 32,
"required": false,
"title": "List of named uplink teaming policies that can be used by logical switches",
"type": "array"
},
"overlay_encap": {
"default": "GENEVE",
"enum": [
"VXLAN",
"GENEVE"
],
"required": false,
"title": "The protocol used to encapsulate overlay traffic",
"type": "string"
},
"required_capabilities": {
"help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"type": "array"
},
"resource_type": {
"$ref": "HostSwitchProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"teaming": {
"$ref": "TeamingPolicy,
"help_summary": "This is the default TeamingPolicy used on TransportNodes that use this UplinkHostSwitchProfile for the logical switches that do not have any NamedTeamingPolicy assigned.",
"required": true,
"title": "Default TeamingPolicy associated with this UplinkProfile"
},
"transport_vlan": {
"$ref": "VlanID,
"default": 0,
"required": false,
"title": "VLAN used for tagging Overlay traffic of associated HostSwitch"
}
},
"title": "Profile for uplink policies",
"type": "object"
}
UploadBundleId (type)
{
"additionalProperties": false,
"description": "Bundle Id for uploaded file.",
"id": "UploadBundleId",
"module_id": "PolicyCloudNative",
"properties": {
"bundle_id": {
"description": "Bundle id of uploaded file.",
"title": "Bundle id",
"type": "string"
}
},
"title": "Bundle Id",
"type": "object"
}
UploadBundleRemoteServer (type)
{
"additionalProperties": false,
"description": "Upload bundle from remote server.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "UploadBundleRemoteServer",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port": {
"description": "Remote server port.",
"required": false,
"title": "Server port",
"type": "string"
},
"protocol": {
"description": "Protocol used HTTP or HTTPS.",
"enum": [
"HTTP",
"HTTPS"
],
"required": true,
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server": {
"description": "Remote server IP or FQDN.",
"format": "hostname-or-ip",
"required": true,
"title": "Server IP or FQDN",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uri": {
"description": "Relative path to download file from remote server.",
"required": true,
"title": "Relative path to download file",
"type": "string"
}
},
"title": "Upload bundle from remote server",
"type": "object"
}
UploadBundleStatus (type)
{
"additionalProperties": false,
"description": "Status of uploaded bundle.",
"extends": {
"$ref": "UploadBundleRemoteServer
},
"id": "UploadBundleStatus",
"module_id": "PolicyCloudNative",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"description": "More detail about tools bundle file upload.",
"title": "Detail about bundle upload",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"percent": {
"description": "Upload percentage for tools bundle file.",
"title": "Upload percentage for bundle",
"type": "number"
},
"port": {
"description": "Remote server port.",
"required": false,
"title": "Server port",
"type": "string"
},
"protocol": {
"description": "Protocol used HTTP or HTTPS.",
"enum": [
"HTTP",
"HTTPS"
],
"required": true,
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server": {
"description": "Remote server IP or FQDN.",
"format": "hostname-or-ip",
"required": true,
"title": "Server IP or FQDN",
"type": "string"
},
"status": {
"description": "Current state of bundle upload. UPLOADING - Upload in progress. DOWNLOADING - Download in progress. EXTRACTING - Extract in progress. VERIFYING - Verifying signature of uploaded bundle. SUCCESS - Upload complete. FAILED - Upload failed.",
"enum": [
"UPLOADING",
"DOWNLOADING",
"EXTRACTING",
"VERIFYING",
"SUCCESS",
"FAILED"
],
"title": "Current state of bundle upload",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uri": {
"description": "Relative path to download file from remote server.",
"required": true,
"title": "Relative path to download file",
"type": "string"
}
},
"title": "Status of uploaded bundle",
"type": "object"
}
UploadFileRequestParameters (type)
{
"additionalProperties": false,
"description": "This holds the requests parameters required to multipart-upload a file.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "UploadFileRequestParameters",
"module_id": "PolicyCertificate",
"properties": {
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file": {
"required": true,
"title": "File to be uploaded",
"type": "multipart_file"
}
},
"title": "Import file request parameters",
"type": "object"
}
UploadTlsCrlRequestParameters (type)
{
"additionalProperties": false,
"description": "Holds the requests parameters required to multipart-upload a TlsCrl objecta",
"extends": {
"$ref": "UploadFileRequestParameters
},
"id": "UploadTlsCrlRequestParameters",
"module_id": "PolicyCertificate",
"properties": {
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file": {
"required": true,
"title": "File to be uploaded",
"type": "multipart_file"
}
},
"title": "Upload TlsCrl request parameters",
"type": "object"
}
UpmEntityType (type)
{
"description": "All entity types supported.",
"enum": [
"LogicalPort",
"LogicalSwitch",
"NSGroup"
],
"id": "UpmEntityType",
"module_id": "UpmCommon",
"title": "Supported Entity Types",
"type": "string"
}
UrlAlias (type)
{
"additionalProperties": false,
"description": "Short name or alias of a url. It is used to represent the url.",
"id": "UrlAlias",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Short name or alias of url, if any. If not specified, the url can be referenced by its index in the array of urls of the datasource instance as $<index> (for example, $0).",
"maxLength": 255,
"title": "Url Alias Name",
"type": "string"
},
"keystore_info": {
"$ref": "KeyStoreInfo,
"description": "Key Store information for the URLAlias.Use this property if key store information is different for each url alias.",
"title": "Key Store Info for the URLAlias"
},
"query": {
"description": "Search query to be applied, if any. If query string is not provided, it will be ignored.",
"maxLength": 1024,
"title": "Search query of the search api, if any",
"type": "string"
},
"request_body": {
"description": "A raw request body in the form json format for a given url. This request body will be submitted along with request while giving a post api call.",
"titile": "A request body object for the given url",
"type": "object"
},
"request_headers": {
"description": "A raw request header in the form json format for a given url. This request header will be submitted along with request while giving a api call.",
"titile": "A request header object for the given url",
"type": "object"
},
"request_method": {
"default": "Get",
"description": "Type of the http method (Get, Post) to be used while invoking the given url through dashboard datasource framework.",
"enum": [
"Get",
"Post"
],
"title": "Type of http method",
"type": "string"
},
"url": {
"description": "Url to fetch data from.",
"maxLength": 1024,
"required": true,
"title": "Url",
"type": "string"
}
},
"title": "Url Alias",
"type": "object"
}
UrpfMode (type)
{
"enum": [
"NONE",
"STRICT"
],
"id": "UrpfMode",
"module_id": "LogicalRouterPorts",
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
UserFilterRequestParameters (type)
{
"additionalProperties": false,
"id": "UserFilterRequestParameters",
"module_id": "PolicyIdentity",
"properties": {
"include_users": {
"description": "whether users should be included in the list or not.",
"required": true,
"title": "include users filter",
"type": "boolean"
}
},
"title": "Get child groups/users based on boolean flag",
"type": "object"
}
UserInfo (type)
{
"id": "UserInfo",
"module_id": "AAA",
"properties": {
"roles": {
"items": {
"$ref": "NsxRole
},
"readonly": true,
"required": true,
"title": "Permissions",
"type": "array"
},
"roles_for_paths": {
"description": "The roles that are associated with the user, limiting them to a path. In case the path is null, the roles apply everywhere i.e. it is same as the deprecated property roles.",
"items": {
"$ref": "RolesForPath
},
"readonly": false,
"required": false,
"title": "Roles for Paths",
"type": "array"
},
"user_name": {
"readonly": true,
"required": true,
"title": "User Name",
"type": "string"
}
},
"title": "Authenticated User Info",
"type": "object"
}
UserRequestParameters (type)
{
"description": "Request parameters for user APIs like the /aaa/user-info/* APIs",
"id": "UserRequestParameters",
"module_id": "AAA",
"properties": {
"provide_flat_listing": {
"default": false,
"required": false,
"title": "Whether the output provides flat listing of all roles at each level or not",
"type": "boolean"
},
"root_path": {
"required": false,
"title": "Prefix path of the context",
"type": "string"
}
},
"title": "Request parameters for user APIs.",
"type": "object"
}
UserSession (type)
{
"additionalProperties": false,
"description": "User login session information",
"id": "UserSession",
"module_id": "PolicyRealizedState",
"properties": {
"domain_name": {
"description": "AD Domain of user.",
"required": true,
"title": "AD Domain",
"type": "string"
},
"login_time": {
"$ref": "EpochMsTimestamp,
"description": "Login time.",
"required": true,
"title": "Login time"
},
"logout_time": {
"$ref": "EpochMsTimestamp,
"description": "Logout time if applicable. An active user session has no logout time.",
"required": false,
"title": "Logout time if applicable"
},
"user_name": {
"description": "AD user name.",
"required": true,
"title": "AD user name",
"type": "string"
},
"user_session_id": {
"description": "User session ID. This also indicates whether this is VDI / RDSH.",
"required": true,
"title": "User session ID",
"type": "integer"
}
},
"type": "object"
}
UsernamePasswordLoginCredential (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LoginCredential
},
"id": "UsernamePasswordLoginCredential",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "UsernamePasswordLoginCredential"
},
"properties": {
"credential_type": {
"description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential', 'SessionLoginCredential'.",
"required": true,
"title": "Login credential, for example username-password-thumbprint, certificate or session based, etc",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "The authentication password for login",
"type": "secure_string"
},
"thumbprint": {
"required": false,
"title": "Thumbprint of the login server",
"type": "string"
},
"username": {
"required": false,
"title": "The username for login",
"type": "string"
}
},
"title": "A login credential specifying a username and password",
"type": "object"
}
V2tSiteMapping (type)
{
"additionalProperties": false,
"description": "Details about mapping of NSX-V and NSX-T Local Manager.",
"id": "V2tSiteMapping",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Federation NSX-T site id.",
"readonly": false,
"required": true,
"title": "Federation NSX-T site id",
"type": "string"
},
"nsxv_ip": {
"description": "NSX-V API endpoint IP address",
"format": "hostname-or-ip",
"readonly": true,
"required": true,
"title": "NSX-V API endpoint IP address",
"type": "string"
}
},
"title": "Details about mapping of NSX-V and NSX-T Local Manager",
"type": "object"
}
V2tSiteMappingSpec (type)
{
"additionalProperties": false,
"description": "Input spec for mapping of NSX-V and NSX-T sites",
"id": "V2tSiteMappingSpec",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "Federation NSX-T site id.",
"readonly": false,
"required": true,
"title": "Federation NSX-T site id",
"type": "string"
},
"nsxv_ip": {
"description": "NSX-V API endpoint IP address",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "NSX-V API endpoint IP address",
"type": "string"
},
"nsxv_password": {
"description": "Password for connecting to NSX-V manager.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Password for NSX-V manager",
"type": "secure_string"
},
"nsxv_username": {
"description": "Username for NSX-V manager",
"readonly": false,
"required": true,
"title": "Username for NSX-V manager",
"type": "string"
},
"vc_ip": {
"description": "IP address or host name of VC.",
"format": "hostname-or-ip",
"readonly": false,
"required": true,
"title": "VC IP address or host name",
"type": "string"
},
"vc_password": {
"description": "Password for connecting to VC.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "Password for VC",
"type": "secure_string"
},
"vc_port": {
"default": 443,
"description": "VC port that will be used to fetch details.",
"readonly": false,
"required": false,
"title": "VC port",
"type": "int"
},
"vc_username": {
"description": "Username for connecting to VC.",
"readonly": false,
"required": true,
"title": "Username for VC",
"type": "string"
}
},
"title": "Input spec for mapping of NSX-V and NSX-T sites",
"type": "object"
}
VCFolderStatus (type)
{
"additionalProperties": false,
"description": "Status of VC folder creation on vCenter",
"id": "VCFolderStatus",
"module_id": "PolicyProject",
"nsx_feature": "VCFolder",
"properties": {
"overall_status": {
"enum": [
"pending",
"in_progress",
"success",
"failed",
"not_required",
"not_configured",
"partial_success",
"partial_failure",
"not_supported"
],
"title": "Overall Status of VC Folder on vCenter",
"type": "string"
},
"vds_folder_display_name": {
"title": "VDS Folder Display Name on vCenter",
"type": "string"
},
"vds_folders_state": {
"items": {
"$ref": "VDSFolderState
},
"title": "Collection of VDS Folder State",
"type": "array"
}
},
"title": "VC Folder Status",
"type": "object"
}
VDSFolderState (type)
{
"additionalProperties": false,
"description": "Information of VDS folder on vCenter",
"id": "VDSFolderState",
"module_id": "PolicyProject",
"nsx_feature": "VCFolder",
"properties": {
"datacenter_id": {
"title": "vCenter datacenter id",
"type": "string"
},
"datacenter_name": {
"title": "vCenter datacenter id",
"type": "string"
},
"failure_reason": {
"title": "vCenter Folder State Failure Reason",
"type": "string"
},
"folder_moid": {
"title": "vCenter Folder Moid",
"type": "string"
},
"state": {
"enum": [
"Success",
"FailedForCreate",
"FailedForUpdate",
"FailedForDelete",
"NotSupported"
],
"title": "vCenter Folder State",
"type": "string"
},
"vcenter_display_name": {
"title": "vCenter Display Name",
"type": "string"
},
"vcenter_id": {
"title": "vCenter ID",
"type": "string"
},
"vds_display_name": {
"title": "vCenter VDS Name",
"type": "string"
},
"vds_uuid": {
"title": "vCenter VDS Uuid",
"type": "string"
}
},
"title": "VDS Folder State",
"type": "object"
}
VIFGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing virtual network interface external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VIFGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vif_external_id": {
"required": true,
"title": "Virtual network interface external ID",
"type": "string"
}
},
"title": "List request parameters containing virtual network interface external ID and enforcement point path",
"type": "object"
}
VIPSubnet (type)
{
"additionalProperties": false,
"id": "VIPSubnet",
"module_id": "LogicalRouter",
"properties": {
"active_vip_addresses": {
"description": "Array of IP address subnets which will be used as floating IP addresses. | These IPs will move and will be owned by Active node.",
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP Addresses which will be owned by uplink on active node.",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
VMDeploymentProgressState (type)
{
"description": "Deployment progress state of node VM. This Object contains name of current deployment step and overall progress percentage.",
"id": "VMDeploymentProgressState",
"module_id": "HostPrepServiceFabric",
"properties": {
"current_step_title": {
"description": "Name of the current running step of deployment",
"readonly": true,
"required": false,
"title": "Name of the current step",
"type": "string"
},
"progress": {
"description": "Overall progress percentage of deployment completed",
"readonly": true,
"required": false,
"title": "Progress percentage",
"type": "integer"
}
},
"title": "Deployment progress of node VM",
"type": "object"
}
VMGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing virtual machine external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VMGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vm_external_id": {
"required": true,
"title": "Virtual machine external ID",
"type": "string"
}
},
"title": "List request parameters containing virtual machine external ID and enforcement point path",
"type": "object"
}
VMTagReplicationPolicy (type)
{
"additionalProperties": false,
"description": "A policy to replicate tags from once site to other sites.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VMTagReplicationPolicy",
"module_id": "VMTagReplicationPolicy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "Paths of groups (VM tag-based, VM name-based, etc.) that translates into VMs to be replicated from protected site to recovery sites. If no group is specified, none of the VM tag will be replicated from protected site to recovery sites.",
"items": {
"type": "string"
},
"title": "Paths of groups",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protected_site": {
"description": "A path of protected site, from where tags of selected VMs will be replicated to recovery sites.",
"required": true,
"title": "A path of protected site",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_PROTECTED_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"recovery_sites": {
"description": "Paths of recovery sites, where tags of selected VMs will be replicated to, from protected site.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Paths of recovery sites",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_RECOVERY_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"replication_type": {
"default": "OTHER",
"description": "Specifies type of replication used in DR (Disaster Recovery) failover.",
"enum": [
"VSPHERE_REPLICATION",
"STORAGE_ARRAY_REPLICATION",
"OTHER"
],
"readonly": false,
"required": false,
"title": "Replication type used in DR failover",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tag_delay_delete_time": {
"description": "This specifies delay in minutes which is used for deletion of tags of virtual machines on recovery site. If a VM is deleted on protected site and has not appeared on recovery site (e.g. this can happen primarily when array based storage replication is used with SRM and DR failover is run while protected site is reachable), the tags will be retained for this much amount of time on recovery site. VM appears within this much time on recovery site, then tags will get applied on recovery site. If replication type is VSPHERE_REPLICATION or OTHER, then its default value is 0 minutes. If replication type is STORAGE_ARRAY_REPLICATION, then its default value is 30 minutes. If this value is not specified, then default value according to replication type will be applicable. The time for virtual machines to appear on recovery site after those are deleted from primary site in case of storage replication depends on count of virtual machines configured to failover, storage array performance and ESXi host.",
"maximum": 4320,
"minimum": 0,
"readonly": false,
"required": false,
"title": "Specifies delay time to be used for tags of virtual machine",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vm_match_criteria": {
"default": "MATCH_NSX_ATTACHMENT_ID",
"description": "Matching criteria used for associating VMs from protected site to VMs on recovery sites. - MATCH_NSX_ATTACHMENT_ID : Associate VMs from the protected site and recovery sites based on NSX attachment ID. - MATCH_BIOS_UUID_NAME : Associate VMs from the protected site and recovery sites based on (VM BIOS UUID + VM Name).",
"enum": [
"MATCH_NSX_ATTACHMENT_ID",
"MATCH_BIOS_UUID_NAME"
],
"required": false,
"title": "Matching criteria used for associating VMs",
"type": "string"
}
},
"title": "A policy to replicate tags from once site to other",
"type": "object"
}
VMTagReplicationPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VMTagReplicationPolicyListRequestParameters",
"module_id": "VMTagReplicationPolicy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VM tag replication policy list request parameters",
"type": "object"
}
VMTagReplicationPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VMTagReplicationPolicyListResult",
"module_id": "VMTagReplicationPolicy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of the VM tag replication policies in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "VMTagReplicationPolicy
},
"readonly": true,
"title": "Collection of VM tag replication policies",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ValidateCertificateParameters (type)
{
"additionalProperties": false,
"id": "ValidateCertificateParameters",
"module_id": "CertificateManager",
"properties": {
"usage": {
"$ref": "CertificateUsageType,
"description": "Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER",
"required": false,
"title": "Certificate Usage Type"
}
},
"type": "object"
}
ValidationError (type)
{
"description": "Error while applying transport node profile on discovered node",
"id": "ValidationError",
"module_id": "TransportNodeCollection",
"properties": {
"discovered_node_id": {
"readonly": true,
"required": true,
"title": "Discovered Node Id",
"type": "string"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Validation error message",
"type": "string"
}
},
"title": "Validation Error",
"type": "object"
}
ValidationNote (type)
{
"additionalProperties": false,
"description": "Contain Validation Note summary",
"id": "ValidationNote",
"module_id": "PolicyIDSMetrics",
"properties": {
"message": {
"description": "Represents the validation note message.",
"title": "Message",
"type": "string"
},
"summary": {
"description": "Represents the validation note summary.",
"title": "Summary",
"type": "string"
}
},
"title": "Validation Note",
"type": "object"
}
ValueConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level value constraint to constrain specified attribute value to the set of values to be allowed/not-allowed. Example - sourceGroups allowed to have only with list of groups. { \"operator\":\"INCLUDES\", \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"] }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "ValueConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "ValueConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"enum": [
"INCLUDES",
"EXCLUDES",
"EQUALS"
],
"required": true,
"title": "Operation to check for value list for resource attribute of constraint.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"values": {
"deprecated": true,
"description": "List of values.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of values to perform operation.",
"type": "array"
},
"values_with_type": {
"$ref": "ConstraintValue,
"description": "List of values.",
"required": false,
"title": "Array of values to perform operation."
}
},
"title": "Represents the leaf level value constraint.",
"type": "object"
}
VcWorkflowResource (type)
{
"additionalProperties": false,
"description": "vCenter workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "VcWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "VcWorkflowResource"
},
"properties": {
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
},
"vcenter_id": {
"description": "vCenter ID.",
"readonly": false,
"required": true,
"title": "vCenter ID",
"type": "string"
}
},
"title": "vCenter workflow resource",
"type": "object"
}
VcWorkflowTimeStamp (type)
{
"additionalProperties": false,
"description": "vCenter workflow timestamp.",
"id": "VcWorkflowTimeStamp",
"module_id": "OverlayAdoption",
"properties": {
"last_successful_time": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when vCenter workflow last completed successfully.",
"readonly": true,
"required": false,
"title": "Timestamp when vCenter workflow last completed successfully"
},
"vc_id": {
"description": "vCenter ID.",
"readonly": true,
"required": true,
"title": "vCenter ID",
"type": "string"
}
},
"title": "vCenter workflow timestamp",
"type": "object"
}
VcWorkflowTimeStampList (type)
{
"additionalProperties": false,
"description": "List of vCenter workflow timestamp.",
"id": "VcWorkflowTimeStampList",
"module_id": "OverlayAdoption",
"properties": {
"results": {
"description": "List of vCenter workflow timestamp.",
"items": {
"$ref": "VcWorkflowTimeStamp
},
"readonly": true,
"required": true,
"title": "List of vCenter workflow timestamp",
"type": "array"
}
},
"title": "List of vCenter workflow timestamp",
"type": "object"
}
VcWorkflowTimeStampListRequestParameters (type)
{
"description": "vCenter workflow timestamp list request parameters.",
"id": "VcWorkflowTimeStampListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"vc_id": {
"description": "vCenter ID.",
"readonly": false,
"required": false,
"title": "vCenter ID",
"type": "string"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "vCenter workflow timestamp list request parameters",
"type": "object"
}
Vcenter (type)
{
"additionalProperties": false,
"description": "Details of vCenter registered with overlay adoption migration tool.",
"id": "Vcenter",
"module_id": "OverlayAdoption",
"properties": {
"id": {
"description": "ID of the vCenter compute manager in NSX.",
"readonly": true,
"required": true,
"title": "vCenter ID",
"type": "string"
},
"ip": {
"description": "Ip address or fqdn of vCenter compute manager in NSX.",
"readonly": true,
"required": false,
"title": "vCenter ip address or fqdn",
"type": "string"
},
"is_vcenter_password_empty": {
"description": "Flag to indicate whether vCenter password stored in overlay adoption migration tool is empty. This value can become empty if the migration co-ordinator service is re-started. In this case, vCenter username/password details will need to be provided again to the overlay adoption migration tool.",
"readonly": true,
"required": true,
"title": "Flag to indicate whether vCenter password is empty",
"type": "boolean"
},
"name": {
"description": "vCenter name.",
"readonly": true,
"required": false,
"title": "vCenter name",
"type": "string"
},
"port": {
"description": "vCenter port that will be used to fetch details.",
"readonly": true,
"required": false,
"title": "vCenter port",
"type": "string"
},
"username": {
"description": "Username for connecting to vCenter.",
"readonly": true,
"required": false,
"title": "vCenter username",
"type": "string"
}
},
"title": "vCenter details",
"type": "object"
}
VcenterListRequestParameters (type)
{
"description": "vCenter list request parameters",
"id": "VcenterListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"is_vcenter_in_migration_scope": {
"default": false,
"description": "Flag to list vCenters in migration scope.",
"readonly": false,
"required": false,
"title": "Flag to list vCenters in migration scope",
"type": "boolean"
}
},
"title": "vCenter list request parameters",
"type": "object"
}
VcenterListResult (type)
{
"additionalProperties": false,
"description": "List of vCenters registered with overlay adoption migration tool.",
"id": "VcenterListResult",
"module_id": "OverlayAdoption",
"properties": {
"results": {
"description": "List of vCenters registered with overlay adoption migration tool.",
"items": {
"$ref": "Vcenter
},
"readonly": true,
"required": true,
"title": "List of vCenters",
"type": "array"
}
},
"title": "List of vCenters",
"type": "object"
}
VcenterSpec (type)
{
"additionalProperties": false,
"description": "Input spec for providing username and password details of vCenter to overlay adoption migration tool.",
"id": "VcenterSpec",
"module_id": "OverlayAdoption",
"properties": {
"id": {
"description": "ID of the vCenter compute manager in NSX.",
"readonly": false,
"required": true,
"title": "vCenter ID",
"type": "string"
},
"password": {
"description": "Password for connecting to vCenter.",
"readonly": false,
"required": true,
"sensitive": true,
"title": "vCenter password",
"type": "secure_string"
},
"username": {
"description": "Username for connecting to vCenter.",
"readonly": false,
"required": true,
"title": "vCenter username",
"type": "string"
}
},
"title": "vCenter spec",
"type": "object"
}
Vdl2Counters (type)
{
"id": "Vdl2Counters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"arp_proxy_req_fail_drops": {
"description": "Count of ARPs failed to send on uplinks for CCP unaware bindings",
"readonly": true,
"required": false,
"type": "integer"
},
"arp_proxy_req_suppress": {
"description": "Count of ARPs suppression attempted at Leaf Input IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"arp_proxy_resp": {
"description": "Count of successful IP-MAC binding message from CCP for ARP suppression",
"readonly": true,
"required": false,
"type": "integer"
},
"arp_proxy_resp_drops": {
"description": "Count of ARP response failed for each ARP suppressed packets",
"readonly": true,
"required": false,
"type": "integer"
},
"arp_proxy_resp_filtered": {
"description": "Count of ARP responses skipped for each successful IP-MAC response from CCP",
"readonly": true,
"required": false,
"type": "integer"
},
"arp_proxy_resp_unknown": {
"description": "Count of unknown IP-MAC binding message from CCP for ARP suppression",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_rx": {
"description": "Count of packets received at VDL2LeafInput IOChain of a switchport",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_rx_drops": {
"description": "Total drops at VDL2LeafInput IOChain of a switchport",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_rx_ref_port_not_found_drops": {
"description": "VDL2LeafInput drops as trunk port is not in logical switch",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_rx_system_err_drops": {
"description": "VDL2LeafInput drops on an LS due to system errors",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_tx": {
"description": "Count of packets processed at VDL2LeafOutput IOChain of a switchport",
"readonly": true,
"required": false,
"type": "integer"
},
"leaf_tx_drops": {
"description": "Total drops at VDL2LeafOutput IOChain of a switchport",
"readonly": true,
"required": false,
"type": "integer"
},
"mac_tbl_lookup_flood": {
"description": "Count of unicast packets flooded onto remote VTEPs due to MAC table full",
"readonly": true,
"required": false,
"type": "integer"
},
"mac_tbl_lookup_full": {
"description": "Number of VM MAC query to CCP failure due to MAC table full",
"readonly": true,
"required": false,
"type": "integer"
},
"mac_tbl_update_full": {
"description": "Number of packet's SMAC learning failed at uplink due to MAC table full",
"readonly": true,
"required": false,
"type": "integer"
},
"mcast_proxy_rx_drops": {
"description": "Count of BUM replicated packets dropped at MTEP TN at uplink input IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"mcast_proxy_tx_drops": {
"description": "Count of BUM packets dropped at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_req_fail_drops": {
"description": "Count of ND packets failed to send on uplinks for CCP unaware bindings",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_req_suppress": {
"description": "Count of NDs suppression attempted at Leaf Input IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_resp": {
"description": "Count of successful IP-MAC binding message from CCP for ND suppression",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_resp_drops": {
"description": "Count of ND response failed for each ND suppressed packets",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_resp_filtered": {
"description": "Count of ND responses skipped for each successful IP-MAC response from CCP",
"readonly": true,
"required": false,
"type": "integer"
},
"nd_proxy_resp_unknown": {
"description": "Count of unknown IP-MAC binding message from CCP for ND suppression",
"readonly": true,
"required": false,
"type": "integer"
},
"nested_tn_mcast_proxy_diff_vlan_tx_drops": {
"description": "Count of BUM replicated packet drops destined to nested TN",
"readonly": true,
"required": false,
"type": "integer"
},
"nested_tn_mcast_proxy_same_vlan_tx_drops": {
"description": "Count of BUM replicated packet drops destined to nested TN",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx": {
"description": "Count of packets received at uplink port from underlay network",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_drops": {
"description": "Count of packets from underlay that are dropped at uplink input IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_filtered": {
"description": "Packets received at uplink filtered at uplink IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_guest_vlan_drops": {
"description": "Drop at uplink input IOChain due to failure to remove guest VLAN tag",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_invalid_encap_drops": {
"description": "Count of packets dropped at uplink input IOChain due to incorrect Encap",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_mcast_invalid_dr_uplink_drops": {
"description": "Count of IP multicast packets dropped at unexpected DR uplink",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_skip_mac_learn": {
"description": "Count of packets for which MAC learn was skipped at uplink input IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_system_err_drops": {
"description": "Drop at uplink input IOChain due to system errors",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_rx_wrong_dest_drops": {
"description": "Drop at uplink port input IOChain due to incorrect destination VTEP IP",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx": {
"description": "Count of packets transmitted through uplink port towards underlay network",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_drops": {
"description": "Total DVS sent packet drops at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_flood_rate_limit": {
"description": "Count of rate limited unknown unicast packets at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_ignore": {
"description": "Count of DVS sent packets ignored at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_invalid_frame_drops": {
"description": "Count of invalid packets dropped at uplink IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_invalid_state_drops": {
"description": "Packet drops at uplink IOChain due to incorrect uplink VLAN configuration",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_nested_tn_repl_drops": {
"description": "Count of packets to nested TN dropped at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_non_unicast": {
"description": "Count of broadcast,multicast packets replicated to remote VTEPs",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_teaming_drops": {
"description": "Count of packets dropped at uplink IOChain due to uplink teaming failure",
"readonly": true,
"required": false,
"type": "integer"
},
"uplink_tx_ucast_flood": {
"description": "Count of unknown unicast packets at uplink output IOChain",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
VdrbCounters (type)
{
"id": "VdrbCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"arp_hold_pkt_drops": {
"description": "The drops of packet(IPv4) pending on ARP resolution",
"readonly": true,
"required": false,
"type": "integer"
},
"consumed_icmpv4": {
"description": "ICMP packets(IPv4) destinated to VDR and consumed by VDR",
"readonly": true,
"required": false,
"type": "integer"
},
"consumed_icmpv6": {
"description": "ICMP packets(IPv6) destinated to VDR and consumed by VDR",
"readonly": true,
"required": false,
"type": "integer"
},
"drop_route_ipv4_drops": {
"description": "Packet(IPv4) matching drop routes",
"readonly": true,
"required": false,
"type": "integer"
},
"drop_route_ipv6_drops": {
"description": "Packet(IPv6) matching drop routes",
"readonly": true,
"required": false,
"type": "integer"
},
"no_nbr_ipv4": {
"description": "No IPv4 ARP entry found",
"readonly": true,
"required": false,
"type": "integer"
},
"no_nbr_ipv6": {
"description": "No IPv6 Neighbor entry found",
"readonly": true,
"required": false,
"type": "integer"
},
"no_route_ipv4_drops": {
"description": "No IPv4 routes",
"readonly": true,
"required": false,
"type": "integer"
},
"no_route_ipv6_drops": {
"description": "No IPv6 routes",
"readonly": true,
"required": false,
"type": "integer"
},
"ns_hold_pkt_drops": {
"description": "The drops of packet(IPv6) pending on neighbor resolution",
"readonly": true,
"required": false,
"type": "integer"
},
"pkt_attr_error_drops": {
"description": "Packets which failed attribute operation",
"readonly": true,
"required": false,
"type": "integer"
},
"relayed_dhcpv4_req": {
"description": "Relayed DHCPv4 requests",
"readonly": true,
"required": false,
"type": "integer"
},
"relayed_dhcpv4_rsp": {
"description": "Relayed DHCPv4 responses",
"readonly": true,
"required": false,
"type": "integer"
},
"relayed_dhcpv6_req": {
"description": "Relayed DHCPv6 requests",
"readonly": true,
"required": false,
"type": "integer"
},
"relayed_dhcpv6_rsp": {
"description": "Relayed DHCPv6 responses",
"readonly": true,
"required": false,
"type": "integer"
},
"rpf_ipv4_drops": {
"description": "Reverse path forwarding drops of packet(IPv4)",
"readonly": true,
"required": false,
"type": "integer"
},
"rpf_ipv6_drops": {
"description": "Reverse path forwarding drops of packet(IPv6)",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_arp_req": {
"description": "Arp Reqests received",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv4": {
"description": "Packets(IPv4) received on VDR",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv6": {
"description": "Packets(IPv6) received on VDR",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_pkt_parsing_error_drops": {
"description": "Packets failed to be parsed",
"readonly": true,
"required": false,
"type": "integer"
},
"ttl_ipv4_drops": {
"description": "Packet(IPv4) drops due to low TTL",
"readonly": true,
"required": false,
"type": "integer"
},
"ttl_ipv6_drops": {
"description": "Packet(IPv6) drops due to low TTL",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_arp_rsp": {
"description": "Arp Responses sent",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_dispatch_queue_too_long_drops": {
"description": "Packets being tail dropped in the txDispatchQueue",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv4": {
"description": "Packets(IPv4) sent from VDR",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv6": {
"description": "Packets(IPv6) sent from VDR",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
VdsTopology (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "VdsTopology",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cluster_id": {
"required": false,
"title": "Identifier of cluster where VDS will be created",
"type": "string"
},
"data_center_id": {
"required": true,
"title": "Identifier of datacenter where VDS will be created",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status_details": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Details of the VDS configuration status",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_node_id": {
"items": {
"type": "string"
},
"required": true,
"title": "Transport node identifiers on which NVDS(s) being upgraded to VDS",
"type": "array"
},
"vds_config": {
"$ref": "DVSConfig,
"readonly": true,
"required": false,
"title": "VDS configuration"
},
"vds_name": {
"required": true,
"title": "VDS name that will be created under above datacenter",
"type": "string"
},
"vds_status": {
"enum": [
"PENDING_TOPOLOGY",
"APPLYING_TOPOLOGY",
"APPLY_TOPOLOGY_FAILED",
"READY",
"REMOVING_TOPOLOGY"
],
"readonly": true,
"required": false,
"title": "Status of the VDS configuration",
"type": "string"
},
"vmknic": {
"items": {
"type": "string"
},
"required": false,
"title": "Virtual network interfaces that will be moved from VLAN Logical switch to Distributed Virtual PortGroup",
"type": "array"
}
},
"title": "VDS details where NVDS will be migrated to",
"type": "object"
}
VdsTopologyParameters (type)
{
"id": "VdsTopologyParameters",
"module_id": "NvdsUpgradeReadinessCheck",
"properties": {
"cluster_id": {
"readonly": false,
"required": false,
"title": "cluster identifier",
"type": "string"
},
"compute_manager_id": {
"readonly": false,
"required": false,
"title": "vCenter identifier",
"type": "string"
},
"show_vds_config": {
"readonly": false,
"required": false,
"title": "Flag to indicate if VdsTopology should contain VDS configuration",
"type": "boolean"
}
},
"title": "Parameters to query VDS topology",
"type": "object"
}
VdsUplink (type) (Deprecated)
{
"deprecated": true,
"description": "If Virtual Distributed Switch is used as a HostSwitch to configure TransportNode or TransportNodeProfie, this mapping should be specified. You can either use vds_uplink_name or vds_lag_name to associate with uplink_name from UplinkHostSwitch profile.",
"id": "VdsUplink",
"module_id": "TransportNode",
"properties": {
"uplink_name": {
"description": "This name is from UplinkHostSwitch profile that is associated with the HostSwitch specified in TransportNode or TransportNodeProfile configuration. This name will be used as an alias to either VDS uplink or lag in other configuration.",
"readonly": false,
"required": true,
"title": "Uplink name from UplinkHostSwitch profile",
"type": "string"
},
"vds_lag_name": {
"description": "LAG name that is connected to Physical NIC on a host from vSphere.",
"readonly": false,
"required": false,
"title": "Link Aggregation Group (LAG) name of Virtual Distributed Switch",
"type": "string"
},
"vds_uplink_name": {
"description": "Uplink name of VDS that is connected to Physical NIC on a host from vSphere.",
"readonly": false,
"required": false,
"title": "Uplink name of VMware vSphere Distributed Switch (VDS)",
"type": "string"
}
},
"title": "VMware vSphere Distributed Switch (VDS) uplink/LAG mapping",
"type": "object"
}
VendorTemplate (type)
{
"description": "Vendor Templates are registered by the partner service manager to be used in the service profile. They contain named (k-v) pairs.",
"extends": {
"$ref": "ManagedResource
},
"id": "VendorTemplate",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the vendor template is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. Attributes are not supported by guest introspection service.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Vendor Template attributes",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"functionality": {
"description": "The capabilities provided by the services. Needs to be one of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service) | MPS - Malware Prevention Solution",
"enum": [
"NG_FW",
"IDS_IPS",
"NET_MON",
"HCX",
"BYOD",
"EPP",
"MPS"
],
"readonly": false,
"required": false,
"title": "Functionality Type",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"redirection_action": {
"default": "PUNT",
"description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Service profile inherits the redirection action specified at the vendor template and cannot override the action specified at the vendor template. Redirection action is not applicable to guest introspection service.",
"enum": [
"PUNT",
"COPY"
],
"readonly": false,
"required": false,
"title": "Redirection action",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_id": {
"description": "The service to which the vendor template belongs.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vendor_template_key": {
"description": "Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.",
"readonly": false,
"required": false,
"title": "Vendor template key",
"type": "string"
}
},
"title": "Vendor Template registered for a service",
"type": "object"
}
VendorTemplateListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "VendorTemplateListResult",
"module_id": "ServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of the Service-Insertion Services. The list has to be homogenous.",
"items": {
"$ref": "VendorTemplate
},
"readonly": true,
"required": true,
"title": "Service list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Vendor Template List",
"type": "object"
}
VendorTemplateQueryParameters (type)
{
"id": "VendorTemplateQueryParameters",
"module_id": "ServiceInsertion",
"properties": {
"vendor_template_name": {
"description": "The name of the vendor template, created by partner.",
"required": false,
"title": "Name of vendor template",
"type": "string"
}
},
"title": "Vendor template query parameters",
"type": "object"
}
VerifiableAsymmetricLoginCredential (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LoginCredential
},
"id": "VerifiableAsymmetricLoginCredential",
"module_id": "Types",
"polymorphic-type-descriptor": {
"type-identifier": "VerifiableAsymmetricLoginCredential"
},
"properties": {
"asymmetric_credential": {
"required": false,
"sensitive": true,
"title": "Asymmetric login credential",
"type": "secure_string"
},
"credential_key": {
"required": false,
"sensitive": true,
"title": "Credential key",
"type": "secure_string"
},
"credential_type": {
"description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential', 'SessionLoginCredential'.",
"required": true,
"title": "Login credential, for example username-password-thumbprint, certificate or session based, etc",
"type": "string"
},
"credential_verifier": {
"required": false,
"sensitive": true,
"title": "Credential verifier",
"type": "secure_string"
}
},
"type": "object"
}
VerifyScimUserOrGroupExistsResult (type)
{
"additionalProperties": false,
"id": "VerifyScimUserOrGroupExistsResult",
"module_id": "CertificateManager",
"nsx_feature": "OIDC",
"properties": {
"exists": {
"title": "True if the user/group exists",
"type": "boolean"
}
},
"title": "Verify user/group exists result",
"type": "object"
}
VerifyScimUserOrGroupParameters (type)
{
"additionalProperties": false,
"id": "VerifyScimUserOrGroupParameters",
"module_id": "CertificateManager",
"nsx_feature": "OIDC",
"properties": {
"name": {
"required": true,
"title": "User or group name to search for",
"type": "string"
}
},
"title": "SCIM user/group existence query parameters",
"type": "object"
}
VersionList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "VersionList",
"module_id": "VersionWhitelist",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptable_versions": {
"items": {
"type": "string"
},
"required": true,
"title": "List of component versions",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
VidmInfo (type)
{
"id": "VidmInfo",
"module_id": "AAA",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "User's Full Name Or User Group's Display Name",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "Username Or Groupname",
"type": "string"
},
"type": {
"enum": [
"remote_user",
"remote_group"
],
"readonly": true,
"required": true,
"title": "Type",
"type": "string"
}
},
"title": "Vidm Info",
"type": "object"
}
VidmInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VidmInfoListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VidmInfo
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VidmInfoSearchRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "VidmInfoSearchRequestParameters",
"module_id": "AAA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_string": {
"description": "This is a substring search that is case insensitive.",
"required": true,
"title": "Search string to search for.\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Vidm information search request parameters",
"type": "object"
}
View (type)
{
"additionalProperties": false,
"description": "Describes the configuration of a view to be displayed on the dashboard.",
"extends": {
"$ref": "ManagedResource
},
"id": "View",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget.",
"maxLength": 255,
"required": true,
"title": "Widget Title",
"type": "string"
},
"exclude_roles": {
"description": "Comma separated list of roles to which the shared view is not visible. Allows user to prevent the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. If include_roles is specified then exclude_roles cannot be specified.",
"maxLength": 1024,
"title": "Roles to which the shared view is not visible",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_roles": {
"description": "Comma separated list of roles to which the shared view is visible. Allows user to specify the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles.",
"maxLength": 1024,
"title": "Roles to which the shared view is visible",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"shared": {
"default": false,
"description": "Defaults to false. Set to true to publish the view to other users. The widgets of a shared view are visible to other users.",
"title": "Share the view with other users",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"default": 10000,
"description": "Determines placement of view relative to other views. The lower the weight, the higher it is in the placement order.",
"title": "Weightage or placement of the view",
"type": "int"
},
"widgets": {
"description": "Array of widgets that are part of the view.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"required": true,
"title": "Widgets",
"type": "array"
}
},
"title": "Dashboard View",
"type": "object"
}
ViewList (type)
{
"additionalProperties": false,
"description": "Represents a list of views.",
"id": "ViewList",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"views": {
"description": "Array of views",
"items": {
"$ref": "View
},
"readonly": true,
"required": true,
"title": "Array of views",
"type": "array"
}
},
"title": "List of Views",
"type": "object"
}
ViewQueryParameters (type)
{
"additionalProperties": false,
"id": "ViewQueryParameters",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"tag": {
"description": "The tag for which associated views to be queried. For tags specified on views, scope is automatically set to 'nsx-dashboard' and hence scope is ignored for searching views based on tag.",
"readonly": true,
"title": "The tag for which associated views to be queried.",
"type": "string"
},
"view_ids": {
"description": "Comma separated ids of views to be queried.",
"maxLength": 8192,
"readonly": true,
"title": "Ids of the Views",
"type": "string"
},
"widget_id": {
"description": "Id of widget to be queried for all the views it is part of.",
"maxLength": 255,
"readonly": true,
"title": "Id of widget configuration",
"type": "string"
}
},
"title": "Parameters for querying views",
"type": "object"
}
VifAttachmentContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "AttachmentContext
},
"id": "VifAttachmentContext",
"module_id": "LogicalPort",
"nsx_feature": "Container",
"polymorphic-type-descriptor": {
"type-identifier": "VifAttachmentContext"
},
"properties": {
"allocate_addresses": {
"enum": [
"IpPool",
"MacPool",
"Both",
"None",
"Dhcp",
"DhcpV6",
"SLAAC"
],
"required": false,
"title": "A flag to indicate whether to allocate addresses from allocation\n pools bound to the parent logical switch.\n",
"type": "string"
},
"app_id": {
"description": "An application ID used to identify / look up a child VIF behind a parent VIF. Only effective when vif_type is CHILD.",
"required": false,
"title": "ID used to identify/look up a child VIF behind a parent VIF",
"type": "string"
},
"bms_interface_config": {
"$ref": "AttachedInterface,
"description": "Indicate application interface configuration for Bare Metal Server. Only effective when vif_type is INDEPENDENT.",
"required": false,
"title": "Application interface configuration for Bare metal server"
},
"parent_vif_id": {
"required": false,
"title": "VIF ID of the parent VIF if vif_type is CHILD",
"type": "string"
},
"resource_type": {
"help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n",
"required": true,
"title": "Used to identify which concrete class it is",
"type": "string"
},
"traffic_tag": {
"description": "Current we use VLAN id as the traffic tag. Only effective when vif_type is CHILD. Each logical port inside a container must have a unique traffic tag. If the traffic_tag is not unique, no error is generated, but traffic will not be delivered to any port with a non-unique tag.",
"required": false,
"title": "Tag used for the traffic between this VIF and parent VIF",
"type": "int"
},
"transport_node_uuid": {
"description": "Only effective when vif_type is INDEPENDENT. Each logical port inside a bare metal server or container must have a transport node UUID. We use transport node ID as transport node UUID.",
"required": false,
"title": "The UUID of the transport node",
"type": "string"
},
"vif_type": {
"enum": [
"PARENT",
"CHILD",
"INDEPENDENT"
],
"required": true,
"title": "Type of the VIF attached to logical port",
"type": "string"
}
},
"type": "object"
}
VifListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "VifListRequestParameters",
"module_id": "Inventory",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"host_id": {
"required": false,
"title": "Id of the host where this vif is located.",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"lport_attachment_id": {
"required": false,
"title": "LPort Attachment Id of the virtual network interface.",
"type": "string"
},
"owner_vm_id": {
"required": false,
"title": "External id of the virtual machine.",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vm_id": {
"required": false,
"title": "Internal identifier of the virtual machine.",
"type": "string"
}
},
"title": "VirtualNetworkInterface list request parameters.",
"type": "object"
}
VifsOnEPListRequestParams (type)
{
"additionalProperties": false,
"description": "Request parameter for listing VIFs for an enforcement point",
"extends": {
"$ref": "ListRequestParameters
},
"id": "VifsOnEPListRequestParams",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"lport_attachment_id": {
"required": false,
"title": "LPort attachment ID of the VIF.",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Request parameters for listing VIFs for an enforcement point",
"type": "object"
}
VirtualEndpoint (type)
{
"additionalProperties": false,
"description": "A VirtualEndpoint represents an IP (or nexthop) which is outside SDDC. It represents a redirection target for RedirectionPolicy.",
"extends": {
"$ref": "BaseEndpoint
},
"id": "VirtualEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualEndpoint"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"service_names": {
"description": "One VirtualEndpoint will be created per service name.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Services for which this endpoint to be created",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "This endpoint is strictly of the type Virtual",
"type": "object"
}
VirtualEndpointListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VirtualEndpointListResult",
"module_id": "PolicyServiceInsertion",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VirtualEndpoint
},
"required": true,
"title": "All virtual endpoints under a Tier0",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of vitual endpoints under a Tier0",
"type": "object"
}
VirtualMachine (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualMachine",
"module_id": "Inventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"compute_ids": {
"items": {
"type": "string"
},
"required": true,
"title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": true,
"title": "Current external id of this virtual machine in the system.",
"type": "string"
},
"guest_info": {
"$ref": "GuestInfo,
"description": "Guest virtual machine details include OS name, computer name of guest VM. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"required": false,
"title": "Guest virtual machine details"
},
"host_id": {
"required": false,
"title": "Id of the host in which this virtual machine exists.",
"type": "string"
},
"local_id_on_host": {
"required": true,
"title": "Id of the vm unique within the host.",
"type": "string"
},
"power_state": {
"enum": [
"VM_RUNNING",
"VM_STOPPED",
"VM_SUSPENDED",
"UNKNOWN"
],
"required": true,
"title": "Current power state of this virtual machine in the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"runtime_info": {
"$ref": "VirtualMachineRuntimeInfo,
"description": "Specifies runtime details of virtual machine.",
"readonly": true,
"required": false,
"title": "Runtime of virtual machine"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference of the Host or Public Cloud Gateway that reported the VM"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"enum": [
"EDGE",
"SERVICE",
"REGULAR",
"MP",
"INTELLIGENCE",
"VC_SYSTEM",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Virtual Machine type; Edge, Service VM or other.",
"type": "string"
},
"uptv2_enabled": {
"description": "If UPT enabled is true for any virtual network interface of the virtual machine, then this property is true for the virtual machine.",
"readonly": true,
"required": false,
"title": "Flag to indicate if UPT is enabled",
"type": "boolean"
}
},
"type": "object"
}
VirtualMachineDetails (type)
{
"descriptions": "Virtual Machine details. Currently contains user last login sessions for a virtual machine",
"extends": {
"$ref": "Resource
},
"id": "VirtualMachineDetails",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"active_sessions": {
"description": "List of active (still logged in) user login/session data (no limit).",
"items": {
"$ref": "UserSession
},
"required": false,
"title": "List of active (still logged in) user login/sessions data (no limit)",
"type": "array"
},
"archived_sessions": {
"description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.",
"items": {
"$ref": "UserSession
},
"required": false,
"title": "Optional list of archived (previously logged in) user login/session data (maximum 5)",
"type": "array"
}
},
"title": "Virtual Machine Details",
"type": "object"
}
VirtualMachineListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "VirtualMachineListRequestParameters",
"module_id": "Inventory",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"display_name": {
"required": false,
"title": "Display Name of the virtual machine",
"type": "string"
},
"exclude_vm_type": {
"description": "Specifies VM types, which needs to be excluded. It will be comma seperated to specify multiple VM type.",
"required": false,
"title": "VM types to be excluded",
"type": "string"
},
"external_id": {
"required": false,
"title": "External id of the virtual machine",
"type": "string"
},
"host_id": {
"required": false,
"title": "Id of the host where this vif is located",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VirtualMachine list request parameters.",
"type": "object"
}
VirtualMachineListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VirtualMachineListResult",
"module_id": "Inventory",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VirtualMachine
},
"required": true,
"title": "VirtualMachine list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VirtualMachineRuntimeInfo (type)
{
"description": "Specifies details of runtime for a virtual machine",
"id": "VirtualMachineRuntimeInfo",
"module_id": "Inventory",
"properties": {
"vif_runtime_info": {
"description": "Specifies list of runtime details of virtual network interfaces of virtual machine.",
"items": {
"$ref": "VirtualNetworkInterfaceRuntimeInfo
},
"required": false,
"title": "List of runtime details of virtual network interfaces",
"type": "array"
}
},
"title": "Virtual machine runtime details",
"type": "object"
}
VirtualMachineTagUpdate (type)
{
"additionalProperties": false,
"id": "VirtualMachineTagUpdate",
"module_id": "Inventory",
"properties": {
"external_id": {
"required": true,
"title": "External id of the virtual machine to which tags are to be applied",
"type": "string"
},
"tags": {
"help_detail": "The list includes both user defined and system defined tags.",
"items": {
"$ref": "Tag
},
"required": true,
"title": "List of tags to be applied to the virtual machine",
"type": "array"
}
},
"type": "object"
}
VirtualMachineTagsUpdate (type)
{
"additionalProperties": false,
"description": "List of tags applied to the virtual machine. Based on the enforcement point, the virtual_machine_id will be different. It could be an external id for NSX T or a moid for NSX V",
"id": "VirtualMachineTagsUpdate",
"module_id": "PolicyRealizedState",
"properties": {
"tags": {
"description": "List of tags to be applied on the virtual machine",
"help_detail": "The list includes both user defined and system defined tags. The\nexisting tags will be replaced by the ones passed.\n",
"items": {
"$ref": "Tag
},
"required": true,
"title": "List of tags to be applied to the virtual machine",
"type": "array"
},
"virtual_machine_id": {
"description": "The identifier that is used in the enforcement point that uniquely identifies the virtual machine. In case of NSXT it would be the value of the external_id of the virtual machine.",
"required": false,
"title": "This is the value of the identifier on the enforcement point that\nuniquely identifies the virtual machine\n",
"type": "string"
}
},
"title": "Payload to update the tags on a Virtual Machine",
"type": "object"
}
VirtualNetworkInterface (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualNetworkInterface",
"module_id": "Inventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"device_key": {
"required": true,
"title": "Device key of the virtual network interface.",
"type": "string"
},
"device_name": {
"required": false,
"title": "Device name of the virtual network interface.",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": true,
"title": "External Id of the virtual network inferface.",
"type": "string"
},
"host_id": {
"required": true,
"title": "Id of the host on which the vm exists.",
"type": "string"
},
"ip_address_info": {
"items": {
"$ref": "IpAddressInfo
},
"required": false,
"title": "IP Addresses of the the virtual network interface, from various sources.",
"type": "array"
},
"lport_attachment_id": {
"required": false,
"title": "LPort Attachment Id of the virtual network interface.",
"type": "string"
},
"mac_address": {
"required": true,
"title": "MAC address of the virtual network interface.",
"type": "string"
},
"owner_vm_id": {
"required": true,
"title": "Id of the vm to which this virtual network interface belongs.",
"type": "string"
},
"owner_vm_type": {
"enum": [
"EDGE",
"SERVICE",
"REGULAR"
],
"readonly": true,
"required": false,
"title": "Owner virtual machine type; Edge, Service VM or other.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uptv2_enabled": {
"description": "Specifies if UPTv2 (Universal Pass-through version 2) compatibility is enabled for the virtual network interface or not.",
"readonly": true,
"required": false,
"title": "Flag to indicate if UPT is enabled",
"type": "boolean"
},
"vm_local_id_on_host": {
"required": true,
"title": "Id of the vm unique within the host.",
"type": "string"
}
},
"type": "object"
}
VirtualNetworkInterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VirtualNetworkInterfaceListResult",
"module_id": "Inventory",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VirtualNetworkInterface
},
"required": true,
"title": "VirtualNetworkInterface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VirtualNetworkInterfaceRuntimeInfo (type)
{
"description": "Runtime details of virtual network interface of virtual machine.",
"id": "VirtualNetworkInterfaceRuntimeInfo",
"module_id": "Inventory",
"properties": {
"external_id": {
"required": true,
"title": "External Id of virtual network inferface",
"type": "string"
},
"uptv2_active": {
"description": "This flag specifies whether UPTv2 (Universal Pass-through version 2) is active on the virtual network interface or not. If TRUE, then the virtual network interface works in the pass-through mode. If FALSE, then the virtual network interface still has network connectivity but works in emulated mode and pass-through is not enabled. This flag is NONE, if it is not applicable.",
"enum": [
"NONE",
true,
false
],
"required": false,
"title": "UPTv2 runtime status of virtual network interface",
"type": "string"
}
},
"title": "Runtime details of virtual network interface",
"type": "object"
}
VirtualPortgroup (type)
{
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualPortgroup",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualPortgroup"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"description": "Id of the portgroup, eg. a mo-ref from VC.",
"readonly": true,
"required": false,
"title": "Id of the portgroup in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual portgroup",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Portgroup type like DistributedVirtualPortgroup",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Virtual portgroup on a virtual switch",
"type": "object"
}
VirtualServerIpProtocol (type)
{
"additionalProperties": false,
"description": "Assigned Internet protocol in IP header, TCP and UDP are supported.",
"enum": [
"TCP",
"UDP"
],
"id": "VirtualServerIpProtocol",
"module_id": "LoadBalancer",
"title": "IP protocol of virtual server",
"type": "string"
}
VirtualServiceInstance (type)
{
"description": "VirtualServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s and the user is not bringing their own appliance (BYOD).",
"extends": {
"$ref": "BaseServiceInstance
},
"id": "VirtualServiceInstance",
"module_id": "ServiceInsertionCommonTypes",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"on_failure_policy": {
"description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "On Failure Policy",
"type": "string"
},
"resource_type": {
"$ref": "ServiceInstanceResourceType,
"required": true
},
"service_id": {
"description": "The Service to which the service instance is associated.",
"readonly": true,
"required": false,
"title": "Service Id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection) and MPS.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED",
"NSH",
"NA",
"L3_ROUTED_V6"
],
"readonly": false,
"required": true,
"title": "Transport Type",
"type": "string"
}
},
"title": "Custom Instance of a service",
"type": "object"
}
VirtualSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualSwitch",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualSwitch"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": false,
"title": "ID of the virtual switch in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual switch",
"type": "string"
},
"origin_id": {
"description": "ID of the compute manager where this virtual switch is discovered.",
"readonly": true,
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Switch type like VmwareDistributedVirtualSwitch",
"type": "string"
},
"owner_nsx": {
"description": "Specifies owner nsx of the virtual switch. Owner nsx can be SELF, OTHER, MULTIPLE or NONE. SELF applies to when virtual switch owned by that nsx. OTHER applies to whenf virtual switch owned by other nsx. MULTIPLE applies to when virtual switch tried to own by multiple nsx at a time. NONE applies to when virtual switch is not owned by any nsx.",
"enum": [
"SELF",
"OTHER",
"MULTIPLE",
"NONE"
],
"readonly": true,
"required": false,
"title": "Specifies owner nsx of the virtual switch",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Virtual switch on a compute manager",
"type": "object"
}
VirtualSwitchCounter (type)
{
"id": "VirtualSwitchCounter",
"module_id": "ObservabilityCounters",
"properties": {
"forged_transmit_rx_drops": {
"description": "Drops due to forged transmits disabled.",
"required": false,
"type": "integer"
},
"unknown_unicast_rx_uplink_pkts": {
"description": "Unknown unicast flooded packets received from uplink.",
"required": false,
"type": "integer"
},
"unknown_unicast_tx_uplink_pkts": {
"description": "Unknown unicast flooded packets sent on the uplink.",
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_rx": {
"description": "Drops due to VLAN tag mismatch of packets received by vswitch.",
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_rx_mcast": {
"description": "Drops due to VLAN tag mismatch of packets received by vswitch.",
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_tx": {
"description": "Drops due to VLAN tag mismatch of packets forwarded by vswitch.",
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_tx_mcast": {
"description": "Drops due to VLAN tag mismatch of packets forwarded by vswitch.",
"required": false,
"type": "integer"
},
"vni_tag_mismatch_tx": {
"description": "Drops due to VNI tag mismatch of packets forwarded by vswitch.",
"required": false,
"type": "integer"
},
"vni_tag_mismatch_tx_mcast": {
"description": "Drops due to VNI tag mismatch of packets forwarded by vswitch.",
"required": false,
"type": "integer"
}
},
"type": "object"
}
VirtualSwitchListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "VirtualSwitchListRequestParameters",
"module_id": "InventoryCmObj",
"properties": {
"cm_local_id": {
"required": false,
"title": "Local Id of the virtual switch",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"discovered_node_id": {
"description": "All virtual switches connected to this discovered node.",
"required": false,
"title": "Discovered node ID",
"type": "string"
},
"display_name": {
"required": false,
"title": "Display name of the virtual switch",
"type": "string"
},
"external_id": {
"required": false,
"title": "External id of the virtual switch",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"origin_id": {
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"uuid": {
"required": false,
"title": "UUID of the switch",
"type": "string"
}
},
"title": "Virtual switch list parameters",
"type": "object"
}
VlanID (type)
{
"id": "VlanID",
"maximum": 4094,
"minimum": 0,
"module_id": "Types",
"title": "Virtual Local Area Network Identifier",
"type": "integer"
}
VlanMirrorSource (type)
{
"extends": {
"$ref": "MirrorSource
},
"id": "VlanMirrorSource",
"module_id": "PortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "VlanMirrorSource"
},
"properties": {
"resource_type": {
"$ref": "MirrorSourceResourceType,
"help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'",
"required": true
},
"vlan_ids": {
"items": {
"$ref": "VlanID
},
"minItems": 1,
"required": true,
"title": "Source VLAN ID list",
"type": "array"
}
},
"type": "object"
}
VlanMtuHealthCheckResultStatus (type)
{
"description": "Status of VLAN-MTU health check result; TRUNKED - all specified VLAN IDs are allowed by VLAN and MTU settings; UNTRUNKED - some/all specified VLAN IDs may be disallowed by VLAN or MTU settings; UNKNOWN - some/all health check result are unknown due to either infrastructure issues or no available check result.",
"enum": [
"TRUNKED",
"UNTRUNKED",
"UNKNOWN"
],
"id": "VlanMtuHealthCheckResultStatus",
"module_id": "HealthCheck",
"title": "VLAN-MTU Health Check Result Status",
"type": "string"
}
VlanTrunkSpec (type) (Deprecated)
{
"deprecated": true,
"description": "VlanTrunkspec is used for specifying trunk VLAN id ranges.",
"id": "VlanTrunkSpec",
"module_id": "LogicalSwitch",
"properties": {
"vlan_ranges": {
"items": {
"$ref": "TrunkVlanRange
},
"required": true,
"title": "Trunk VLAN id ranges",
"type": "array"
}
},
"title": "VLAN trunk range specification",
"type": "object"
}
VlanVniRangePair (type)
{
"additionalProperties": false,
"description": "Vlan-Vni mapping pair resource in EvpnTenantConfig for ROUTE-SERVER Evpn mode",
"id": "VlanVniRangePair",
"module_id": "PolicyConnectivity",
"properties": {
"vlans": {
"description": "List of VLAN ids and VLAN ranges (specified with '-').",
"required": true,
"title": "List of VLAN ids",
"type": "string"
},
"vnis": {
"description": "List of VNI ids and VNI ranges (specified with '-'). The vni id is used for VXLAN transmission for a given tenant Vlan ID in ROUTE-SERVER Evpn.",
"required": true,
"title": "List of VNI ids",
"type": "string"
}
},
"title": "Vlan Vni pair resource",
"type": "object"
}
VmAggregateInfo (type)
{
"additionalProperties": false,
"description": "VM aggregate info.",
"id": "VmAggregateInfo",
"module_id": "OverlayAdoption",
"properties": {
"errors": {
"description": "List of errors.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors",
"type": "array"
},
"migration_status": {
"description": "VM migration status",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"SUCCESS",
"FAILED",
"NOT_FOUND"
],
"readonly": true,
"required": false,
"title": "VM migration code",
"type": "string"
},
"target_cluster_id": {
"description": "Target cluster ID.",
"readonly": true,
"required": false,
"title": "Target cluster ID",
"type": "string"
},
"target_cluster_name": {
"description": "Target cluster name.",
"readonly": true,
"required": false,
"title": "Target cluster name",
"type": "string"
},
"vm": {
"$ref": "VmEntity,
"description": "VM details",
"readonly": true,
"required": false,
"title": "VM details"
},
"warnings": {
"description": "List of warnings.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings",
"type": "array"
}
},
"title": "VM aggregate info",
"type": "object"
}
VmAggregateInfoListByVmGroupRequestParameters (type)
{
"description": "VM aggregate info list request parameters.",
"extends": {
"$ref": "VmEntityListRequestParameters
},
"id": "VmAggregateInfoListByVmGroupRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"cluster_id": {
"description": "Cluster ID.",
"readonly": false,
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cluster_name": {
"description": "Cluster name.",
"readonly": false,
"required": false,
"title": "Cluster name",
"type": "string"
},
"host_id": {
"description": "Host ID.",
"readonly": false,
"required": false,
"title": "Host ID",
"type": "string"
},
"host_name": {
"description": "Host name.",
"readonly": false,
"required": false,
"title": "Host name",
"type": "string"
},
"vm_group_workflow_resource": {
"$ref": "VmGroupWorkflowResource,
"description": "VM group workflow resource.",
"readonly": false,
"required": true,
"title": "VM group workflow resource"
},
"vm_name": {
"description": "VM name.",
"readonly": false,
"required": false,
"title": "VM name",
"type": "string"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "VM aggregate info list request parameters",
"type": "object"
}
VmAggregateInfoListResult (type)
{
"additionalProperties": false,
"description": "VM aggregate info list.",
"extends": {
"$ref": "ListResult
},
"id": "VmAggregateInfoListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VmAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of VM aggregate info",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VM aggregate info list",
"type": "object"
}
VmEntity (type)
{
"additionalProperties": false,
"description": "Virtual machine details.",
"id": "VmEntity",
"module_id": "OverlayAdoption",
"properties": {
"cluster_id": {
"description": "Cluster ID.",
"readonly": true,
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cluster_name": {
"description": "Cluster name.",
"readonly": true,
"required": false,
"title": "Cluster name",
"type": "string"
},
"data_center_id": {
"description": "Datacenter ID.",
"readonly": true,
"required": false,
"title": "Datacenter ID",
"type": "string"
},
"data_center_name": {
"description": "Datacenter name.",
"readonly": true,
"required": false,
"title": "Datacenter name",
"type": "string"
},
"discovered_subnets": {
"description": "List of VnicIpSubnets discovered from VM vNICs connected to DVPGs or Segments",
"items": {
"$ref": "VnicIpSubnetsOnDvpgOrSegment
},
"readonly": true,
"required": false,
"title": "List of VnicIpSubnets discovered from VM vNICs connected to DVPGs or Segments",
"type": "array"
},
"host_id": {
"description": "Host ID.",
"readonly": true,
"required": false,
"title": "Host ID",
"type": "string"
},
"host_name": {
"description": "Host name.",
"readonly": true,
"required": false,
"title": "Host name",
"type": "string"
},
"id": {
"description": "VM ID.",
"readonly": true,
"required": true,
"title": "VM ID",
"type": "string"
},
"name": {
"description": "VM name.",
"readonly": true,
"required": false,
"title": "VM name",
"type": "string"
}
},
"title": "Virtual machine details",
"type": "object"
}
VmEntityListByDvpgRequestParameters (type)
{
"description": "VM list by DVPG request parameters.",
"extends": {
"$ref": "VmEntityListRequestParameters
},
"id": "VmEntityListByDvpgRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"cluster_id": {
"description": "Cluster ID.",
"readonly": false,
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cluster_name": {
"description": "Cluster name.",
"readonly": false,
"required": false,
"title": "Cluster name",
"type": "string"
},
"dvpg_id": {
"description": "DVPG ID.",
"readonly": false,
"required": true,
"title": "DVPG ID",
"type": "string"
},
"host_id": {
"description": "Host ID.",
"readonly": false,
"required": false,
"title": "Host ID",
"type": "string"
},
"host_name": {
"description": "Host name.",
"readonly": false,
"required": false,
"title": "Host name",
"type": "string"
},
"ip_subnets": {
"$ref": "VnicIpSubnets,
"description": "If the field value is null, all VMs connected to the DVPG regardless of the VM vNICs IP subnets will be returned. Otherwise, VM's matching the subnets in VnicIpsubnets will be returned.",
"readonly": false,
"required": false,
"title": "A VnicIpSubnets shared by vNICs connected to a DVPG"
},
"vm_name": {
"description": "VM name.",
"readonly": false,
"required": false,
"title": "VM name",
"type": "string"
}
},
"title": "VM list by DVPG request parameters",
"type": "object"
}
VmEntityListBySegmentRequestParameters (type)
{
"description": "VM list by segment request parameters",
"extends": {
"$ref": "VmEntityListRequestParameters
},
"id": "VmEntityListBySegmentRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"cluster_id": {
"description": "Cluster ID.",
"readonly": false,
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cluster_name": {
"description": "Cluster name.",
"readonly": false,
"required": false,
"title": "Cluster name",
"type": "string"
},
"host_id": {
"description": "Host ID.",
"readonly": false,
"required": false,
"title": "Host ID",
"type": "string"
},
"host_name": {
"description": "Host name.",
"readonly": false,
"required": false,
"title": "Host name",
"type": "string"
},
"segment_path": {
"description": "Segment path.",
"readonly": false,
"required": true,
"title": "Segment path",
"type": "string"
},
"vm_name": {
"description": "VM name.",
"readonly": false,
"required": false,
"title": "VM name",
"type": "string"
}
},
"title": "VM list by segment request parameters",
"type": "object"
}
VmEntityListRequestParameters (type)
{
"description": "VM list request parameters.",
"id": "VmEntityListRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"cluster_id": {
"description": "Cluster ID.",
"readonly": false,
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cluster_name": {
"description": "Cluster name.",
"readonly": false,
"required": false,
"title": "Cluster name",
"type": "string"
},
"host_id": {
"description": "Host ID.",
"readonly": false,
"required": false,
"title": "Host ID",
"type": "string"
},
"host_name": {
"description": "Host name.",
"readonly": false,
"required": false,
"title": "Host name",
"type": "string"
},
"vm_name": {
"description": "VM name.",
"readonly": false,
"required": false,
"title": "VM name",
"type": "string"
}
},
"title": "VM list request parameters",
"type": "object"
}
VmEntityListResult (type)
{
"additionalProperties": false,
"description": "List of VMs.",
"extends": {
"$ref": "ListResult
},
"id": "VmEntityListResult",
"module_id": "OverlayAdoption",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged collection of VMs.",
"items": {
"$ref": "VmEntity
},
"readonly": true,
"required": true,
"title": "Paged collection of VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of VMs",
"type": "object"
}
VmGroupExecutionDetails (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VmGroupExecutionDetails",
"module_id": "Migration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"failed_vm_instance_ids": {
"description": "List of instance UUIDs of VMs that failed to fetch from VC.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of instance UUIDs of VMs",
"type": "array"
},
"logical_switch_id_to_vm_instance_id_and_vnics_map": {
"items": {
"$ref": "LsIdToVmAndVnicsMapping
},
"readonly": false,
"required": false,
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VM Group Execution Details",
"type": "object"
}
VmGroupExecutionDetailsSpec (type)
{
"additionalProperties": false,
"description": "Migration spec for a VM group that will be used to fetch VM group execution details",
"id": "VmGroupExecutionDetailsSpec",
"module_id": "Migration",
"properties": {
"federation_site_id": {
"description": "ID of the site in NSX-T Federation",
"readonly": false,
"required": false,
"title": "ID of the site in NSX-T Federation",
"type": "string"
},
"group_id": {
"description": "User defined VM group id that must be unique among all VM groups ids.",
"readonly": false,
"required": true,
"title": "User defined VM group ID",
"type": "string"
}
},
"title": "Migration spec for a VM group",
"type": "object"
}
VmGroupWorkflowResource (type)
{
"additionalProperties": false,
"description": "VM group workflow resource.",
"extends": {
"$ref": "WorkflowResource
},
"id": "VmGroupWorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"type-identifier": "VmGroupWorkflowResource"
},
"properties": {
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
},
"vm_group_id": {
"description": "VM group ID.",
"readonly": false,
"required": true,
"title": "VM group ID",
"type": "string"
}
},
"title": "VM group workflow resource",
"type": "object"
}
VmNicInfo (type)
{
"description": "Contains a set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.",
"id": "VmNicInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"nic_infos": {
"description": "Set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.",
"items": {
"$ref": "NicInfo
},
"readonly": false,
"required": true,
"title": "Set of NIC information of a VM",
"type": "array"
}
},
"title": "Set of NIC information of a VM",
"type": "object"
}
VmToVnicsMapping (type)
{
"additionalProperties": false,
"id": "VmToVnicsMapping",
"module_id": "Migration",
"properties": {
"vm_instance_id": {
"readonly": false,
"required": false,
"title": "VM Instance ID",
"type": "string"
},
"vnics": {
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "List of VNICs",
"type": "array"
}
},
"title": "Mapping between VM Instance ID and VNICs",
"type": "object"
}
VmToolsInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VmToolsInfo",
"module_id": "VmToolsInfo",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Current external id of this virtual machine in the system.",
"readonly": true,
"required": false,
"title": "VM external ID",
"type": "string"
},
"file_agent_version": {
"description": "Version of file agent on the VM of a third party partner solution.",
"readonly": true,
"required": false,
"title": "File agent version on the VM",
"type": "string"
},
"host_local_id": {
"description": "Id of the VM which is assigned locally by the host. It is the VM-moref on ESXi hosts, in other environments it is VM UUID.",
"readonly": true,
"required": false,
"title": "VM ID given by the host",
"type": "string"
},
"network_agent_version": {
"description": "Version of network agent on the VM of a third party partner solution.",
"readonly": true,
"required": false,
"title": "Network agent version on the VM",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source": {
"$ref": "ResourceReference,
"readonly": true,
"required": false,
"title": "Reference of the Host or Public Cloud Gateway that reported the VM."
},
"svmStatus": {
"description": "Connectivity Status between each Guest Introspection Solution deployed in the data center with the guest VM.",
"items": {
"$ref": "SvmConnectivityStatus
},
"required": false,
"title": "SvmConnectivityStatus list.",
"type": "array"
},
"svm_connectivity": {
"description": "Endpoint Protection (Third party AV partner using NXGI) status on the VM. TRUE - VM is configured and protected by EPP Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP Service VM.",
"readonly": true,
"required": false,
"title": "Endpoint Protection status on the VM",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tools_version": {
"description": "Version of VMTools installed on the VM.",
"readonly": true,
"required": false,
"title": "VM tools version on the VM",
"type": "string"
},
"vm_type": {
"description": "Type of VM - Edge, Service or other.",
"enum": [
"EDGE",
"SERVICE",
"REGULAR"
],
"readonly": true,
"required": false,
"title": "Virtual Machine type",
"type": "string"
}
},
"type": "object"
}
VmToolsInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VmToolsInfoListResult",
"module_id": "VmToolsInfo",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VmToolsInfo
},
"required": true,
"title": "VmToolsInfo list results.",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VmknicNetwork (type) (Deprecated)
{
"deprecated": true,
"description": "Mapping of all vmk interfaces to destination networks",
"id": "VmknicNetwork",
"module_id": "TransportNode",
"properties": {
"destination_network": {
"description": "When migrating vmks to N-VDS/logical switches, the id is the logical switch id. When migrating out of N-VDS/logical switches, the id is the vSphere Switch portgroup name in a single vSphere Standard Switch (VSS), or distributed virtual portgroup name in a single distributed virtual switch (DVS).",
"readonly": false,
"required": true,
"title": "The network id to which the ESX vmk interface will be migrated.",
"type": "string"
},
"device_name": {
"description": "The vmk interface name, e.g., vmk0, vmk1; the id assigned by vCenter.",
"readonly": false,
"required": true,
"title": "ESX vmk interface name",
"type": "string"
}
},
"title": "Vmknic network specification",
"type": "object"
}
VniPool (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "VniPool",
"module_id": "Vnim",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ranges": {
"items": {
"$ref": "VniRange
},
"required": true,
"title": "VNI range list results",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
VniPoolConfig (type)
{
"additionalProperties": false,
"description": "Vni Pool Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VniPoolConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"end": {
"maximum": 16777215,
"minimum": 75001,
"required": true,
"title": "End value of VNI Pool range",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start": {
"maximum": 16777215,
"minimum": 75001,
"required": true,
"title": "Start value of VNI Pool range",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Vni Pool Config",
"type": "object"
}
VniPoolConfigListRequestParameters (type)
{
"additionalProperties": false,
"description": "Vni Pool Config list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VniPoolConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Vni Pool Config list request parameters",
"type": "object"
}
VniPoolConfigListResult (type)
{
"additionalProperties": false,
"description": "Collection of Vni Pool Configuration.",
"extends": {
"$ref": "ListResult
},
"id": "VniPoolConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Vni Pool Config list results",
"items": {
"$ref": "VniPoolConfig
},
"required": true,
"title": "Vni Pool Config list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Vni Pool Configuration",
"type": "object"
}
VniPoolDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "VniPoolDeleteRequestParameters",
"module_id": "Vnim",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "VniPool delete request parameters",
"type": "object"
}
VniPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VniPoolListResult",
"module_id": "Vnim",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VniPool
},
"required": true,
"title": "VNI pool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VniRange (type)
{
"additionalProperties": false,
"description": "A range of virtual network identifiers (VNIs)",
"extends": {
"$ref": "Resource
},
"id": "VniRange",
"module_id": "Vnim",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"end": {
"description": "End value for vni range to be used for virtual networks",
"maximum": 16777215,
"minimum": 5000,
"readonly": false,
"required": true,
"title": "End value of vni range",
"type": "integer"
},
"start": {
"description": "Start value for vni range to be used for virtual networks",
"maximum": 16777215,
"minimum": 5000,
"readonly": false,
"required": true,
"title": "Start value of vni range",
"type": "integer"
}
},
"type": "object"
}
VnicIpSubnets (type)
{
"description": "IP subnets of a VM vNIC, typically one IPv4 subnet or one IPv6 subnet for single IP-stack, an IPv4 subnet and an IPv6 subnet for dual IP-stack.",
"id": "VnicIpSubnets",
"module_id": "OverlayAdoption",
"properties": {
"subnets": {
"description": "An array of unique IPv4 and/or IPv6 subnet(s). The order of array elements does not matter. This is an empty array when the vNIC does not have any IP or has only IPv6 link-local IP.",
"items": {
"$ref": "IPCIDRBlock
},
"readonly": false,
"required": true,
"title": "An array of unique IPv4 and/or IPv6 subnet(s)",
"type": "array",
"uniqueItems": true
}
},
"title": "IP subnets of a VM vNIC",
"type": "object"
}
VnicIpSubnetsOnDvpgOrSegment (type)
{
"description": "A VnicIpSubnets shared by vNICs connected to a DVPG or segment.",
"extends": {
"$ref": "VnicIpSubnets
},
"id": "VnicIpSubnetsOnDvpgOrSegment",
"module_id": "OverlayAdoption",
"properties": {
"dvpg_id": {
"description": "ID of DVPG connected by vNICs sharing the same VnicIpSubnets. Must be unset/empty when vNICs connect to a segment else should be set otherwise.",
"readonly": false,
"required": false,
"title": "ID of DVPG connected by vNICs sharing the same VnicIpSubnets",
"type": "string"
},
"segment_path": {
"description": "Path of the segment connected by vNICs sharing the same VnicIpSubnets. Must be set when vNICs connect to a segment else should be unset/empty otherwise.",
"readonly": false,
"required": false,
"title": "Path of the segment connected by vNICs sharing the same VnicIpSubnets.",
"type": "string"
},
"subnets": {
"description": "An array of unique IPv4 and/or IPv6 subnet(s). The order of array elements does not matter. This is an empty array when the vNIC does not have any IP or has only IPv6 link-local IP.",
"items": {
"$ref": "IPCIDRBlock
},
"readonly": false,
"required": true,
"title": "An array of unique IPv4 and/or IPv6 subnet(s)",
"type": "array",
"uniqueItems": true
}
},
"title": "A VnicIpSubnets shared by vNICs connected to a DVPG or segment.",
"type": "object"
}
Vpc (type)
{
"additionalProperties": false,
"description": "'Vpc' provides self-service and allows the application users to configure subnets and other services.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Vpc",
"module_id": "PolicyVpc",
"policy_hierarchical_children": [
"ChildGatewayPolicy",
"ChildGroup",
"ChildPolicyNat",
"ChildSecurityPolicy",
"ChildStaticRoutes",
"ChildVpcIpAddressAllocation",
"ChildVpcSubnet"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"activate_default_dfw_rules": {
"description": "By default, VPC is created with default distributed firewall rules, this flag allows to deactivate those default rules . If not set, the default rules are enabled. The system will expect the API user to pass this flag as \"false\" when the system is not entitled to distributed firewall.",
"nsx_feature": "LicenseDistinctCheck",
"required": false,
"title": "Activate the default DFW rules for the VPC",
"type": "boolean"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"default_gateway_path": {
"description": "This represents the path of a Tier0 or Tier0 VRF or label. This must be a subset of Tier0s/VRFs defined at the project level. It serves as default gateway for VPC. In case of Label, it should have reference of Tier0 or Tier0 VRF path.",
"required": false,
"title": "PolicyPath of Tier0 or Tier0 VRF gateway or label path referencing to Tier0 or Tier0 VRF.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_GATEWAY_RELATIONSHIP",
"rightType": [
"Tier0"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_GATEWAY_LABEL_RELATIONSHIP",
"rightType": [
"Label"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config": {
"$ref": "DhcpConfig,
"description": "DHCP configuration to be applied on all connected subnets if the IP address type is IPv4.",
"required": false,
"title": "DHCP configs"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_ipv4_blocks": {
"description": "IP block used for allocating CIDR blocks for public subnets. IP block must be subset of Project IPv4 blocks.",
"items": {
"type": "string"
},
"maxItems": 5,
"required": false,
"title": "PolicyPath of external IPv4 block",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_EXTERNAL_IPV4BLOCK_RELATIONSHIP",
"rightType": [
"IpAddressBlock"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address_type": {
"default": "IPV4",
"description": "This defines the IP address type that will be allocated for subnets. In the case of IPv4, all the subnets will be allocated IP addresses from the IpV4 private/external pool.",
"enum": [
"IPV4"
],
"required": true,
"title": "IP address type",
"type": "string"
},
"ipv6_profile_paths": {
"description": "Configuration IPv6 NDRA and DAD profiles. Either or both NDRA and/or DAD profiles can be configured. If not specified, default profiles will be applied.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "IPv6 NDRA and DAD profiles configuration",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
},
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_DAD_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6DadProfile"
]
}
]
},
"load_balancer_vpc_endpoint": {
"$ref": "LoadBalancerVPCEndpoint,
"required": false
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"private_ipv4_blocks": {
"additionalProperties": false,
"description": "IP block used for allocating CIDR blocks for private subnets. IP block must be defined by the Project admin.",
"items": {
"type": "string"
},
"maxItems": 5,
"required": false,
"title": "PolicyPath of private ip block",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_PRIVATE_IPV4BLOCK_RELATIONSHIP",
"rightType": [
"IpAddressBlock"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_gateway": {
"$ref": "ServiceGateway,
"required": false
},
"short_id": {
"description": "Defaults to id if id is less than equal to 8 characters or defaults to random generated id if not set.",
"maxLength": 8,
"title": "Identifier to use when displaying vpc context in logs",
"type": "string"
},
"site_infos": {
"description": "Information related to sites applicable for given VPC. The edge cluster path must belong to the same site. This will be a subset of the span of connected Tier0/VRF. Only 1 Edge cluster can be configured in site_infos.",
"items": {
"$ref": "SiteInfo
},
"maxItems": 1,
"required": false,
"title": "Collection of Site information.",
"type": "array"
},
"subnet_profiles": {
"$ref": "SubnetProfiles,
"description": "Subnet profiles will be used to create subnet profile binding and it will be applied to subnets. Subnet profiles need to be pre-created at the project level. If not specified, default profiles will be used.",
"required": false,
"title": "Subnet profiles"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy VPC",
"type": "object"
}
VpcIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VpcIpAddressAllocation",
"module_id": "PolicyVpcSubnetIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ip": {
"$ref": "IPAddress,
"description": "Single IP Address that is allocated from external ip block or IPv6 block based on IP address type. If not specified, any available IP will be allocated from respective IP block. If specified, it has to be within range of respective IP blocks. If IP is already in use then validation error will be thrown.",
"required": false,
"title": "IP address allocated from ip block."
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address_block_visibility": {
"default": "EXTERNAL",
"description": "Represents visibility of IP address block. This field is not applicable if IPAddressType at VPC is IPv6.",
"enum": [
"EXTERNAL",
"PRIVATE"
],
"title": "IP Address Block Visibility",
"type": "string"
},
"ip_address_type": {
"default": "IPV4",
"description": "This defines the type of IP address block that will be used to allocate IP. This field is applicable only if IP addressType at VPC is DUAL. In case of IPv4, external blocks will be used, and in case of IPv6, IPv6 blocks will be used.",
"enum": [
"IPV4",
"IPV6"
],
"title": "IP address type",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Parameters for IP allocation",
"type": "object"
}
VpcIpAddressAllocationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VpcIpAddressAllocationListResult",
"module_id": "PolicyVpcSubnetIpam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VpcIpAddressAllocation
},
"title": "List of VpcIpAddressAllocations",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of IP address allocations",
"type": "object"
}
VpcListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VpcListRequestParameters",
"module_id": "PolicyVpc",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy VPC list request parameters",
"type": "object"
}
VpcListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VpcListResult",
"module_id": "PolicyVpc",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Vpc
},
"required": true,
"title": "VPC list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of VPC",
"type": "object"
}
VpcSubnet (type)
{
"additionalProperties": false,
"description": "VPC Subnet provides self-service and allows the application users to create networks within the VPC and attach workloads to them.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VpcSubnet",
"module_id": "PolicyVpcSubnet",
"policy_hierarchical_children": [
"ChildDhcpStaticBindingConfig",
"ChildIpAddressPool",
"ChildVpcSubnetPort"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_mode": {
"default": "Private",
"description": "There are three kinds of Access Types supported for an Application. Private - VPC Subnet is accessible only within the application and its IPs are allocated from private IP address pool from VPC configuration unless specified explicitly by user. Public - VPC Subnet is accessible from external networks and its IPs are allocated from public IP address pool from VPC configuration unless specified explicitly by user. Isolated - VPC Subnet is not accessible from other VPC Subnets within the same VPC.",
"enum": [
"Private",
"Public",
"Isolated"
],
"required": false,
"title": "The access type for an VPC Subnet.",
"type": "string"
},
"advanced_config": {
"$ref": "SubnetAdvancedConfig,
"description": "VPC Subnet advanced configuration. This field is supported only for VPC Subnets on NSX local manager.",
"required": false,
"title": "VPC Subnet advanced configuration"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config": {
"$ref": "VpcSubnetDhcpConfig,
"description": "DHCP configuration to be applied on this VPC Subnet if the IP address type is IPv4. If not specified, VPC dhcp configuration will be applied on the VPC Subnet. VPC Subnet DHCP config will take precedence over VPC dhcp config, if available at both places.",
"required": false,
"title": "DHCP configs"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "If not provided, Ip assignment will be done based on VPC CIDRs This represents the VPC Subnet that is associated with tier. If IPv4 CIDR is given, ipv4_subnet_size property is ignored. For IPv6 CIDR, supported prefix length is /64.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "CIDR",
"type": "array"
},
"ipv4_subnet_size": {
"description": "If IP Addresses are not provided, this field will be used to carve out the ips from respective ip block defined in the parent VPC. The default is 64. If ip_addresses field is provided then ipv4_subnet_size field is ignored. This field cannot be modified after creating a VPC Subnet.",
"maximum": 65536,
"minimum": 16,
"required": false,
"title": "Size of the VPC Subnet based upon estimated workload count.",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy VPC Subnet",
"type": "object"
}
VpcSubnetDhcpConfig (type)
{
"description": "VPC Subnet DHCP config",
"extends": {
"$ref": "DhcpConfig
},
"id": "VpcSubnetDhcpConfig",
"module_id": "PolicyVpcSubnet",
"properties": {
"dhcp_relay_config_path": {
"description": "Policy path of DHCP-relay-config. If configured then all the subnets will be configured with the DHCP relay server. If not specified, then the local DHCP server will be configured for all connected subnets.",
"required": false,
"title": "DHCP relay config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Vpc"
],
"relationshipType": "VPC_DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"dns_client_config": {
"$ref": "DnsClientConfig,
"description": "Dns configuration",
"required": false,
"title": "Dns client configuration"
},
"enable_dhcp": {
"description": "If activated, the DHCP server will be configured based on IP address type. If deactivated then neither DHCP server nor relay shall be configured.",
"required": false,
"title": "Activate or Deactivate DHCP",
"type": "boolean"
},
"static_pool_config": {
"$ref": "StaticPoolConfig,
"description": "Static IP pool configuration.",
"required": false,
"title": "Static IP pool configuration"
}
},
"title": "VPC Subnet DHCP configuration",
"type": "object"
}
VpcSubnetDhcpServerRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VpcSubnetDhcpServerRequestParameters",
"module_id": "PolicyVpcSubnetStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VPC Subnet DHCP server list request parameters",
"type": "object"
}
VpcSubnetListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VpcSubnetListRequestParameters",
"module_id": "PolicyVpcSubnet",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy VPC Subnet list request parameters",
"type": "object"
}
VpcSubnetListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VpcSubnetListResult",
"module_id": "PolicyVpcSubnet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VpcSubnet
},
"required": true,
"title": "VPC Subnet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of VPC Subnet",
"type": "object"
}
VpcSubnetPort (type)
{
"additionalProperties": false,
"description": "VPC Subnet port will create LogicalPort on LogicalSwitch corresponding to the Subnet. Address bindings cannot be removed after realization.",
"extends": {
"$ref": "SegmentPort
},
"id": "VpcSubnetPort",
"module_id": "PolicyVpcSubnet",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"description": "Static address binding used for the port.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 512,
"required": false,
"title": "Address bindings for the port",
"type": "array"
},
"admin_state": {
"default": "UP",
"enum": [
"UP",
"DOWN"
],
"required": false,
"title": "Represents desired state of the segment port",
"type": "string"
},
"attachment": {
"$ref": "PortAttachment,
"description": "Only VIF attachment is supported",
"required": false,
"title": "VIF attachment"
},
"children": {
"description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "Subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs. Segment port setting will override segment setting if the same key was set on both segment and segment port.",
"items": {
"$ref": "SegmentExtraConfig
},
"required": false,
"title": "Extra configs on segment port",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignored_address_bindings": {
"description": "IP Discovery module uses various mechanisms to discover address bindings being used on each segment port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 16,
"minItems": 0,
"required": false,
"title": "Address bindings to be ignored by IP Discovery module",
"type": "array"
},
"init_state": {
"description": "Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation, and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host.",
"enum": [
"UNBLOCKED_VLAN",
"RESTORE_VIF"
],
"required": false,
"title": "Initial state of this logical ports",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source Distributed Virtual Port and the corresponding Distributed Virtual Switch. This ID is populated only for ports attached to discovered segments.",
"readonly": true,
"title": "ID of the distributed virtual port and the distributed virtual switch in the source vCenter",
"type": "string"
},
"origin_site_id": {
"description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for knowing which site owns an object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"owner_id": {
"description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for the ownership of an object",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_path": {
"description": "This path is populated only in case of multi-site scenario. Currently it is supported only for LM objects. When LM is onboarded to multi-site platform like NAPP or GM, remote_path will be set to the globally unique path across multi-site topology . It is generated based on local site-name and uses /org tree namespace. Note: It is populated only for LM objects. Not supported on the GM.",
"readonly": true,
"required": false,
"title": "Path of the object on the remote end.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_site_id": {
"description": "This field will refer to the source site on which the segment port is discovered. This field is populated by GM, when it receives corresponding notification from LM.",
"readonly": true,
"title": "source site(LM) id.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy port object for VPC Subnet",
"type": "object"
}
VpcSubnetPortListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SegmentPortListRequestParameters
},
"id": "VpcSubnetPortListRequestParameters",
"module_id": "PolicyVpcSubnet",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VPC Subnet Port list request parameters",
"type": "object"
}
VpcSubnetPortListResult (type)
{
"additionalProperties": false,
"description": "List VPC Subnet Port objects",
"extends": {
"$ref": "SegmentPortListResult
},
"id": "VpcSubnetPortListResult",
"module_id": "PolicyVpcSubnet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Place holder for the list result",
"items": {
"$ref": "SegmentPort
},
"required": true,
"title": "SegmentPort list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of VPC Subnet Port",
"type": "object"
}
VpcSubnetStatus (type)
{
"description": "Realized state of the VPC Subnet, this will show user information related to ip pool, dhcp etc.",
"id": "VpcSubnetStatus",
"module_id": "PolicyVpcSubnet",
"properties": {
"dhcp_ranges": {
"description": "DHCP address ranges are used for dynamic IP allocation. Existing values cannot be deleted or modified",
"title": "DHCP address ranges for dynamic IP allocation",
"type": "string"
},
"dhcp_server_address": {
"description": "Dhcp server IP address.",
"title": "Dhcp server IP address",
"type": "string"
},
"gateway_address": {
"description": "Gateway address of the VPC Subnet",
"title": "Gateway Address",
"type": "string"
},
"ip_address_type": {
"description": "This defines the IP address type that will be allocated for VPC Subnets.",
"enum": [
"IPV4",
"IPV6"
],
"title": "IP address type",
"type": "string"
},
"network_address": {
"description": "Network address of the VPC Subnet",
"title": "Network Address",
"type": "string"
},
"static_ip_pool_path": {
"description": "Static IP Pool used to allocate IPs. For ex, for DHCP static binding, LB VIP etc. This will also have pool usage inforamation.",
"title": "IP Pool",
"type": "string"
},
"static_ip_pool_range": {
"description": "Static IP address ranges used for IP allocation.",
"title": "Address ranges for static IP allocation",
"type": "string"
}
},
"title": "Realized state of the VPC Subnet",
"type": "object"
}
VpcSubnetStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VpcSubnetStatusListResult",
"module_id": "PolicyVpcSubnet",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VpcSubnetStatus
},
"title": "VPC Subnet list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of VPC Subnet Status",
"type": "object"
}
VrfEvpnL2VniConfig (type)
{
"id": "VrfEvpnL2VniConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enable_vtep_groups": {
"default": false,
"description": "This is used to enable or disable the creation of vtep groups. Each vtep group is used to group vteps with the same MAC for L2 ECMP usage.",
"required": false,
"title": "Flag to enable or disable the creation of vtep groups",
"type": "boolean"
},
"l2_vni_configs": {
"description": "Define L2 VNI and its related route distinguiser and route targets.",
"items": {
"$ref": "VrfL2VniConfig
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "L2 VNI configurations associated with the VRF",
"type": "array"
}
},
"type": "object"
}
VrfL2VniConfig (type)
{
"id": "VrfL2VniConfig",
"module_id": "PolicyConnectivity",
"properties": {
"l2_vni": {
"description": "L2 VNI associated with the VRF. It must be unique and available from the VNI pool defined for EVPN service.",
"required": true,
"title": "L2 VNI associated with the VRF",
"type": "int"
},
"route_distinguisher": {
"description": "This is a 64 bit number which disambiguates overlapping logical networks, with format in IPAddress:<number> or ASN:<number>.",
"required": true,
"title": "The unique route distinguisher for the virtual routing and forwarding instance",
"type": "string"
},
"route_targets": {
"description": "Route targets.",
"items": {
"$ref": "VrfRouteTargets
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Route targets",
"type": "array"
}
},
"type": "object"
}
VrfRouteTargets (type)
{
"additionalProperties": false,
"description": "Vrf Route Targets for import/export.",
"id": "VrfRouteTargets",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"default": "L2VPN_EVPN",
"description": "Address family.",
"enum": [
"L2VPN_EVPN"
],
"required": false,
"title": "Address family",
"type": "string"
},
"export_route_targets": {
"description": "Export route targets with format in ASN:<number>.",
"items": {
"type": "string"
},
"required": false,
"title": "Export route targets",
"type": "array"
},
"import_route_targets": {
"description": "Import route targets with format in ASN:<number>.",
"items": {
"type": "string"
},
"required": false,
"title": "Import route targets",
"type": "array"
}
},
"title": "Vrf Route Targets",
"type": "object"
}
VrniGlobalCollector (type)
{
"additionalProperties": false,
"description": "vRNI collector collects the system metrics to Vmware vRNI (vRealize Network Insight) platform for network monitoring and analytics.",
"extends": {
"$ref": "GlobalCollectorConfig
},
"id": "VrniGlobalCollector",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "VRNI"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
},
"report_interval": {
"default": 30,
"description": "Report interval for operation data in seconds.",
"maximum": 1800,
"minimum": 1,
"required": true,
"title": "Report interval for operation data in seconds",
"type": "int"
}
},
"title": "NSX global configs for VRNI global collector",
"type": "object"
}
VsipCounters (type)
{
"id": "VsipCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"alg_handler_drops": {
"description": "alg handler error.",
"readonly": true,
"required": false,
"type": "integer"
},
"bad_offset_drops": {
"description": "bad-offset.",
"readonly": true,
"required": false,
"type": "integer"
},
"bad_timestamp_drops": {
"description": "bad-timestamp.",
"readonly": true,
"required": false,
"type": "integer"
},
"congestion_drops": {
"description": "congestion.",
"readonly": true,
"required": false,
"type": "integer"
},
"fragment_drops": {
"description": "fragment.",
"readonly": true,
"required": false,
"type": "integer"
},
"handshake_error_drops": {
"description": "3wh error.",
"readonly": true,
"required": false,
"type": "integer"
},
"icmp_err_pkt_drops": {
"description": "icmp errpkt drop.",
"readonly": true,
"required": false,
"type": "integer"
},
"icmp_error_drops": {
"description": "icmp error.",
"readonly": true,
"required": false,
"type": "integer"
},
"icmp_flood_overlimit_drops": {
"description": "ICMP flood overlimit.",
"readonly": true,
"required": false,
"type": "integer"
},
"ignored_offloaded_fpdrops": {
"description": "Ignored offloaded FP.",
"readonly": true,
"required": false,
"type": "integer"
},
"ignored_offloaded_spdrops": {
"description": "Ignored offloaded SP",
"readonly": true,
"required": false,
"type": "integer"
},
"ip_option_drops": {
"description": "ip-option.",
"readonly": true,
"required": false,
"type": "integer"
},
"l7_alert_drops": {
"description": "L7 alert.",
"readonly": true,
"required": false,
"type": "integer"
},
"l7_attr_error_drops": {
"description": "L7 attr error.",
"readonly": true,
"required": false,
"type": "integer"
},
"l7_pending_misc": {
"description": "L7 pending.",
"readonly": true,
"required": false,
"type": "integer"
},
"lb_reject_drops": {
"description": "LB Reject.",
"readonly": true,
"required": false,
"type": "integer"
},
"match_drop_rule_rx_drops": {
"description": "Rx pkts dropped by hitting drop/reject rule.",
"readonly": true,
"required": false,
"type": "integer"
},
"match_drop_rule_tx_drops": {
"description": "Tx pkts dropped by hitting drop/reject rule.",
"readonly": true,
"required": false,
"type": "integer"
},
"memory_drops": {
"description": "memory.",
"readonly": true,
"required": false,
"type": "integer"
},
"normalize_drops": {
"description": "normalize.",
"readonly": true,
"required": false,
"type": "integer"
},
"other_flood_overlimit_drops": {
"description": "OTHER flood overlimit.",
"readonly": true,
"required": false,
"type": "integer"
},
"pkts_frag_queued_v4_misc": {
"description": "pkts-frag-queued-v4.",
"readonly": true,
"required": false,
"type": "integer"
},
"pkts_frag_queued_v6_misc": {
"description": "pkts-frag-queued-v6.",
"readonly": true,
"required": false,
"type": "integer"
},
"proto_cksum_drops": {
"description": "proto-cksum.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv4_drop_pkts": {
"description": "Received IPv4 drop packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv4_pass_pkts": {
"description": "Received IPv4 pass packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv4_reject_pkts": {
"description": "Received IPv4 reject packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv6_drop_pkts": {
"description": "Received IPv6 drop packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv6_pass_pkts": {
"description": "Received IPv6 pass packets",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_ipv6_reject_pkts": {
"description": "Received IPv6 reject packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"rx_l2_drop_pkts": {
"description": "Received layer 2 drop packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_bad_ack_drops": {
"description": "seqno bad ack",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_gt_max_ack_drops": {
"description": "seqno gt maxack",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_lt_minack_drops": {
"description": "seqno lt minack",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_old_ack_drops": {
"description": "seqno old ack",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_old_retrans_drops": {
"description": "seqno old retrans.",
"readonly": true,
"required": false,
"type": "integer"
},
"seqno_outside_window_drops": {
"description": "seqno outside window.",
"readonly": true,
"required": false,
"type": "integer"
},
"short_drops": {
"description": "short.",
"readonly": true,
"required": false,
"type": "integer"
},
"spoof_guard_drops": {
"description": "spoofguard.",
"readonly": true,
"required": false,
"type": "integer"
},
"src_limit_misc": {
"description": "src-limit.",
"readonly": true,
"required": false,
"type": "integer"
},
"state_insert_drops": {
"description": "state-insert.",
"readonly": true,
"required": false,
"type": "integer"
},
"state_limit_drops": {
"description": "state-limit.",
"readonly": true,
"required": false,
"type": "integer"
},
"state_mismatch_drops": {
"description": "state-mismatch.",
"readonly": true,
"required": false,
"type": "integer"
},
"strict_no_syn_drops": {
"description": "strict no syn.",
"readonly": true,
"required": false,
"type": "integer"
},
"syn_expected_drops": {
"description": "SYN Expected.",
"readonly": true,
"required": false,
"type": "integer"
},
"syn_proxy_drops": {
"description": "synproxy.",
"readonly": true,
"required": false,
"type": "integer"
},
"tcp_flood_overlimit_drops": {
"description": "TCP flood overlimit.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv4_drop_pkts": {
"description": "Sent IPv4 drop packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv4_pass_pkts": {
"description": "Sent IPv4 pass packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv4_reject_pkts": {
"description": "Sent IPv4 reject packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv6_drop_pkts": {
"description": "Sent IPv6 drop packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv6_pass_pkts": {
"description": "Sent IPv6 pass packets",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_ipv6_reject_pkts": {
"description": "Sent IPv6 reject packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"tx_l2_drop_pkts": {
"description": "Sent layer 2 drop packets.",
"readonly": true,
"required": false,
"type": "integer"
},
"udp_flood_overlimit_drops": {
"description": "UDP flood overlimit.",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
VsphereClusterNodeVMDeploymentConfig (type)
{
"description": "The Vsphere deployment configuration determines where to deploy the cluster node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - dns_servers, management_port_subnets, and default_gateway_addresses",
"extends": {
"$ref": "ClusterNodeVMDeploymentConfig
},
"id": "VsphereClusterNodeVMDeploymentConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"type-identifier": "VsphereClusterNodeVMDeploymentConfig"
},
"properties": {
"allow_ssh_root_login": {
"default": false,
"description": "If true, the root user will be allowed to log into the VM. Allowing root SSH logins is not recommended for security reasons.",
"required": false,
"title": "Allow root SSH logins",
"type": "boolean"
},
"compute_id": {
"description": "The cluster node VM will be deployed on the specified cluster or resourcepool for specified VC server.",
"required": true,
"title": "Cluster identifier or resourcepool identifier",
"type": "string"
},
"default_gateway_addresses": {
"description": "The default IPv4 gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use only IPv6. Note: only single IPv4 default gateway address is supported and it must belong to management network. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified in case of IPv4.",
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Default IPv4 gateway for the VM",
"type": "array"
},
"default_ipv6_gateway_addresses": {
"description": "The default IPv6 gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_ipv6_subnets to use only IPv4. Note: only single IPv6 default gateway address is supported and it must belong to management network. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified in case of IPv6.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Default IPv6 gateway for the VM",
"type": "array"
},
"disk_provisioning": {
"$ref": "DiskProvisioning,
"default": "THIN",
"description": "Specifies the disk provisioning type of the VM.",
"required": false,
"title": "Disk provitioning type"
},
"dns_servers": {
"description": "List of DNS servers. If DHCP is used, the default DNS servers associated with the DHCP server will be used instead. Required if using static IP.",
"items": {
"$ref": "IPAddress
},
"minItems": 1,
"required": false,
"title": "DNS servers",
"type": "array"
},
"enable_ssh": {
"default": false,
"description": "If true, the SSH service will automatically be started on the VM. Enabling SSH service is not recommended for security reasons.",
"required": false,
"title": "Enable SSH",
"type": "boolean"
},
"folder_id": {
"description": "Specifies the folder in which the VM should be placed.",
"required": false,
"title": "Folder identifier",
"type": "string"
},
"host_id": {
"description": "The cluster node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.",
"required": false,
"title": "Host identifier",
"type": "string"
},
"hostname": {
"description": "Desired host name/FQDN for the VM to be deployed",
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$",
"required": true,
"title": "Host name or FQDN for the VM",
"type": "string"
},
"management_network_id": {
"description": "Distributed portgroup identifier to which the management vnic of cluster node VM will be connected.",
"required": true,
"title": "Portgroup identifier for management network connectivity",
"type": "string"
},
"management_port_ipv6_subnets": {
"description": "IPv6 Address and subnet configuration for the management port. Do not specify this field and default_ipv6_gateway_addresses to use only IPv4. Note: only one IPv6 address is supported for the management port. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified in case of IPv6.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IPv6 port subnets for management port",
"type": "array"
},
"management_port_subnets": {
"description": "IPv4 Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use only IPv6. Note: only one IPv4 address is supported for the management port. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified in case of IPv4.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IPv4 port subnets for management port",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers. To use hostnames, a DNS server must be defined. If not using DHCP, a DNS server should be specified under dns_servers.",
"items": {
"$ref": "HostnameOrIPAddress
},
"required": false,
"title": "NTP servers",
"type": "array"
},
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM",
"enum": [
"VsphereClusterNodeVMDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
},
"search_domains": {
"description": "List of domain names that are used to complete unqualified host names.",
"items": {
"type": "string"
},
"required": false,
"title": "DNS search domain names",
"type": "array"
},
"storage_id": {
"description": "The cluster node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.",
"required": true,
"title": "Storage/datastore identifier",
"type": "string"
},
"vc_id": {
"description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.",
"required": true,
"title": "Vsphere compute identifier for identifying VC server",
"type": "string"
}
},
"title": "Deployment config on the Vsphere platform",
"type": "object"
}
VsphereDeploymentConfig (type)
{
"additionalProperties": false,
"description": "The Vsphere deployment configuration determines where to deploy the edge node. It contains settings that are applied during install time. Use EdgeNodeSettings to specify host name, SSH, NTP and DNS settings for both deployment and consequent update. These settings are editable for manually deployed edge nodes as well. EdgeNodeSettings reports current values configured on the edge node.",
"extends": {
"$ref": "DeploymentConfig
},
"id": "VsphereDeploymentConfig",
"module_id": "FabricNode",
"polymorphic-type-descriptor": {
"type-identifier": "VsphereDeploymentConfig"
},
"properties": {
"advanced_configuration": {
"deprecated": true,
"description": "This field is deprecated. EdgeNodeSettings field 'advanced_configuration' must be used instead. Array of additional specific properties for advanced or cloud-specific deployments in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Advanced configuration",
"type": "array"
},
"compute_folder_id": {
"description": "The edge node vm will be deployed on the specified compute folder created in a datacenter, if compute folder is specified. Note - User must ensure that compute folder is accessible by specified cluster/host.",
"required": false,
"title": "Compute folder identifier in the specified vcenter server.",
"type": "string"
},
"compute_id": {
"description": "The edge node vm will be deployed on the specified cluster or resourcepool. Note - all the hosts must have nsx fabric prepared in the specified cluster.",
"required": true,
"title": "Cluster identifier or resourcepool identifier for specified vcenter server.",
"type": "string"
},
"data_network_ids": {
"description": "List of distributed portgroups, VLAN logical switch identifiers or segment paths to which the datapath serving vnics of edge node vm will be connected. If a VM network interface is not configured, it is disconnected and represented as an empty string.",
"items": {
"type": "string"
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "List of portgroups, logical switch identifiers or segment paths for datapath connectivity.",
"type": "array"
},
"default_gateway_addresses": {
"description": "The default gateway for edge node must be specified if all the nodes it communicates with are not in the same subnet. Note: IPv4, IPv6 and Dual Stack Address is supported and it must belong to management network.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"minItems": 1,
"required": false,
"title": "Default gateway for the node.",
"type": "array"
},
"host_id": {
"description": "The edge node vm will be deployed on the specified Host within the cluster if host_id is specified. Note - User must ensure that storage and specified networks are accessible by this host.",
"required": false,
"title": "Host identifier in the specified vcenter server.",
"type": "string"
},
"ipv4_assignment_disabled": {
"default": false,
"description": "This flag represents whether IPv4 configuration is enabled or not. This flag is especially important when IPv6 only configuration is required and value should be true.",
"nsx_feature": "Ipv6OnlyEdgeTn",
"required": false,
"type": "boolean"
},
"ipv4_assignment_enabled": {
"default": true,
"deprecated": true,
"description": "This flag represents whether IPv4 configuration is enabled or not. This flag is especially important when IPv6 only configuration is required and value should be false.",
"required": false,
"type": "boolean"
},
"ipv6_assignment_type": {
"description": "IPv6 assignment type e.g STATIC, DHCPV6, SLAAC. if enum value is STATIC then management_port_subnets is mandatory. In this iteration DHCPV6 and SLAAC are not supported.",
"enum": [
"STATIC"
],
"required": false,
"title": "IPV6 assignment type",
"type": "string"
},
"management_network_id": {
"description": "Distributed portgroup identifier to which the management vnic of edge node vm will be connected. This portgroup must have connectivity with MP and CCP. A VLAN logical switch identifier may also be specified. If VM network interface is not connected, it is represented as an empty string.",
"required": true,
"title": "Portgroup, logical switch identifier or segment path for management network connectivity.",
"type": "string"
},
"management_port_subnets": {
"description": "IP Address and subnet configuration for the management port. Note: IPv4, IPv6 and Dual Stack Address is supported.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 2,
"minItems": 1,
"required": false,
"title": "Port subnets for management port. IPv4, IPv6 and Dual Stack Address is supported.",
"type": "array"
},
"placement_type": {
"enum": [
"VsphereDeploymentConfig"
],
"required": true,
"type": "string"
},
"reservation_info": {
"$ref": "ReservationInfo,
"description": "Resource reservation for memory and CPU resources.",
"required": false,
"title": "Resource reservation settings."
},
"resource_allocation": {
"$ref": "ResourceAssignment,
"description": "Allocation for memory and CPU resources.",
"required": false,
"title": "Current resource allocation."
},
"storage_id": {
"description": "The edge node vm will be deployed on the specified datastore. User must ensure that storage is accessible by the specified cluster/host.",
"required": true,
"title": "Storage/datastore identifier in the specified vcenter server.",
"type": "string"
},
"vc_id": {
"description": "The vc specific identifiers will be resolved on this VC. So all other identifiers specified here must belong to this vcenter server.",
"required": true,
"title": "Vsphere compute identifier for identifying the vcenter server.",
"type": "string"
}
},
"type": "object"
}
VswitchCounters (type)
{
"id": "VswitchCounters",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"forged_transmit_rx_drops": {
"description": "Drops due to forged transmits disabled.",
"required": false,
"type": "integer"
},
"unknown_unicast_rx_uplink_pkts": {
"description": "Unknown unicast flooded packets received from uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"unknown_unicast_tx_uplink_pkts": {
"description": "Unknown unicast flooded packets sent on the uplink.",
"readonly": true,
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_rx": {
"description": "Drops due to VLAN tag mismatch of packets received by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_rx_mcast": {
"description": "Drops due to VLAN tag mismatch of packets received by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_tx": {
"description": "Drops due to VLAN tag mismatch of packets forwarded by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
},
"vlan_tag_mismatch_tx_mcast": {
"description": "Drops due to VLAN tag mismatch of packets forwarded by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
},
"vni_tag_mismatch_tx": {
"description": "Drops due to VNI tag mismatch of packets forwarded by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
},
"vni_tag_mismatch_tx_mcast": {
"description": "Drops due to VNI tag mismatch of packets forwarded by vswitch.",
"readonly": true,
"required": false,
"type": "integer"
}
},
"type": "object"
}
VtepCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "VtepCsvListResult",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "VtepTableCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
VtepLabelPool (type)
{
"additionalProperties": false,
"description": "A collection of ranges of virtual tunnel endpoint labels",
"extends": {
"$ref": "ManagedResource
},
"id": "VtepLabelPool",
"module_id": "VtepLabel",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"computed": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"pool_usage": {
"$ref": "VtepLabelPoolUsage,
"readonly": true,
"title": "Pool usage statistics"
},
"ranges": {
"items": {
"$ref": "VtepLabelRange
},
"required": true,
"title": "Array of ranges for virtual tunnel endpoint labels",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
VtepLabelPoolListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VtepLabelPoolListResult",
"module_id": "VtepLabel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VtepLabelPool
},
"required": true,
"title": "Virtual tunnel endpoint label pool list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VtepLabelPoolUsage (type)
{
"additionalProperties": false,
"description": "Pool usage statistics in a pool",
"id": "VtepLabelPoolUsage",
"module_id": "VtepLabel",
"properties": {
"allocated_ids": {
"readonly": true,
"title": "Total number of allocated IDs in a pool",
"type": "integer"
},
"free_ids": {
"readonly": true,
"title": "Total number of free IDs in a pool",
"type": "integer"
},
"total_ids": {
"readonly": true,
"title": "Total number of IDs in a pool",
"type": "integer"
}
},
"type": "object"
}
VtepLabelRange (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "VtepLabelRange",
"module_id": "VtepLabel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"end": {
"description": "End value for virtual tunnel endpoint label range",
"maximum": 131071,
"minimum": 1,
"readonly": false,
"required": true,
"title": "Virtual tunnel endpoint label range end",
"type": "integer"
},
"start": {
"description": "Start value for virtual tunnel endpoint label range",
"maximum": 131071,
"minimum": 1,
"readonly": false,
"required": true,
"title": "Virtual tunnel endpoint label range start",
"type": "integer"
}
},
"type": "object"
}
VtepListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "VtepListResult",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VtepTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
VtepTableCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "VtepTableCsvRecord",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"segment_id": {
"required": false,
"title": "The segment Id",
"type": "string"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IP address"
},
"vtep_label": {
"required": true,
"title": "The virtual tunnel endpoint label",
"type": "integer"
},
"vtep_mac_address": {
"required": true,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
VtepTableEntry (type)
{
"id": "VtepTableEntry",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"segment_id": {
"required": false,
"title": "The segment Id",
"type": "string"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IP address"
},
"vtep_label": {
"required": false,
"title": "The virtual tunnel endpoint label",
"type": "integer"
},
"vtep_mac_address": {
"required": false,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
WaveFrontGlobalCollector (type)
{
"additionalProperties": false,
"description": "Wavefront collector is defined to export the real-time metrics to Vmware Warfront platform for monitoring and streaming analysis. It is only applicable on VMC mode.",
"extends": {
"$ref": "GlobalCollectorConfig
},
"id": "WaveFrontGlobalCollector",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "WAVE_FRONT"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
},
"tracing_port": {
"default": 30001,
"description": "Port for the Wavefront tracing.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port for the Wavefront tracing",
"type": "int"
}
},
"title": "NSX global configs for WAVE_FRONT global collector",
"type": "object"
}
WeeklyBackupSchedule (type)
{
"extends": {
"$ref": "BackupSchedule
},
"id": "WeeklyBackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "WeeklyBackupSchedule"
},
"properties": {
"days_of_week": {
"items": {
"type": "integer"
},
"maxItems": 7,
"minItems": 1,
"required": true,
"title": "Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ...",
"type": "array",
"uniqueItems": true
},
"hour_of_day": {
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Time of day when backup is taken",
"type": "integer"
},
"minute_of_day": {
"maximum": 59,
"minimum": 0,
"required": true,
"title": "Time of day when backup is taken",
"type": "integer"
},
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
}
},
"title": "Schedule to specify day of the week and time to take automated backup",
"type": "object"
}
WeeklyTelemetrySchedule (type)
{
"extends": {
"$ref": "TelemetrySchedule
},
"id": "WeeklyTelemetrySchedule",
"module_id": "TelemetryConfig",
"polymorphic-type-descriptor": {
"type-identifier": "WeeklyTelemetrySchedule"
},
"properties": {
"day_of_week": {
"description": "Day of week on which data will be collected. Specify one of SUNDAY through SATURDAY.",
"enum": [
"SUNDAY",
"MONDAY",
"TUESDAY",
"WEDNESDAY",
"THURSDAY",
"FRIDAY",
"SATURDAY"
],
"required": true,
"title": "Day of week on which data will be collected",
"type": "string"
},
"frequency_type": {
"description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.",
"required": true,
"title": "Frequency at which data will be collected",
"type": "string"
},
"hour_of_day": {
"description": "Hour at which data will be collected. Specify a value between 0 through 23.",
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Hour at which data will be collected",
"type": "integer"
},
"minutes": {
"default": 0,
"description": "Minute at which data will be collected. Specify a value between 0 through 59.",
"maximum": 59,
"minimum": 0,
"required": false,
"title": "Minute at which data will be collected",
"type": "integer"
}
},
"type": "object"
}
WhiteListProvisionType (type) (Deprecated)
{
"deprecated": true,
"enum": [
"LPORT_BINDINGS"
],
"help_detail": "LPORT_BINDINGS value indicates that address_bindings from Logical Port\nwill be consumed for spoof-guard feature.\n",
"id": "WhiteListProvisionType",
"module_id": "SpoofGuardSwitchingProfile",
"title": "Ways to provide white listed addresses for SpoofGuard",
"type": "string"
}
WidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Describes the configuration of a widget to be displayed on the dashboard. WidgetConfiguration is a base type that provides attributes of a widget in-general.",
"extends": {
"$ref": "ManagedResource
},
"id": "WidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"computed": true,
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Dashboard Widget Configuration",
"type": "object"
}
WidgetConfigurationList (type)
{
"additionalProperties": false,
"description": "Represents a list of widget configurations.",
"id": "WidgetConfigurationList",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"widgetconfigurations": {
"description": "Array of widget configurations",
"items": {
"$ref": "WidgetConfiguration
},
"readonly": true,
"required": true,
"title": "Array of widget configurations",
"type": "array"
}
},
"title": "List of Widget Configurations",
"type": "object"
}
WidgetItem (type)
{
"additionalProperties": false,
"description": "Represents a reference to a widget that is held by a container or a multi-widget or a View.",
"id": "WidgetItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alignment": {
"default": "LEFT",
"description": "Aligns widget either left or right.",
"enum": [
"LEFT",
"RIGHT"
],
"title": "Alignment of widget inside container",
"type": "string"
},
"label": {
"$ref": "Label,
"description": "Applicable for 'DonutConfiguration' and 'StatsConfiguration' reports only. If label is not specified, then it defaults to the label of the donut or stats report.",
"title": "Label of the the report"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"separator": {
"default": false,
"description": "If true, separates this widget in a container.",
"title": "A separator after this widget",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"weight": {
"default": 10000,
"description": "Determines placement of widget or container relative to other widgets and containers. The lower the weight, the higher it is in the placement order.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widget_id": {
"description": "Id of the widget configuration that is held by a multi-widget or a container or a view.",
"maxLength": 255,
"required": true,
"title": "Id of the widget configuration",
"type": "string"
}
},
"title": "Widget held by MultiWidgetConfiguration or Container or a View",
"type": "object"
}
WidgetPlotConfiguration (type)
{
"additionalProperties": false,
"description": "Base type for widget plot config.",
"id": "WidgetPlotConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
}
},
"title": "Base type for widget plot config",
"type": "object"
}
WidgetQueryParameters (type)
{
"additionalProperties": false,
"id": "WidgetQueryParameters",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"container": {
"description": "Id of the container whose widget configurations are to be queried.",
"maxLength": 255,
"readonly": true,
"title": "Id of the container",
"type": "string"
},
"widget_ids": {
"description": "Comma separated ids of WidgetConfigurations to be queried.",
"maxLength": 8192,
"readonly": true,
"title": "Ids of the WidgetConfigurations",
"type": "string"
}
},
"title": "Parameters for querying widget configurations",
"type": "object"
}
Workflow (type)
{
"additionalProperties": false,
"description": "Workflow details.",
"id": "Workflow",
"module_id": "OverlayAdoption",
"properties": {
"errors": {
"description": "List of errors.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors",
"type": "array"
},
"resource": {
"$ref": "WorkflowResource,
"description": "Workflow resource.",
"readonly": true,
"required": true,
"title": "Workflow resource"
},
"status": {
"$ref": "WorkflowStatus,
"description": "Workflow status.",
"readonly": true,
"required": false,
"title": "Workflow status"
},
"steps": {
"description": "List of steps in workflow",
"items": {
"$ref": "WorkflowStep
},
"readonly": true,
"required": false,
"title": "List of steps in workflow",
"type": "array"
},
"type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": true,
"required": true,
"title": "Workflow type"
},
"warnings": {
"description": "List of warnings.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings",
"type": "array"
}
},
"title": "Workflow details",
"type": "object"
}
WorkflowListResult (type)
{
"additionalProperties": false,
"description": "List of workflows.",
"id": "WorkflowListResult",
"module_id": "OverlayAdoption",
"properties": {
"results": {
"description": "List of workflows.",
"items": {
"$ref": "Workflow
},
"readonly": true,
"required": true,
"title": "List of workflows",
"type": "array"
}
},
"title": "List of workflows",
"type": "object"
}
WorkflowRequestParameters (type)
{
"description": "Workflow request parameters.",
"id": "WorkflowRequestParameters",
"module_id": "OverlayAdoption",
"properties": {
"workflow_resource": {
"$ref": "WorkflowResource,
"description": "Workflow resource.",
"readonly": false,
"required": true,
"title": "Workflow resource"
},
"workflow_type": {
"$ref": "WorkflowType,
"description": "Workflow type.",
"readonly": false,
"required": true,
"title": "Workflow type"
}
},
"title": "Workflow request parameters",
"type": "object"
}
WorkflowResource (type)
{
"abstract": true,
"description": "Workflow resource.",
"id": "WorkflowResource",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "WorkflowResourceType,
"description": "Workflow resource type.",
"readonly": false,
"required": true,
"title": "Workflow resource type"
}
},
"title": "Workflow resource",
"type": "object"
}
WorkflowResourceType (type)
{
"description": "Workflow resource type.",
"enum": [
"VcWorkflowResource",
"DvpgWorkflowResource",
"DvpgAndSegmentWorkflowResource",
"VmGroupWorkflowResource",
"SegmentWorkflowResource",
"SegmentAndBridgeProfileWorkflowResource"
],
"id": "WorkflowResourceType",
"module_id": "OverlayAdoption",
"title": "Workflow resource type",
"type": "string"
}
WorkflowSpec (type)
{
"abstract": true,
"description": "Workflow spec.",
"id": "WorkflowSpec",
"module_id": "OverlayAdoption",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "WorkflowSpecType,
"description": "Workflow spec type.",
"readonly": false,
"required": true,
"title": "Workflow spec type"
}
},
"title": "Workflow spec",
"type": "object"
}
WorkflowSpecListResult (type)
{
"additionalProperties": false,
"description": "List of workflow specs.",
"id": "WorkflowSpecListResult",
"module_id": "OverlayAdoption",
"properties": {
"results": {
"description": "List of workflow specs.",
"items": {
"$ref": "WorkflowSpec
},
"readonly": true,
"required": true,
"title": "List of workflow specs",
"type": "array"
}
},
"title": "List of workflow specs",
"type": "object"
}
WorkflowSpecType (type)
{
"description": "Workflow spec type.",
"enum": [
"CollectConfigWorkflowSpec",
"ExtendDvpgWorkflowSpec",
"MigrateVmsWorkflowSpec",
"MigrateGatewayWorkflowSpec",
"DisconnectBridgeWorkflowSpec"
],
"id": "WorkflowSpecType",
"module_id": "OverlayAdoption",
"title": "Workflow spec type",
"type": "string"
}
WorkflowStatus (type)
{
"description": "Workflow status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"PAUSED",
"SUCCESS",
"FAILED"
],
"id": "WorkflowStatus",
"module_id": "OverlayAdoption",
"title": "Workflow status",
"type": "string"
}
WorkflowStep (type)
{
"additionalProperties": false,
"description": "Execution step in a workflow.",
"id": "WorkflowStep",
"module_id": "OverlayAdoption",
"properties": {
"status": {
"$ref": "WorkflowStepStatus,
"description": "Workflow step status.",
"readonly": true,
"required": false,
"title": "Workflow step status"
},
"type": {
"$ref": "WorkflowStepType,
"description": "Workflow step type.",
"readonly": true,
"required": true,
"title": "Workflow step type"
}
},
"title": "Workflow step",
"type": "object"
}
WorkflowStepStatus (type)
{
"description": "Workflow step status.",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"PAUSED",
"SUCCESS",
"FAILED"
],
"id": "WorkflowStepStatus",
"module_id": "OverlayAdoption",
"title": "Workflow step status",
"type": "string"
}
WorkflowStepType (type)
{
"description": "Workflow step type.",
"enum": [
"COLLECT_CONFIG_EXECUTE",
"ASSESSMENT_EXECUTE",
"PRE_CHECKS",
"EXTEND_DVPG_BRIDGE_DVPG_AND_SEGMENT",
"MIGRATE_VMS_TO_OVERLAY_EXECUTE",
"MIGRATE_VMS_TO_DVPG_EXECUTE",
"MIGRATE_GATEWAY_PREPARE",
"MIGRATE_GATEWAY_EXECUTE",
"DISCONNECT_BRIDGE_EXECUTE"
],
"id": "WorkflowStepType",
"module_id": "OverlayAdoption",
"title": "Workflow step type",
"type": "string"
}
WorkflowType (type)
{
"description": "Workflow type.",
"enum": [
"COLLECT_CONFIG",
"ASSESSMENT",
"EXTEND_DVPG",
"MIGRATE_VMS_TO_OVERLAY",
"MIGRATE_VMS_TO_DVPG",
"MIGRATE_GATEWAY",
"DISCONNECT_BRIDGE"
],
"id": "WorkflowType",
"module_id": "OverlayAdoption",
"title": "Workflow type",
"type": "string"
}
Ws1bOidcEndpointCreateRequest (type)
{
"id": "Ws1bOidcEndpointCreateRequest",
"module_id": "CertificateManager",
"properties": {
"api_token": {
"description": "A JWT token with sufficient privileges to create an OAuth app on VC/WS1B.",
"required": true,
"sensitive": true,
"title": "API token for VC/WS1B",
"type": "secure_string"
},
"certificate_chain": {
"description": "The public certificate chain for the VC/WS1B, in PEM format.",
"required": true,
"title": "The certificate chain for VC/WS1B",
"type": "string"
},
"nsx_fqdn": {
"description": "The fully qualified domain name of the NSX Manager. This is used when redirecting UI users after authenticating.",
"required": true,
"title": "FQDN of NSX Manager",
"type": "string"
},
"oidc_uri": {
"description": "The OIDC discovery endpoint URL. Information such as the expected issuer and signing keys will be retrieved from this URL.",
"required": true,
"title": "The VC/WS1B OIDC discovery endpoint URL",
"type": "string"
}
},
"type": "object"
}
Ws1bOidcEndpointRemovalRequest (type)
{
"id": "Ws1bOidcEndpointRemovalRequest",
"module_id": "CertificateManager",
"properties": {
"api_token": {
"description": "A JWT token with sufficient privileges to delete an OAuth app on VC/WS1B.",
"required": true,
"sensitive": true,
"title": "API token for VC/WS1B",
"type": "secure_string"
},
"force": {
"default": false,
"description": "By default, if cleanup of the OAuth app on VC/WS1B fails, the operation halts and the OIDC configuration for VC/WS1B on NSX is left in place. If true is passed for the force property, then the NSX OIDC configuration is removed regardless of whether the OAuth app was was successfully removed from VC/WS1B.",
"title": "Force removal of NSX OIDC config",
"type": "boolean"
}
},
"type": "object"
}
Ws1bOidcEndpointRemovalResponse (type)
{
"id": "Ws1bOidcEndpointRemovalResponse",
"module_id": "CertificateManager",
"properties": {
"oauth_client_removal_succeeded": {
"description": "True if the OAuth client on WS1B was successfully removed.",
"readonly": true,
"title": "Result of OAuth client cleanup",
"type": "boolean"
}
},
"type": "object"
}
X509Certificate (type)
{
"additionalProperties": false,
"id": "X509Certificate",
"module_id": "CertificateManager",
"properties": {
"dsa_public_key_g": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, base.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_p": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, prime.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_q": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, sub-prime.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_y": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters.",
"readonly": true,
"required": false,
"type": "string"
},
"ecdsa_curve_name": {
"description": "The Curve name for the ECDSA certificate.",
"readonly": true,
"required": false,
"title": "ECDSA Curve Name",
"type": "string"
},
"ecdsa_ec_field": {
"description": "Represents an elliptic curve (EC) finite field in ECDSA.",
"enum": [
"F2M",
"FP"
],
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Finite Field",
"type": "string"
},
"ecdsa_ec_field_f2mks": {
"description": "The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA.",
"items": {
"type": "integer"
},
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MKS",
"type": "array"
},
"ecdsa_ec_field_f2mm": {
"description": "The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MM",
"type": "integer"
},
"ecdsa_ec_field_f2mrp": {
"description": "The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MRP",
"type": "string"
},
"ecdsa_ec_field_f2pp": {
"description": "The specified prime for the elliptic curve prime finite field in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2PP",
"type": "string"
},
"ecdsa_pub": {
"description": "The public key information in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Public key information",
"type": "string"
},
"ecdsa_public_key_a": {
"description": "The first coefficient of this elliptic curve in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key A",
"type": "string"
},
"ecdsa_public_key_b": {
"description": "The second coefficient of this elliptic curve in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key B",
"type": "string"
},
"ecdsa_public_key_cofactor": {
"description": "The co-factor in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Cofactor",
"type": "integer"
},
"ecdsa_public_key_generator_x": {
"description": "X co-ordinate of G (the generator which is also known as the base point) in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key X",
"type": "string"
},
"ecdsa_public_key_generator_y": {
"description": "Y co-ordinate of G (the generator which is also known as the base point) in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Y",
"type": "string"
},
"ecdsa_public_key_order": {
"description": "The order of generator G in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Order",
"type": "string"
},
"ecdsa_public_key_seed": {
"description": "The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Seed",
"type": "array"
},
"is_ca": {
"description": "True if this is a CA certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"is_valid": {
"description": "True if this certificate is valid.",
"readonly": true,
"required": true,
"type": "boolean"
},
"issuer": {
"description": "The certificate issuers complete distinguished name.",
"readonly": true,
"required": true,
"type": "string"
},
"issuer_cn": {
"description": "The certificate issuer's common name.",
"readonly": true,
"required": false,
"type": "string"
},
"not_after": {
"$ref": "EpochMsTimestamp,
"description": "The time in epoch milliseconds at which the certificate becomes invalid.",
"readonly": true,
"required": true
},
"not_before": {
"$ref": "EpochMsTimestamp,
"description": "The time in epoch milliseconds at which the certificate becomes valid.",
"readonly": true,
"required": true
},
"parsed_pem_encoding": {
"description": "This is the PEM encoding after parsing out any extraneous characters, ensuring any library will accept it.",
"readonly": true,
"required": false,
"title": "PEM encoding after parsing the PEM.",
"type": "string"
},
"public_key_algo": {
"description": "Cryptographic algorithm used by the public key for data encryption.",
"readonly": true,
"required": true,
"title": "Public Key Algorithm",
"type": "string"
},
"public_key_length": {
"description": "Size measured in bits of the public/private keys used in a cryptographic algorithm.",
"readonly": true,
"required": false,
"type": "integer"
},
"rsa_public_key_exponent": {
"description": "An RSA public key is made up of the modulus and the public exponent. Exponent is a power number.",
"readonly": true,
"required": false,
"type": "string"
},
"rsa_public_key_modulus": {
"description": "An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number.",
"readonly": true,
"required": false,
"type": "string"
},
"serial_number": {
"description": "Certificate's serial number.",
"readonly": true,
"required": true,
"type": "string"
},
"sha_256_thumbprint": {
"description": "The SHA256 thumbprint of the certificate, in hexadecimal notation.",
"readonly": true,
"title": "SHA256 thumbprint, in hex",
"type": "string"
},
"signature": {
"description": "The signature value(the raw signature bits) used for signing and validate the cert.",
"readonly": true,
"required": true,
"type": "string"
},
"signature_algorithm": {
"description": "The algorithm used by the Certificate Authority to sign the certificate.",
"readonly": true,
"required": true,
"type": "string"
},
"subject": {
"description": "The certificate owners complete distinguished name.",
"readonly": true,
"required": true,
"type": "string"
},
"subject_alt_names": {
"$ref": "SubjectAltNames,
"description": "A list of Subject Alternative Names of the certificate",
"readonly": true,
"required": false,
"title": "Subject Alternative Names"
},
"subject_cn": {
"description": "The certificate owner's common name.",
"readonly": true,
"required": false,
"type": "string"
},
"version": {
"description": "Certificate version (default v1).",
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
X509Crl (type)
{
"additionalProperties": false,
"id": "X509Crl",
"module_id": "CertificateManager",
"properties": {
"crl_entries": {
"description": "List of X509CrlEntry.",
"items": {
"$ref": "X509CrlEntry
},
"readonly": true,
"required": false,
"type": "array"
},
"issuer": {
"description": "Issuer's distinguished name. (DN)",
"readonly": true,
"required": false,
"type": "string"
},
"next_update": {
"description": "Next update time for the CRL.",
"readonly": true,
"required": false,
"type": "string"
},
"version": {
"description": "CRL's version number either 1 or 2.",
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "A CRL is a time-stamped list identifying revoked certificates.",
"type": "object"
}
X509CrlEntry (type)
{
"additionalProperties": false,
"id": "X509CrlEntry",
"module_id": "CertificateManager",
"properties": {
"revocation_date": {
"description": "Revocation date.",
"readonly": true,
"required": false,
"type": "string"
},
"serial_number": {
"description": "The revoked certificate's serial number.",
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "Each revoked certificate is identified in a CRL by its certificate serial number.",
"type": "object"
}
XForwardedForType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"INSERT",
"REPLACE"
],
"id": "XForwardedForType",
"module_id": "LoadBalancer",
"title": "x-forwarded-for type",
"type": "string"
}