NSX-T Data Center API Guide

NSX-T Data Center 2.4.0

Table of Contents

  1. Overview
  2. API Methods
    1. Users and Roles
    2. Aggregation Service
      1. Configuration
    3. Api Services
      1. Api Request Batching
      2. Authentication
      3. Task Management
    4. App Discovery
    5. Associations
    6. Capacitydashboard
    7. Cloud Service Manager
      1. Accounts Statistics
      2. Aws Accounts
      3. Aws Gateway Amis
      4. Aws Gateways
      5. Aws Key Pairs
      6. Aws Regions
      7. Aws Resources
      8. Aws Vpcs
      9. Azure Accounts
      10. Azure Gateways
      11. Azure Ip Allocations
      12. Azure Regions
      13. Azure Resources
      14. Azure Vnets
      15. Cloud Service Manager
      16. Nsx Manager Accounts
      17. Proxy Server Profile
      18. Virtual Machines
      19. Vpn
    8. Cluster
      1. Nodes
        1. Deployments
    9. Configs
      1. Inventory
    10. Dashboard
    11. Directory Service
    12. Error Resolver
    13. Fabric
      1. Compute Collections
      2. Compute Managers
      3. Discovered Nodes
      4. Nodes
      5. Vifs
      6. Virtual Machines
    14. Global-Configs
    15. Grouping Objects
      1. Ip Sets
      2. Mac Sets
      3. Ns Groups
      4. Ns Profiles
      5. Ns Service Groups
      6. Ns Services
    16. Identity Firewall
      1. Configuration
      2. Monitoring
      3. Realization Data
    17. Licensing
    18. Logical Routing And Services
      1. Bfd Peers
      2. Dhcp Relay
      3. Dhcp Relay Profiles
      4. Logical Router Ports
      5. Logical Routers
      6. Nat
      7. Routing Bfd Configuration
      8. Routing Configuration
      9. Service Profiles
      10. Services
    19. Logical Switching
      1. Logical Switch Ports
      2. Logical Switches
      3. Switching Profiles
    20. Migration
      1. Feedback
      2. Group
      3. Migrationunits
      4. Nodes
      5. Plan
      6. Setup
      7. Stats
      8. Status
      9. User Inputs
    21. Network Transport
      1. Bridge Clusters
      2. Bridge Endpoint Profiles
      3. Bridge Endpoints
      4. Cluster Profiles
      5. Edge Clusters
      6. Hostswitch Profiles
      7. Transport Node Collections
      8. Transport Node Profiles
      9. Transport Nodes
      10. Transport Profiles
      11. Transport Zones
    22. Normalization
    23. Nsx Component Administration
      1. Appliance
      2. Appliance Management
      3. Backup Restore Management
        1. Backup
        2. Restore
      4. Cluster Management
      5. Nsx Administration
      6. Trust Management
        1. Certificate
        2. Crl
        3. Csr
    24. Nsx Notifications
    25. Operations
      1. Ipfix
      2. Lldp
    26. Policy
      1. Connectivity
        1. Dhcp
        2. Routing
          1. Bgp
          2. Community List
          3. Prefix List
          4. Route Map
          5. Static Routes
        3. Segments
          1. Ports
        4. Service Interfaces
        5. Tier-0
        6. Tier-0 Interfaces
        7. Tier-1
        8. Tier-1 Interfaces
      2. Constraints
      3. Dfw
        1. Context-Profile
      4. Discoveryprofilebinding
      5. Dns Forwarder
      6. Firewall
      7. Forwarding
      8. Gateway Firewall
      9. Gi
      10. Global Config
      11. Infra
        1. Deployment Zones
        2. Domain Deployment Maps
        3. Enforcement Points
          1. Edge Cluster
            1. Edge Node
          2. Transport Zone
        4. Site
        5. Tier-0 Deployment Maps
      12. Ipdiscoveryprofile
      13. Ipfixdfw
      14. Ipfixl2
      15. Labels
      16. Loadbalancer
        1. Runtime
      17. Macdiscoveryprofile
      18. Monitoring
      19. Nat
      20. Operations
      21. Pool Management
        1. Ip Pools
      22. Portmirroring
      23. Qos
      24. Realization
      25. Security Profiles
        1. Security Profile Binding
        2. Segment Security Profile
        3. Spoofguard Profile
      26. Si
      27. Statistics
        1. Dfw
        2. Gateway Firewall
        3. Group
      28. Template
      29. Tls
        1. Certificates
        2. Crls
      30. Vpn
        1. Ipsec
          1. Dpd Profiles
          2. Ike Profiles
          3. Local Endpoints
          4. Services
          5. Sessions
          6. Statistics
          7. Status
          8. Tunnel Profiles
        2. L2Vpn
          1. Services
          2. Sessions
          3. Statistics
          4. Status
    27. Policycompliance
    28. Pool Management
      1. Ip Blocks
      2. Ip Pools
      3. Mac Pools
      4. Vni Pools
      5. Vtep Label Pools
    29. Realization
    30. Service Config
    31. Services
      1. Dhcp
      2. Dns
      3. Firewall
      4. Loadbalancer
      5. Metadata Proxy
      6. Pbr
      7. Policy Based Routing
      8. Serviceinsertion
    32. Telemetryconfig
    33. Transport Entities
      1. Transport-Nodes
    34. Troubleshooting And Monitoring
      1. Heatmap
      2. Ipfix
      3. Packet Capture
      4. Portconnection
      5. Portmirroring
      6. System Logs
      7. Traceflow
    35. Unified Nsgroup Profile Management
      1. Profiles
    36. Upgrade
      1. Bundle
      2. Bundles
      3. Group
      4. History
      5. Nodes
      6. Plan
      7. Status
      8. Upgradeunits
    37. Vmc
    38. Vmtoolsinfo
    39. Vpn
      1. Ipsec
        1. Dpd Profiles
        2. Ike Profiles
        3. Local Endpoints
        4. Peer Endpoints
        5. Services
        6. Sessions
        7. Tunnel Profiles
      2. L2Vpn
        1. Services
        2. Sessions
      3. Statistics
        1. Ike Service
        2. Ike Sessions Status
        3. L2Vpn Remote Macs
        4. L2Vpn Session Statistics
        5. L2Vpn Session Status
        6. L2Vpn Sessions Summary
        7. Reset Sessions Statistics
        8. Sessions Statistics
        9. Sessions Summary
  3. API Types
  4. API Type Schemas
  5. API Errors
  6. Deprecated Types and Methods


Overview

Introduction

NSX-T Data Center provides a programmatic API to automate management activities. The API follows a resource-oriented Representational State Transfer (REST) architecture, using JSON object encoding. Clients interact with the API using RESTful web service calls over the HTTPS protocol.

Each API method is identified by a request method and URI. Method parameters are specified as key-value pairs appended to the URI. Unless otherwise noted, request and response bodies are encoded using JSON, and must conform to the JSON schema associated with each method. The content type of each request and reply is "application/json" unless otherwise specified. Each request that can be made is documented in the API Methods section. The associated request and response body schemas are documented in the API Schemas section.

Some APIs may be marked as deprecated. This indicates that the functionality provided by the API has been removed or replaced with a different API. The description of the API will indicate what API(s) to call instead.

Some APIs may be marked as experimental. This indicates that the API may be changed or removed without notice in a future NSX-T Data Center release.

It is possible for any request to fail. Errors are reported using standard HTTP response codes. It should be assumed the following errors could be returned by any API method: 301 Moved Permanently, 307 Temporary Redirect, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 500 Internal Server Error, 503 Service Unavailable. Where other errors may be returned, the type of error is indicated in the API method description. All errors are documented in the API Errors section.

Request Authentication

Most API calls require authentication. This API supports HTTP Basic authentication and session-based authentication schemes. Multiple authentication schemes may not be used concurrently.

HTTP Basic Authentication

To authenticate a request using HTTP Basic authentication, the caller's credentials are passed using the 'Authorization' header. The header content should consist of a base64-encoded string containing the username and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

For example, to authenticate a request using the credentials of user admin with password admin, include the following header with the request:

Authorization: Basic YWRtaW46YWRtaW4=

The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

curl -k -u USERNAME:PASSWORD https://MANAGER/api/v1/logical-ports

where:
USERNAME is the user to authenticate as,
PASSWORD is the password to provide, and
MANAGER is the IP address or host name of the NSX manager

For example:

curl -k -u admin:secretPw99 https://192.168.22.32/api/v1/logical-ports

Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate.

Authenticating to vIDM

When NSX-T is configured to use VMware Identity Manager (vIDM) for authentication, you supply an Authorization header with an authentication type of "Remote". Te header content should consist of a base64-encoded string containing the username@domain and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

For example, to authenticate a request using the credentials of user jsmith@example.com with password Sk2LkPM!, include the following header with the request:

Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h

The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

curl -k -H "Authorization: Remote BASE64" https://MANAGER/api/v1/logical-ports

where:
BASE64 is the base64-encoded string containing the username@domain and password separated by a single colon (":"), and
MANAGER is the IP address or host name of the NSX manager

For example:

curl -k H "Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h" https://192.168.22.32/api/v1/logical-ports

Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate.

Session-Based Authentication

Session-based authentication is used by calling the /api/session/create authentication API to manage a session cookie. The session cookie returned in the result of a successful login must be provided in subsequent requests in order to associate those requests with the session.

Session state is local to the server responding to the API request. Idle sessions will automatically time-out, or can be terminated immediately using the POST /api/session/destroy API.

To obtain a session cookie, POST form data to the server using the application/x-ww-form-urlencoded media type, with fields "j_username" and "j_password" containing the username and password separated by an ampersand. Since an ampersand is a UNIX shell metacharacter, you may need to surround the argument with single quotes.

The following cURL command will authenticate to the server, will deposit the session cookie in the file "cookies.txt", and will write all HTTP response headers to the file headers.txt. One of these headers is the X-XSRF-TOKEN header that you will need to provide in subsequent requests.

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=USERNAME&j_password=PASSWORD' https://MANAGER/api/session/create

For example:

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=admin&j_password=secretPw99' https://192.168.22.32/api/session/create

The manager will respond with the roles and permissions granted to the user, and cURL will deposit the session cookie into the file "cookies.txt".

In subsequent cURL requests, use the -b argument to specify the cookie file. You also need to pass the X-XSRF-TOKEN header that was saved to the headers.txt file, using cURL's -H option:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" https://192.168.22.32/api/v1/logical-ports

When the session expires, the manager will respond with a 403 Forbidden HTTP response, at which point you must obtain a new session cookie and X-XSRF-TOKEN.

Session cookies can be destroyed by using the /api/session/destroy API:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" -X POST https://MANAGER/api/session/destroy

Example Requests and Responses

Example requests and responses are provided for most of the API calls below. Your actual response might differ from the example in the number of fields returned because optional empty fields are not returned when you make an API call.

Restrictions on Certain Fields in a Request

When configuring layer 2 switching, the following fields can contain any character except semicolon (;), vertical bar (|), equal sign (=), comma (,), tilde (~), and the "at" sign (@). They also have a length limitation as specified below:

Optimistic Concurrency Control and the _revision property

Overview

In order to prevent one client from overwriting another client's updates, NSX-T employs a technique called optimistic concurrency control.

All REST payloads contain a property named "_revision". This is an integer that is incremented each time an existing resource is updated. Clients must provide this property in PUT requests and it must match the current _revision or the update will be rejected. This guards against the following situation:

Client 1 reads resource A.

Client 2 reads resource A.

Client 1 replaces the display_name property of resource A and does a PUT to replace the resource.

Client 2 replaces is different property of resource A and attempts to perform a PUT operation.

Without optimistic concurrency control, Client 2's update would overwrite Client 1's update to the display_name property. Instead, Client 2 receives a 409 Conflict error. To recover, Client 2 must fetch the resource again, apply the change, and perform a PUT.

Exceptions for /policy APIs

APIs whose URI begins with /policy have slightly different behavior. For those APIs, the _revision property must not be set when PUT is used to create a new resource. Once the resource is created, however, the _revision property must be provided with PUT operations.

PATCH and _revision for /policy APIs

APIs whose URI begins with /policy support the PATCH operation. Those APIs do not require that the _revision property be provided. A client can, however, request that the _revision property be checked when it is performing a PATCH in the /infra path. To do this, the client should pass the query parameter enforce_revision_check, e.g. PATCH /infra?enforce_revision_check=true.

OpenAPI Specification of NSX-T Data Center API

You can get an OpenAPI specification of the NSX-T Data Center API with one of the following calls:



API Methods

Toggle all tables +

Users and Roles

Associated URIs:

Get effective object permissions to object specified by path for current user. (Experimental)

Returns none if user doesn't have access or feature_name from required request parameter
is empty/invalid/doesn't match with object-path provided.
This API is only available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/aaa/effective-permissions
Request Headers:
n/a
Query Parameters:
FeaturePermissionRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/effective-permissions?object_path=infra/domains/mgw&feature_name=infra_admin Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PathPermissionGroup+

Example Response: { "operation": "crud", "object_path": "infra/domains/MGW" } Required Permissions: none Feature: policy_rbac Additional Errors:

Get list of Object-level RBAC entries. (Experimental)

This API is only available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
ObjectRolePermissionGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/object-permissions?path_prefix=infra/domains/MGW Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ObjectRolePermissionGroupListResult+

Example Response: { "result_count": 2, "results": [ { "role_name": "cloud_admin", "operation": "crud", "path_prefix": "infra/domains/MGW" }, { "role_name": "cloud_auditor", "operation": "none", "path_prefix": "infra/domains/MGW/CommunicationProfile1" } ] } Required Permissions: read Feature: policy_rbac Additional Errors:

Create/update object permission mappings (Experimental)

This API is only available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ObjectRolePermissionGroup+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/aaa/object-permissions { "role_name": "cloud_admin", "operation": "crud", "path_prefix": "infra/MGW" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_rbac Additional Errors:

Delete object-permissions entries (Experimental)

This API is only available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
ObjectRolePermissionGroupListRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/aaa/object-permissions?role_name=cloud_admin&path_prefix=infra/domains/MGW Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_rbac Additional Errors:

Create registration access token

The privileges of the registration token will be the same as the caller. Request:
Method:
POST
URI Path:
/api/v1/aaa/registration-token
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/aaa/registration-token Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles":[ "network_engineer" ] } Required Permissions: crud Feature: nodes_edges Additional Errors:

Get registration access token

Request:
Method:
GET
URI Path:
/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles": [ "network_engineer" ] } Required Permissions: read Feature: nodes_edges Additional Errors:

Delete registration access token

Request:
Method:
DELETE
URI Path:
/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: nodes_edges Additional Errors:

Get all users and groups with their roles

Request:
Method:
GET
URI Path:
/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
RoleBindingRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/role-bindings?page_size=1 GET https://<-mgr>/api/v1/aaa/role-bindings?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBindingListResult+

Example Response: { "sort_ascending": true, "sort_by": "id", "result_count": 2, "results": [ { "resource_type": "RoleBinding", "description": "", "id": "0395447b-480a-4091-9075-4070138e0cee", "display_name": "rt-group1", "tags": [], "roles": [ { "role": "auditor" } ], "name": "rt-group1", "type": "remote_group", "_create_user": "admin", "_create_time": 1493963048438, "_last_modified_user": "admin", "_last_modified_time": 1493963048438, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Assign roles to User or Group

When assigning a user role, specify the user name with the same
case as it appears in vIDM to access the NSX-T user interface.
For example, if vIDM has the user name User1@example.com then
the name attribute in the API call must be be User1@example.com
and cannot be user1@example.com.
Request:
Method:
POST
URI Path:
/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/role-bindings { "name": "local_admin@System Domain", "type": "remote_user", "roles":[ { "role": "auditor" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "auditor" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get user/group's role information

Request:
Method:
GET
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g GET https://<nsx-mgr>/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: users_role_assignments Additional Errors:

Delete user/group's roles assignment

Request:
Method:
DELETE
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: users_role_assignments Additional Errors:

Update User or Group's roles

Request:
Method:
PUT
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: PUT https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g { "name": "local_admin@System Domain", "type": "remote_user", "_revision": 0, "roles":[ { "role": "enterprise_admin" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Delete all stale role assignments

Request:
Method:
POST
URI Path:
/api/v1/aaa/role-bindings?action=delete_stale_bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/role-bindings?action=delete_stale_bindings Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get information about all roles

Request:
Method:
GET
URI Path:
/api/v1/aaa/roles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/roles GET https://<nsx-mgr>/api/v1/aaa/roles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleListResult+

Example Response: { "results": [ { "role": "enterprise_admin" }, { "role": "security_op" }, { "role": "auditor" }, { "role": "security_engineer" }, { "role": "network_op" }, { "role": "network_engineer" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get role information

Request:
Method:
GET
URI Path:
/api/v1/aaa/roles/<role>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/roles/auditor GET https://<nsx-mgr>/api/v1/aaa/roles/auditor Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleWithFeatures+

Example Response: { "role": "auditor", "features": [ { "feature": "groups_ip_sets", "permission": "read" }, { "feature": "groups_mac_sets", "permission": "read" }, { "feature": "groups_ip_pools", "permission": "read" }, { "feature": "groups", "permission": "read" }, { "feature": "services", "permission": "read" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get information about logged-in user. The permissions parameter of the NsxRole has been deprecated.

Request:
Method:
GET
URI Path:
/api/v1/aaa/user-info
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/user-info GET https://<nsx-mgr>/api/v1/aaa/user-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UserInfo+

Example Response: { "user_name": "admin", "roles": [ { "role": "enterprise_admin" } ] } Required Permissions: none Feature: users_configuration Additional Errors:

Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/api/v1/aaa/vidm/groups
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/vidm/groups?search_string=clay_group GET https://<nsx-mgr>/api/v1/aaa/vidm/groups?search_string=clay_group Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "clay_group_EA@testad2.local", "type": "remote_group", "display_name": "clay_group_EA@testad2.local" }, { "name": "clay_group_SE@testad2.local", "type": "remote_group", "display_name": "clay_group_SE@testad2.local" }, { "name": "clay_group_AU@testad2.local", "type": "remote_group", "display_name": "clay_group_AU@testad2.local" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API.

Request:
Method:
POST
URI Path:
/api/v1/aaa/vidm/search
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/vidm/search?search_string=John POST https://<nsx-mgr>/api/v1/aaa/vidm/search?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "Johnd@testad2.local", "type": "remote_user", "display_name": "John Roe" }, { "name": "Johns_group@testad2.local", "type": "remote_group", "display_name": "John's Group" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/api/v1/aaa/vidm/users
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/vidm/users?search_string=John GET https://<nsx-mgr>/api/v1/aaa/vidm/users?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 2, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "John_roe@testad2.local", "type": "remote_user", "display_name": "John Roe" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Aggregation Service

Aggregation Service: Configuration

Associated URIs:

List all health performance monitoring feature stacks

Request:
Method:
GET
URI Path:
/api/v1/hpm/features
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/features Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfigurationList+

Example Response: { "results": [ { "feature_stack_name": "HostNodeStatusVertical" "client_type_collection_configurations": [ { "client_type": "CONTROL_PLANE" "collection_type_configurations": [ { "collection_type": "STATUS" "collection_frequency": 60 }, { "collection_type": "STATISTICS" "collection_frequency": 300 } }, { "client_type": "MANAGEMENT_PLANE" "collection_type_configurations": [ { "collection_type": "STATUS" "collection_frequency": 60 }, { "collection_type": "STATISTICS" "collection_frequency": 300 } } ] } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read health performance monitoring configuration for feature stack

Returns the complete set of client type data collection
configuration records for the specified feature stack.
Request:
Method:
GET
URI Path:
/api/v1/hpm/features/<feature-stack-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/features/HostNodeStatusVertical Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type" : "FeatureStackCollectionConfiguration", "id" : "78c2b5d5-a591-4bfc-ba9b-c2a9ed63091b", "display_name" : "HostNodeStatusVertical", "feature_stack_name" : "HostNodeStatusVertical", "client_type_collection_configurations" : [ { "client_type" : "HYPERVISOR", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 60, "data_type" : "STATUS" } ] }, { "client_type" : "MANAGEMENT_PLANE", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] }, { "client_type" : "MANAGEMENT_PLANE_PLATFORM", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] }, { "client_type" : "EDGE", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 60, "data_type" : "STATUS" } ] }, { "client_type" : "CONTROL_PLANE_PLATFORM", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] } ], "_revision" : 1 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Update health performance monitoring configuration for feature stack

Apply the data collection configuration for the specified
feature stack.
Request:
Method:
PUT
URI Path:
/api/v1/hpm/features/<feature-stack-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FeatureStackCollectionConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/hpm/features/FabricStats { "resource_type": "FeatureStackCollectionConfiguration", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 120, "data_type": "STATUS" } ] } ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type": "FeatureStackCollectionConfiguration", "id": "01b0e1fe-a8c9-4a76-af6a-d59890141145", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 120, "data_type": "STATUS" } ] } ], "_revision": 2 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Reset the data collection frequency configuration setting to the default values

Request:
Method:
POST
URI Path:
/api/v1/hpm/features/<feature-stack-name>?action=reset_collection_frequency
Request Headers:
n/a
Query Parameters:
AggregationServiceActionRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/hpm/features/FabricStats?action=reset_collection_frequency Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type": "FeatureStackCollectionConfiguration", "id": "1d8b2673-dbba-4368-a1fd-c97edbb04c7d", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 60, "data_type": "STATUS" } ] } ], "_revision": 1 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Set the global configuration for aggregation service related data collection

Request:
Method:
PUT
URI Path:
/api/v1/hpm/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GlobalCollectionConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/hpm/global-config { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 400, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalCollectionConfiguration+

Example Response: { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 400, "_last_modified_time": 1458245693232, "_create_time": 1457468839463, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "system", "_revision": 2 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Read global health performance monitoring configuration

Request:
Method:
GET
URI Path:
/api/v1/hpm/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/global-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalCollectionConfiguration+

Example Response: { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 300, "_last_modified_time": 1457468839463, "_create_time": 1457468839463, "_last_modified_user": "system", "_system_owned": false, "_create_user": "system", "_revision": 1 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Api Services

Api Services: Api Request Batching

Associated URIs:

Register a Collection of API Calls at a Single End Point

Enables you to make multiple API requests using a single request. The batch
API takes in an array of logical HTTP requests represented as JSON arrays.
Each request has a method (GET, PUT, POST, or DELETE), a relative_url (the
portion of the URL after https://<nsx-mgr>/api/), optional headers
array (corresponding to HTTP headers) and an optional body (for POST and PUT
requests). The batch API returns an array of logical HTTP responses
represented as JSON arrays. Each response has a status code, an optional
headers array and an optional body (which is a JSON-encoded string).
Request:
Method:
POST
URI Path:
/api/v1/batch
Request Headers:
n/a
Query Parameters:
BatchParameter+
Request Body:
BatchRequest+

Example Request: POST https://<nsx-mgr>/api/v1/batch { "requests":[ { "method":"POST", "uri":"/v1/switching-profiles", "body": { "resource_type": "SpoofGuardSwitchingProfile", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": ["LSWITCH_BINDINGS"] } }, { "method":"GET", "uri":"/v1/switching-profiles" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BatchResponse+

Example Response: { "results": [ { "body": { "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "code": 201, "body": { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } }, { "code": 200, "body": { "cursor": "00361b53de57-0313-4f3d-b494-635c58b1d986spoof-guard-lswitch-bindings", "result_count": 4, "results": [ { "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "resource_type": "QosSwitchingProfile", "description": "", "id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "display_name": "TT", "tags": [], "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": false, "burst_size_bytes": 0, "peak_bandwidth_kbps": 0, "average_bandwidth_kbps": 0 }, { "resource_type": "EgressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 } ], "class_of_service": 2, "_last_modified_time": 1457999948761, "_create_time": 1457999948761, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_last_modified_user": "admin" }, "code": 201 }, { "body": { "result_count": 9, "results": [ { "resource_type": "IpfixSwitchingProfile", "_revision": 0, "id": "cb317635-939b-430a-ae50-005fc4c6ac14", "display_name": "nsx-default-ipfix-global-profile", "enabled": false, "_last_modified_time": 1413324646801, "_create_time": 1413324646801, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "system_defined": false, "dscp": { "priority": 1, "mode": "UNTRUSTED" }, "burst_size": 20, "class_of_service": 1, "peak_bandwidth": 400, "average_bandwidth": 200, "_last_modified_time": 1413349096169, "_create_time": 1413349096169, "_create_user": "admin", "_last_modified_user": "admin" }, { "resource_type": "IpDiscoverySwitchingProfile", "_revision": 0, "id": "64814784-7896-3901-9741-badeff705639", "display_name": "nsx-default-ip-discovery-overlay-profile", "system_defined": true, "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "_last_modified_time": 1413324646789, "_create_time": 1413324646789, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "IpDiscoverySwitchingProfile", "_revision": 0, "id": "64814874-6987-1093-1479-badeff705639", "display_name": "nsx-default-ip-discovery-vlan-profile", "system_defined": true, "arp_snooping_enabled": false, "dhcp_snooping_enabled": false, "_last_modified_time": 1413324646800, "_create_time": 1413324646800, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "_revision": 0, "id": "f313290b-eba8-4262-bd93-fab5026e9495", "display_name": "nsx-default-qos-switching-profile", "system_defined": true, "dscp": { "priority": 0, "mode": "TRUSTED" }, "burst_size": 0, "class_of_service": 0, "peak_bandwidth": 0, "average_bandwidth": 0, "_last_modified_time": 1413324646729, "_create_time": 1413324646729, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "PortMirroringSwitchingProfile", "_revision": 1, "id": "93b4b7e8-f116-415d-a50c-3364611b5d09", "display_name": "nsx-default-port-mirroring-profile", "system_defined": false, "direction": "INGRESS", "_last_modified_time": 1413345541673, "_create_time": 1413324646767, "_create_user": "system", "_last_modified_user": "admin" } ] }, "code": 200 "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "ff45644f-9dda-4970-b1e3-30ac11ff0582", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754361177, "_create_time": 1458754361177, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "1b53de57-0313-4f3d-b494-635c58b1d986", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754382102, "_create_time": 1458754382102, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } } Required Permissions: none Feature: no_rbac Additional Errors:

Api Services: Authentication

Associated URIs:

Update node authentication policy configuration

Update the currently configured authentication policy on the node.
If any of api_max_auth_failures, api_failed_auth_reset_period, or
api_failed_auth_lockout_period are modified, the http service is
automatically restarted.
Request:
Method:
PUT
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AuthenticationPolicyProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/aaa/auth-policy { "minimum_password_length": 12 } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "minimum_password_length": 12 } Required Permissions: crud Feature: system_administration Additional Errors:

Read node authentication policy configuration

Returns information about the currently configured authentication
policies on the node.
Request:
Method:
GET
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/auth-policy Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "_schema": "AuthenticationPolicyProperties", "_self": { "href": "/node/aaa/auth-policy", "rel": "self" }, "api_failed_auth_lockout_period": 900, "api_failed_auth_reset_period": 900, "api_max_auth_failures": 5, "cli_failed_auth_lockout_period": 900, "cli_max_auth_failures": 5, "minimum_password_length": 8 } Required Permissions: read Feature: system_administration Additional Errors:

Api Services: Task Management

Associated URIs:

Get information about all tasks

Request:
Method:
GET
URI Path:
/api/v1/tasks
Request Headers:
n/a
Query Parameters:
TaskQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TaskListResult+

Example Response: { "result_count" : 1, "results" : [ { "start_time" : 1478646470253, "async_response_available" : true, "cancelable" : false, "end_time" : 1478646470344, "progress" : 100, "id" : "59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330", "user" : "admin", "status" : "SUCCESS" } ] } Required Permissions: read Feature: utilities_tasks Additional Errors:

Get information about the specified task

Request:
Method:
GET
URI Path:
/api/v1/tasks/<task-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks/ab265781-c826-4da7-9487-48a5c713a481 Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
TaskProperties+

Example Response: { "progress" : 100, "id" : "ab265781-c826-4da7-9487-48a5c713a481", "end_time" : 1416959364977, "status" : "success", "async_response_available" : false, "cancelable" : false, "start_time" : 1416959362874 } Required Permissions: read Feature: utilities_tasks Additional Errors:

Get the response of a task

Request:
Method:
GET
URI Path:
/api/v1/tasks/<task-id>/response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330/response Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
object

Example Response: { "cursor" : "", "sort_ascending" : true, "sort_by" : "displayName", "result_count" : 0, "results" : [ ] } Required Permissions: read Feature: utilities_tasks Additional Errors:

App Discovery

Associated URIs:

Returns list of app profile IDs created

Returns list of app profile IDs created
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/app-profiles
Request Headers:
n/a
Query Parameters:
AppProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/app-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfileListResult+

Example Response: { "result_count": 2, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false }, { "id": "p2926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "db_tier", "app_profile_category": "database server", "app_profile_criteria": [ "Postgresql" ], "default_app_profile": false } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Adds a new app profile

Adds a new app profile
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/app-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AppProfile+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/app-profiles { "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ] } Required Permissions: crud Feature: app_discovery Additional Errors:

Returns detail of the app profile

Returns detail of the app profile
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false } Required Permissions: read Feature: app_discovery Additional Errors:

Update AppProfile

Update AppProfile
Request:
Method:
PUT
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AppProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Required Permissions: crud Feature: app_discovery Additional Errors:

Delete App Profile

Deletes the specified AppProfile.
Request:
Method:
DELETE
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
AppProfileDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: app_discovery Additional Errors:

Returns the list of the application discovery sessions available

Returns the list of the application discovery sessions available
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions
Request Headers:
n/a
Query Parameters:
AppDiscoverySessionsParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionsListResult+

Example Response: { "result_count": 1, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Starts the discovery of application discovery session

Starts the discovery of application discovery session
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StartAppDiscoverySessionParameters+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/sessions { "ns_group_ids": ["ns_group_id_1", "ns_group_id_2"], "app_profile_ids": ["app_profile_id_1", "app_profile_id_1"] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySession+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "STARTING", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } Required Permissions: crud Feature: app_discovery Additional Errors:

Cancel and delete the application discovery session

Cancel and delete the application discovery session
Request:
Method:
DELETE
URI Path:
/api/v1/app-discovery/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: app_discovery Additional Errors:

Returns the status of the application discovery session and other details

Returns the status of the application discovery session and other details
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySession+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } Required Permissions: read Feature: app_discovery Additional Errors:

application profiles in this application discovery session

Returns the application profiles that was part of the application discovery session |
while it was started.
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/app-profiles
Request Headers:
n/a
Query Parameters:
AppProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/app-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfileListResult+

Example Response: { "result_count": 2, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false }, { "id": "p2926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "db_tier", "app_profile_category": "database server", "app_profile_criteria": [ "Postgresql" ], "default_app_profile": false } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Returns the details of the installed apps for the app profile ID in that session

Returns the details of the installed apps for the app profile ID in that session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/installed-apps
Request Headers:
n/a
Query Parameters:
InstalledAppsParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/installed-apps?app_profile_id=app-profile-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppInfoListResult+

Example Response: { "sort_ascending": true, "sort_by":"name", "result_count": 2, "results": [ { "name": "Chrome", "manufacturer": "Google", "version": "1.0.1", "os_type": "WINDOWS" }, { "name": "MS Word", "manufacturer": "Microsoft", "version": "1.0.1", "os_type": "LINUX" } ] } Required Permissions: read Feature: app_discovery Additional Errors:

ns-groups in this application discovery session

Returns the ns groups that was part of the application discovery session |
while it was started
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/ns-groups
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/ns-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroupMetaInfoListResult+

Example Response: { "result_count": 1, "results": [ { "ns_group_id" : "ns_group_1", "no_of_vms" : 35 } ] } Required Permissions: read Feature: app_discovery Additional Errors:

vms in the ns-group of the application discovery session

Returns the vms in the ns-group of the application discovery session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/ns-groups/<ns-group-id>/members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/ns-groups/ac926c72-daf2-4bb5-ac07-9ab70afded68/members Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoveryVmInfoListResult+

Example Response: { "result_count": 1, "results": [ { "vm_name" : "vm_name1", "vm_external_id" : "36926c72-daf2-4bb5-ac07-9ab70afded67", "os_type": "WINDOWS", "os_properties": ["key1, value1", "key2, value2"] } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Re-classify a completed application discovery session.

Re-classify completed application discovery session against input
AppProfiles. If no AppProfiles are specified then we use the previous
AppProfiles of that session.
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions/<session-id>/re-classify
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionReclassificationParameter+

Example Request: PUT https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/re-classify { "app_profile_ids": ["app_profile_id_1", "app_profile_id_2"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionResultSummary+

Example Response: { "id": "8ee9a038-f33e-4d5a-b630-0e492d20db04", "status": "FINISHED", "app_profile_summary_list": [ { "display_name": "Apps", "app_profile_id": "app_profile_id_1", "installed_apps_count": 12 }, { "display_name": "Web tier apps", "app_profile_id": "app_profile_id_2", "installed_apps_count": 1 } ] } Required Permissions: crud Feature: app_discovery Additional Errors:

Export app discovery results in CSV format

Returns app discovery results in CSV format, each row contains discovered app information
and the id of the vms this app is discovered from for a given set of vms
(or for all vms belong to this session when no vm id is passed in)
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions/<session-id>/report/app-info-and-vm?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReportAppResultsForVmsRequestParameters+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/report/app-info-and-vm?format=csv { "vm_ids": ["ac926c72-daf2-4bb5-ac07-9ab70afded67", "ac926c72-daf2-4bb5-ac07-9ab70afded68"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
AppInfoHostVmListInCsvFormat+

Example Response: id, display_name, name, version, manufacturer, os_type, host_vms 56b-496-13d-6091, Java 7 Update 17 (64-bit), 7.0.170, Oracle, WINDOWS, ac926c72-daf2-4bb5-ac07-9ab70afded67|ac926c72-daf2-4bb5-ac07-9ab70afded68 Required Permissions: read Feature: app_discovery Additional Errors:

Export app profiles in CSV format for a given sessiom

Returns app profiles information for a given session in CSV format
Each row will contain detailed info of an app profile, and the id of
apps which is member of this app profile in this session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/report/app-profile-and-app-info?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/report/app-profile-and-app?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
AppProfileMemberAppsListInCsvFormat+

Example Response: display_name, description, app_profile_category, app_profile_criteria, member_apps Web Server, , Server, Apache HTTP|IIS|SharePoint|Nginx|, 5893-11j6-2345|4384-sf6g-3dg6| Required Permissions: read Feature: app_discovery Additional Errors:

Returns the summary of the application discovery session

Returns the summary of the application discovery session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionResultSummary+

Example Response: { "id": "8ee9a038-f33e-4d5a-b630-0e492d20db04", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699, "app_profile_summary_list": [ { "display_name": "Apps", "app_profile_id": "1dd3b941-e384-4ed5-88c9-0289ea3a6b41", "installed_apps_count": 12 }, { "display_name": "Web tier apps", "app_profile_id": "476da1be-f74a-49f7-96ab-9809e3c5f96a", "installed_apps_count": 1 }, { "display_name": "Miscellaneous applications", "app_profile_id": "181eb68e-811c-4dd3-8260-ed72f923084b", "installed_apps_count": 26 } ], "app_profiles": [ { "app_profile_id" : "1dd3b941-e384-4ed5-88c9-0289ea3a6b41", "app_profile_name" : "Apps", "app_profile_category" : "Server" }, { "app_profile_id" : "476da1be-f74a-49f7-96ab-9809e3c5f96a", "app_profile_name" : "Web tier apps", "app_profile_category" : "Server" }, { "app_profile_id" : "181eb68e-811c-4dd3-8260-ed72f923084b", "app_profile_name" : "Miscellaneous applications", "app_profile_category" : "Client" } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Associations

Associated URIs:

Get ResourceReference objects to which the given resource belongs to

Returns information about resources that are associated with the given
resource. Id and type of the resource for which associated resources are
to be fetched are to be specified as query parameter in the URI. Resource
type of the associated resources must be specified as query
parameter.
Request:
Method:
GET
URI Path:
/api/v1/associations
Request Headers:
n/a
Query Parameters:
AssociationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/associations?resource_id= bf250578-c0a5-4ca0-b237-0375966d23ce&resource_type=MACSet&associated_resource_type=NSGroup Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AssociationListResult+

Example Response: { "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "target_type": "NSGroup", "target_display_name": "testNSGroup", "target_id": "4f3ba7e3-4876-45ef-882a-34bdcb1a1ac8" } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Capacitydashboard

Associated URIs:

Updates the warning threshold(s) for NSX Objects.

Updates the warning threshold(s) for NSX Objects specified, and returns
new threshold(s).
Request:
Method:
PUT
URI Path:
/api/v1/capacity/threshold
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CapacityThresholdList+

Example Request: PUT https://<nsx-mgr>/api/v1/capacity/threshold { "capacity_thresholds" : [ { "max_threshold_percentage" : 85.0, "threshold_type" : "NUMBER_OF_L2_DFW_SECTIONS", "min_threshold_percentage" : 55.0 }, { "max_threshold_percentage" : 75.0, "threshold_type" : "NUMBER_OF_L2_DFW_RULES", "min_threshold_percentage" : 40.0 }, { "max_threshold_percentage" : 70.0, "threshold_type" : "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage" : 60.0 }, { "max_threshold_percentage" : 88.0, "threshold_type" : "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage" : 55.0 }] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityThresholdList+

Example Response: { "capacity_thresholds" : [ { "max_threshold_percentage" : 85.0, "threshold_type" : "NUMBER_OF_L2_DFW_SECTIONS", "min_threshold_percentage" : 55.0 }, { "max_threshold_percentage" : 75.0, "threshold_type" : "NUMBER_OF_L2_DFW_RULES", "min_threshold_percentage" : 40.0 }, { "max_threshold_percentage" : 70.0, "threshold_type" : "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage" : 60.0 }, { "max_threshold_percentage" : 88.0, "threshold_type" : "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage" : 55.0 }] } Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Returns warning threshold(s) set for NSX Objects.

Returns warning threshold(s) set for NSX Objects. Request:
Method:
GET
URI Path:
/api/v1/capacity/threshold
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/capacity/threshold Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityThresholdList+

Example Response: { "capacity_thresholds" : [ { "max_threshold_percentage" : 80.0, "threshold_type" : "NUMBER_OF_L2_DFW_SECTIONS", "min_threshold_percentage" : 50.0 }, { "max_threshold_percentage" : 80.0, "threshold_type" : "NUMBER_OF_L2_DFW_RULES", "min_threshold_percentage" : 50.0 }, { "max_threshold_percentage" : 80.0, "threshold_type" : "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage" : 50.0 }, { "max_threshold_percentage" : 80.0, "threshold_type" : "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage" : 50.0 }] } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Returns capacity usage data for NSX objects (Experimental)

Request:
Method:
GET
URI Path:
/api/v1/capacity/usage
Request Headers:
n/a
Query Parameters:
ForceParameter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/capacity/usage Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityUsageResponse+

Example Response: { "meta_info" : { "min_global_threshold_percentage" : 50, "last_updated_timestamp" : 1530218225873, "max_global_threshold_percentage" : 80 }, "capacity_usage" : [ { "display_name" : "Number of Managers", "severity" : "INFO", "max_threshold_percentage" : 80.0, "usage_type" : "NUMBER_OF_MANAGERS", "max_supported_count" : 3, "min_threshold_percentage" : 50.0, "current_usage_count" : 1, "current_usage_percentage" : 33.33 }, { "display_name" : "Number of Controllers", "severity" : "CRITICAL", "max_threshold_percentage" : 80.0, "usage_type" : "NUMBER_OF_CONTROLLERS", "max_supported_count" : 3, "min_threshold_percentage" : 50.0, "current_usage_count" : 3, "current_usage_percentage" : 100.0 } ] } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Cloud Service Manager

Cloud Service Manager: Accounts Statistics

Associated URIs:

Returns statistics for all Accounts

Returns statistics aggregated over all accounts managed by CSM.
Request:
Method:
GET
URI Path:
/api/v1/csm/accounts/statistics
Request Headers:
n/a
Query Parameters:
AllAccountsStatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/accounts/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllAccountsStatisticsListResult+

Example Response: { "results": [ { "resource_type": "AWS", "accounts_count": 3, "accounts_status": { "sync_in_progress": 1 }, "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4 }, { "resource_type": "AZURE", "accounts_count": 2, "accounts_status": { "sync_in_progress": 1 }, "instance_stats": { "managed": 42, "unmanaged": 25, "error": 3 }, "vnet_stats": { "managed": 2, "unmanaged": 1 }, "regions_count": 5 } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Aws Accounts

Associated URIs:

Add a AWS account to cloud serivce manager

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts { "display_name": "Account ABC", "cloud_type": "AWS", "cloud_tags_enabled" : true, "tenant_id": "123", "auth_method": "CREDENTIALS", "credentials": { "access_key": "A1B1C1", "secret_key": "a2b2c2", "gateway_role": "test-role" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 }, "vpc_stats": { "managed": 0, "unmanged": 0 }, "regions_count": 0, "status": { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_REGIONS" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return a list of all AWS accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
AwsAccountsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts?region_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountsListResult+

Example Response: { "all_accounts_vpc_stats": { "managed": 2, "unmanaged": 4 }, "all_accounts_instance_stats": { "managed": 12, "unmanaged": 22, "error": 1 } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Returns the details of the particular AWS account

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Update a AWS account information

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 { "display_name": "New Name", "cloud_type": "AWS" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "New Name", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Delete AWS account information

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/accounts/ DELETE https://<nsx-csm>/api/v1/csm/aws/accounts/?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return status of the account like credentials validity, inventory synchronization status and inventory synchronization state

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountStatus+

Example Response: { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_VPCS", "credentials_status": "VALID" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Aws account related inventory like Regions, Vpcs, Instances Status of inventory synchronization can be known from Aws account status api

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Aws Gateway Amis

Associated URIs:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Registers a AWS Gateway AMI for the region specified in the body. One can register only one gateway AMI ID per region. If a gateway AMI is already registered with a region, user is expected to use update API to overwrite the registerd AMI for a region. (Deprecated)

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateway-amis { "region_id": "us-west-2", "ami_id": "ami-123" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Returns a list of Aws Gateway Amis. (Deprecated)

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
AwsGatewayAmisListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmisListResult+

Example Response: { "results": [ { "region_id": "us-west-1", "ami_id": "ami-789", "_protection": "NOT_PROTECTED", "_revision": 0 }, { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Returns AWS Gateway AMI for a particular region. (Deprecated)

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Update a AWS Gateway AMI. (Deprecated)

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 { "region_id": "us-west-2", "ami_id": "ami-456", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Delete a AWS Gateway AMI. (Deprecated)

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ami_region_mapping Additional Errors:

Cloud Service Manager: Aws Gateways

Associated URIs:

Returns configuration information for all gateways

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways
Request Headers:
n/a
Query Parameters:
AwsGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewaysListResult+

Example Response: { "results": [ { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP" }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" }, { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-1b", "uplink_subnet": "subnet-5b1e124h", "management_subnet": "subnet-a1e128t", "downlink_subnet": "subnet-141e1266", "gateway_ha_index": 0 }, { "availability_zone": "us-west-1a", "uplink_subnet": "subnet-7b1e932d", "management_subnet": "subnet-w1e128h", "downlink_subnet": "subnet-a41e1264", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "nsx_manager_connection": "PRIVATE_IP", "ami_id": "ami-456", "key_pair_name": "test-key", "is_ha_enabled": true }, "vpc_id": "vpc-d76nfie6" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates configuration for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 { "configuration": { "default_quarantine_policy_enabled": true, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "is_ha_enabled": false }, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP" }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns configuration for primary gateway and secondary gateway for the vpc,if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns status information for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayStatus+

Example Response: { "gateway_instances_status": [ { "gateway_status": "DEPLOYING", "gateway_instance_id": "i-176", "gateway_ha_index": 0, "deployment_status": 80, "deployment_state": "CONFIGURING_GATEWAY", "gateway_name": "nsxc-gw-vpc-c35dbaa4-preferred-active" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Deploys gateway for the specified VPC

All the required configuration to deploy AWS gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAwsGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL gateway_status will be UP and op_status of the VPC
will be NSX_MANAGED_BY_GATEWAY. If any error is encountered during
deployment, corresponding error_code and error_message will be populated
in gateway_instances_status. To manage a compute VPC using transit VPC,
user needs to undeploy gateway and onboard the compute VPC
using /csm/aws/vpcs/?action=onboard API.
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=deploy { "configuration": { "ami_id": "ami-123", "nsx_manager_connection": "PUBLIC_IP", "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "key_pair_name": "test-key", "is_ha_enabled": false, "gateway_ha_configuration": [{ "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "downlink_subnet": "subnet-041e1260", "management_subnet": "subnet-ea1e128e", "gateway_ha_index": 0, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } }], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] }}, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0, "public_ip_settings": { "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } } ], "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: gateway_deployment Additional Errors:

Undeploys gateway for the specified VPC

All the required configuration to undeploy AWS gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAwsGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=undeploy { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "instance_id": "i-0c2ab8e25221bcf7c" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Cloud Service Manager: Aws Key Pairs

Associated URIs:

Returns a list of Aws Key Pairs

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/key-pairs
Request Headers:
n/a
Query Parameters:
AwsKeyPairListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/key-pairs? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=ap-southeast-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsKeyPairList+

Example Response: { "results": [ { "name": "test-key-1" }, { "name": "test-key-2" }, { "name": "test-key-3" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of subnets

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/subnets
Request Headers:
n/a
Query Parameters:
AwsSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/subnets? account_id=7324800c-a41a-4cb4-b988-51fa3d093397& vpc_id=vpc-c35dbaa4&availability_zone_name=us-west-2a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSubnetListResult+

Example Response: { "results": [ { "display_name": "test-subnet-3", "availability_zone": "us-west-2a", "cidr": "10.0.3.0/24", "id": "subnet-ea1e128e" }, { "display_name": "test-subnet-2", "availability_zone": "us-west-2a", "cidr": "10.0.2.0/24", "id": "subnet-041e1260" }, { "display_name": "test-subnet-1", "availability_zone": "us-west-2a", "cidr": "10.0.1.0/24", "id": "subnet-4b1e122f" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Aws Regions

Associated URIs:

Returns a list of Aws regions

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions
Request Headers:
n/a
Query Parameters:
AwsRegionsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegionsListResult+

Example Response: { "cursor": "000214", "sort_ascending": true, "result_count": 2, "results": [ { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } }, { "id": "ap-south-1", "display_name": "ap-south-1", "vpc_stats": { "managed": 0, "unmanaged": 0 }, "gateway_stats": { "deploying": 0, "up": 0, "down": 0 }, "availability_zones": [ { "id": "ap-south-1b", "display_name": "ap-south-1b" }, { "id": "ap-south-1a", "display_name": "ap-south-1a" } ], "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about the particular Aws Region

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegion+

Example Response: { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Aws Resources

Associated URIs:

Returns a list of AWS public IPs

Returns a list of AWS public IPs. These ip addresses are available
to be allocated.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/public-ips
Request Headers:
n/a
Query Parameters:
AwsResourcesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/public-ips? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsPublicIpListResult+

Example Response: { "results": [ "104.209.46.64", "104.40.87.204", "40.112.184.178", "13.91.55.98" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of AWS security groups

Returns a list of AWS security groups.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/security-groups
Request Headers:
n/a
Query Parameters:
AwsSecurityGroupsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/security-groups? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSecurityGroupsListResult+

Example Response: { "results": [ "default-sg", "quarantine-sg" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Aws Vpcs

Associated URIs:

Returns the list of configuration of the compute VPC. The configuration contains quarantine policy and fall back security group of compute VPC and the information related to transit VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs
Request Headers:
n/a
Query Parameters:
AwsComputeVpcListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/compute-vpcs { "cursor": "00011", "sort_ascending": true, "result_count": 1, "results": [ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb42b4", "display_name": "vpc-0aabad6533afb42b4", "default_quarantine_policy_enabled": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcListResult+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns the configuration of the compute VPC. The configuration contains quarantine policy and fall back security group of compute VPC and the information related to transit VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcConfig+

Example Response: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb", "display_name": "vpc-0aabad6533afb", "default_quarantine_policy_enabled": false, "configuration": { "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Required Permissions: read Feature: gateway_deployment Additional Errors:

Offboards a compute VPC.

Offboards a compute VPC to be NSX unmanaged from a transit VPC.
All the VMs in the compute VPC need to be untagged before offboarding
the compute VPC. Offboarding status can be obtained from
/csm/aws/compute-vpcs//status API. Upon successful offboarding
compute VPC, the onboard_step will be OFFBOARD_SUCCESSFUL
and op_status will be NOT_AVAILABLE. If any error is encountered
during offboarding, corresponding error_code and error_message
will be populated.
Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Updates the NSX configuration related to managed compute VPC using a transit VPC.

Update the configurations such as default_quarantine_policy and
cloud_fallback_security_group_id for the NSX managed compute VPC.
Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsComputeVpcConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb", "display_name": "vpc-0aabad6533afb", "default_quarantine_policy_enabled": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcConfig+

Example Response: { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb42b4", "display_name": "vpc-0aabad6533afb42b4", "default_quarantine_policy_enabled": true, "configuration": { "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 3 } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Onboards a compute VPC to be NSX managed by a transit VPC.

Onboard a compute VPC to be NSX managed using a transit VPC.
Hence, user can manage the workload VMs in a compute
VPC by the public cloud gateways deployed in a transit VPC.
Onboarding status can be obtained from
/csm/aws/compute-vpcs//status API. Upon successful onboarding
of the VPC, the onboard_step will be ONBOARD_SUCCESSFUL and op_status
will be NSX_MANAGED_BY_TRANSIT_VPC. If any error is encountered during
onboarding, corresponding error_code and error_message will be populated.
To manage compute VPC using NSX gateway, user needs to offboard the
compute VPC and deploy gateway using /csm/aws/gateways?action=deploy API.
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsComputeVpcConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ { "default_quarantine_policy_enabled": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Returns the status of the compute vpc. The status corresponds to onboard or offboard status of a compute VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/compute-vpcs//status { "onboard_step": "ONBOARD_SUCCESSFUL", "virtual_private_cloud_name": "ComputeVPC-Peering", "status": "UP", "configuration": { "default_quarantine_policy_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcStatus+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns a list of Vpcs. Support optional query parameters like account_id, region_id, cidr and/or op_status

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs
Request Headers:
n/a
Query Parameters:
AwsVpcListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpcListResult+

Example Response: { "cursor": "0003147", "sort_ascending": true, "result_count": 3, "results": [ { "id": "vpc-c35dbaa2", "display_name": "VPC Abc", "is_management_vpc": false, "region_id": "us-east-1", "cidr": "172.31.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 21, "error": 0 }, "op_status": "NSX_UNMANAGED" }, { "id": "vpc-c35dbaa3", "display_name": "VPC Acb", "is_management_vpc": false, "region_id": "us-west-2", "cidr": "172.31.0.0/16", "associated_transit_vpc": { "virtual_private_cloud_id": "vpc-c35dbade", "associated_account_ids: ["cd1f2633-e67e-46bd-b546"] }, "instance_stats": { "managed": 0, "unmanaged": 21, "error": 0 }, "op_status": "NSX_MANAGED_BY_TRANSIT_VPC" }, { "id": "vpc-c35dbaa4", "display_name": "VPC Def", "is_management_vpc": true, "transport_zones": [ { "is_underlay_transport_zone": false, "logical_switches": [ { "is_default_logical_switch": false, "instances_count": 0, "nsx_switch_tag": "cd1f2633-e67e-46bd-b546-0dc26a07c56b#8uNQpU1EWLcVjXKHr6ga7axvYBnf2Dwc+I+Js3DEhi4=", "logical_switch_display_name": "DefaultSwitch-Overlay-CSM-vpc-c35dbaa4", "logical_switch_id": "cd1f2633-e67e-46bd-b546-0dc26a07c56b" } ], "transport_zone_id": "d4ccc56a-ab51-4059-b3fb-9af3719b6f51", "transport_zone_display_name": "CSM-vpc-c35dbaa4-Overlay" }, { "is_underlay_transport_zone": true, "logical_switches": [ { "is_default_logical_switch": true, "instances_count": 0, "nsx_switch_tag": "default", "logical_switch_display_name": "DefaultSwitch-VLAN-CSM-vpc-c35dbaa4", "logical_switch_id": "1711f8db-95b8-4df8-bba6-dcac63b08b38" } ], "transport_zone_id": "870fb686-7d42-48c4-9189-8997b4f2df21", "transport_zone_display_name": "CSM-vpc-c35dbaa4-VLAN" } ], "region_id": "us-west-2", "cidr": "10.0.0.0/16", "instance_stats": { "managed": 1, "unmanaged": 4, "error": 0 }, "managed_vpcs": [ { "virtual_private_cloud_id": "vpc-c35dbade", "associated_account_ids: ["cd1f2633-e67e-46bd-b546"] }, { "virtual_private_cloud_id": "vpc-c35dbadf", "associated_account_ids: ["cd1f2633-e67e-46bd-b543"] } ], "op_status": "NSX_MANAGED", "gateway_info": { "configuration": { "default_quarantine_policy_enabled": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-649e0b04", "is_ha_enabled": false }, "gateway_status": { "gateway_cluster_id": "b8ab1a4b-3d85-4a84-b92d-eacdc4402528", "gateway_instances_status": [ { "gateway_tn_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_node_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_status": "UP", "gateway_instance_id": "i-0b62834659a30fc21", "gateway_ha_index": 0, "deployment_state": "DEPLOYMENT_SUCCESSFUL", "gateway_name": "nsx-gw-vpc-c35dbaa4-preferred-active" } ] } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns Vpc information

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/vpc-ccfe44ab Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpc+

Example Response: { "id": "vpc-ccfe44ab", "display_name": "VPC Abc, "is_management_vpc": false, "region_id": "us-west-2", "cidr": "50.0.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 1, "error": 0 }, "op_status": "NSX_UNMANAGED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Accounts

Associated URIs:

Add a Azure account to cloud serivce manager

This api adds a Azure account to cloud service manager. Have to pass
one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts { "cloud_type":"AZURE", "regions_count":"", "auth_method":"CREDENTIALS", "display_name": "Account ABC", "credentials":{ "client_id":"789", "key":"012", "subscription_id":"456", "tenant_id":"123", "gateway_role": "NSX role" }, "has_managed_vnet":false, "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns a list of Azure accounts

Returns a list of Azure accounts with information about each account like
status and statistics. Optional query parameters can be utilized to filter
the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountsListResult+

Example Response: { "cursor" : "00011", "sort_ascending" : true, "result_count" : 1, "results" : [ { "id" : "28984eef-d296-4a40-979e", "display_name" : "Account ABC", "tenant_id" : "123", "cloud_type" : "AZURE", "cloud_tags_enabled" : true, "instance_stats" : { "total" : 92, "managed" : 0, "unmanaged" : 82, "error" : 0, "powered_off" : 10 }, "auth_method" : "CREDENTIALS", "credentials" : { "tenant_id" : "123", "subscription_id" : "456", "client_id" : "789", "gateway_role": "NSX role" }, "vnet_stats" : { "managed" : 1, "unmanaged" : 42 }, "regions_count" : 2, "status" : { "inventory_sync_status" : "SYNCED", "credentials_status" : "VALID", "inventory_sync_step" : "NOT_APPLICABLE" }, "has_managed_vnet" : true, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Update a Azure account information

This api updates a Azure account which is added to cloud service manager.
Have to pass one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d { "cloud_type":"AZURE", "display_name": "Account XYZ" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account XYZ", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Delete Azure account information

Deletes Azure account information from cloud service manager Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/azure/accounts/ DELETE https://<nsx-csm>/api/v1/csm/azure/accounts/?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns information about a particular Azure account

Returns information about an Azure account including status and
statistics
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Returns the status of Azure account

Return status of the account like credentials validity, inventory
synchronization status and inventory synchronization state
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountStatus+

Example Response: { "inventory_sync_status": "SYNCED", "credentials_status": "VALID", "inventory_sync_step": "NOT_APPLICABLE" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Azure account inventory

Synchronizes Azure account related inventory like Regions, Virtual Networks,
Instances. Status of inventory synchronization can be known from Azure
account status api
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Azure Gateways

Associated URIs:

Returns configuration information for all Azure gateways

Returns a list of Azure gateways with information about each gateway like
subnet configuration and corresponding virtual network. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways
Request Headers:
n/a
Query Parameters:
AzureGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewaysListResult+

Example Response: { "results": [ { "configuration": { "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates Azure gateway configuration

Updates configuration for primary gateway and secondary gateway for the
virutal network, if deployed gateways exist for the specified virtual network.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 { "account_id": "28984eef-d296-4a40-979e", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "auto_agent_install_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "auto_agent_install_enabled": false }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns configuration of the Azure gateway

Returns configuration for primary gateway and secondary gateway for the
virtual network, if deployed gateways exist for the specified virtual
network.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: read Feature: gateway_deployment Additional Errors:

Return the status of Azure gateway

Returns status information for primary gateway and secondary gateway
for the virtual network, if deployed gateways exist for the specified
virtual network ID.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayStatus+

Example Response: { "gateway_cluster_id": "7fe9e2fd-2dce-478f-84b4", "gateway_instances_status": [ { "gateway_tn_id": "1c95f5ea-1eec-11e8-9342", "deployment_step": "DEPLOYMENT_SUCCESSFUL", "public_ip": "1.2.3.4", "gateway_node_id": "1c95f5ea-1eec-11e8-9342", "gateway_status": "UP", "gateway_instance_id": "a61b6dea-46a4-4c09-9ada", "private_ip": "4.3.2.1", "gateway_ha_index": 0, "is_gateway_active": false, "gateway_name": "nsx-gw-customer-gateway" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Deploys gateway for the specified virtual network

All the required configuration to deploy Azure gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAzureGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL gateway_status will be UP and op_status of the VNET
will be NSX_MANAGED_BY_GATEWAY. If any error is encountered during
deployment, corresponding error_code and error_message will be populated
in gateway_instances_status. To manage a compute VNET using transit VNET,
user needs to undeploy gateway and onboard the compute VNET
using /csm/azure/vnets/?action=onboard API.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=deploy { "account_id": "04e2a29a-90f9-4ce0-ae69", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "4.3.2.1" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] } } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "public_ip": "4.3.2.1" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] } }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: gateway_deployment Additional Errors:

Undeploys gateway for the specified virtual network

All the required configuration to undeploy Azure gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAzureGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=undeploy { "account_id": "28984eef-d296-4a40-979e" "instance_id": "a61b6dea-46a4-4c09-9ada" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Cloud Service Manager: Azure Ip Allocations

Associated URIs:

Allocates IPs in the specified Azure Vnet

All the required configuration to allocate public/link local IPs for cloud
will be absorbed as a part of request body in this API and IP allocation
will be triggered. Allocation progress can be known from
GetIpAllocationStatus API. Upon successful allocation, the
ip_allocation_state will be ALLOCATION_SUCCESSFUL. This operation is only
supported for containers.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways/ip-mappings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureIpAllocationConfig+

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpAllocationMappings+

Required Permissions: crud Feature: cloud_resources Additional Errors:

Returns IP allocations for all Azure Vnets. This operation is only supported for containers.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/ip-mappings
Request Headers:
n/a
Query Parameters:
AzureIpMappingsListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpMappingsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Releases allocated IPs in the specified Azure Vnet

All the allocations for the specified Azure Vnet and mapping_id will be
released. This operation is only supported for containers.
Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/gateways/ip-mappings/<mapping-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_resources Additional Errors:

Returns status information for primary gateway and secondary gateway for the vnet, if exists. This operation is only supported for containers.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/ip-mappings/<mapping-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpAllocationMappings+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Regions

Associated URIs:

Returns a list of Azure regions

Returns a list of Azure regions with information about each region like
gateway statistics, instance statistics and vnet statistics. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Pa