Associated URIs:

API Description	API Path
Read infra Read infra. Returns only the infra related properties. Inner object are not populated.	GET /policy/api/v1/infra GET /policy/api/v1/global-infra GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra
Update the infra including all the nested entities Patch API at infra level can be used in two flavours 1. Like a regular API to update Infra object 2. Hierarchical API: To create/update/delete entire or part of intent hierarchy Hierarchical API: Provides users a way to create entire or part of intent in single API invocation. Input is expressed in a tree format. Each node in tree can have multiple children of different types. System will resolve the dependecies of nodes within the intent tree and will create the model. Children for any node can be specified using ChildResourceReference or ChildPolicyConfigResource. If a resource is specified using ChildResourceReference then it will not be updated only its children will be updated. If Object is specified using ChildPolicyConfigResource, object along with its children will be updated. Hierarchical API can also be used to delete any sub-branch of entire tree.	PATCH /policy/api/v1/infra PATCH /policy/api/v1/global-infra PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra
Update the infra object Updates only the single infra object. This does not allow hierarchical updates of entities.	PUT /policy/api/v1/infra
Returns information about all the CA bundles Returns information about all the bundles of trusted CA certificates.	GET /policy/api/v1/infra/cabundles
Deletes CA bundle Deletes the specified bundle of trusted CA certificates.	DELETE /policy/api/v1/infra/cabundles/{cabundle-id}
Returns information about a CA bundle Returns information about the specified bundle of trusted CA certificates.	GET /policy/api/v1/infra/cabundles/{cabundle-id}
Adds or updates a CA bundle Adds or updates a new bundle of trusted CA certificates. The bundle must be a concatenation of one or more PEM-encoded certificates. The PEM-encoded bundle is replaced with the one provided in the request.	PATCH /policy/api/v1/infra/cabundles/{cabundle-id}
Adds or replaces a CA bundle Adds or replaces a new bundle of trusted CA certificates. The multipart-uploaded file must be a concatenation of one or more PEM-encoded certificates.	POST /policy/api/v1/infra/cabundles/{cabundle-id}
Adds or replaces a CA bundle Adds or replaces a new bundle of trusted CA certificates. The bundle must be a concatenation of one or more PEM-encoded certificates.	PUT /policy/api/v1/infra/cabundles/{cabundle-id}
Downloads a CA bundle Downloads the specified PEM-encoded bundle of trusted CA certificates.	GET /policy/api/v1/infra/cabundles/{cabundle-id}/pem-file
Return All the User-Facing Components' Certificates Returns all certificate information viewable by the user, including each certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI.	GET /policy/api/v1/infra/certificates GET /policy/api/v1/global-infra/certificates
Delete Certificate for the Given Certificate ID Removes the specified certificate. The private key associated with the certificate is also deleted.	DELETE /policy/api/v1/infra/certificates/{certificate-id}
Show Certificate Data for the Given Certificate ID Returns information for the specified certificate ID, including the certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI.	GET /policy/api/v1/infra/certificates/{certificate-id} GET /policy/api/v1/global-infra/certificates/{certificate-id}
Add a New Certificate Adds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A private key can be uploaded for a CA certificate only if the "purpose" parameter is set to "signing-ca". A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. This patch method does not modify an existing certificate.	PATCH /policy/api/v1/infra/certificates/{certificate-id}
Add a New Certificate Adds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A private key can be uploaded for a CA certificate only if the "purpose" parameter is set to "signing-ca". A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. This PUT method does not modify an existing certificate.	PUT /policy/api/v1/infra/certificates/{certificate-id}
List tenant Constraints. List tenant constraints.	GET /policy/api/v1/infra/constraints GET /policy/api/v1/global-infra/constraints GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/constraints
Delete tenant Constraint. Delete tenant constraint.	DELETE /policy/api/v1/infra/constraints/{constraint-id} DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/constraints/{constraint-id}
Read tenant Constraint. Read tenant constraint.	GET /policy/api/v1/infra/constraints/{constraint-id} GET /policy/api/v1/global-infra/constraints/{constraint-id} GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/constraints/{constraint-id}
Create or update tenant Constraint Create tenant constraint if not exists, otherwise update the existing constraint.	PATCH /policy/api/v1/infra/constraints/{constraint-id} PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/constraints/{constraint-id}
Create or update tenant Constraint Create tenant constraint if it does not exist, otherwise replace the existing constraint.	PUT /policy/api/v1/infra/constraints/{constraint-id} PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/constraints/{constraint-id}
Return All Added CRLs Returns information about all CRLs. For additional information, include the ?details=true modifier at the end of the request URI.	GET /policy/api/v1/infra/crls GET /policy/api/v1/global-infra/crls
Delete a CRL Deletes an existing CRL.	DELETE /policy/api/v1/infra/crls/{crl-id}
Show CRL Data for the Given CRL id. Returns information about the specified CRL. For additional information, include the ?details=true modifier at the end of the request URI.	GET /policy/api/v1/infra/crls/{crl-id} GET /policy/api/v1/global-infra/crls/{crl-id}
Create or patch a Certificate Revocation List Create or patch a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl.	PATCH /policy/api/v1/infra/crls/{crl-id}
Create a new Certificate Revocation List Adds a new certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc.	POST /policy/api/v1/infra/crls/{crl-id}?action=import
Upload a new or updated Certificate Revocation List Adds or replaces a certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the upload content. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. Differently from action=import, this method allows multi-part upload of the CRL(s). The TlsCrl resource returned in the body of the response will have an empty pem_encoded field, as it may be large. Use a GET request to retrieve the PEM-encoded CRL.	POST /policy/api/v1/infra/crls/{crl-id}?action=upload
Create or fully replace a Certificate Revocation List Create or replace a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. Revision is required. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl.	PUT /policy/api/v1/infra/crls/{crl-id}
Return All the Generated CSRs Returns information about all of the CSRs that have been created.	GET /policy/api/v1/infra/csrs
Generate a new self-signed certificate Creates a new self-signed certificate. A private key is also created at the same time. This is convenience call that will generate a CSR and then self-sign it. For validity of non-CA certificates, if a value greater than 825 days is provided, it will be set to 825 days. No limit is set for CA certificates.	POST /policy/api/v1/infra/csrs?action=self_sign
Delete a CSR Removes a specified CSR. If a CSR is not used for verification, you can delete it. Note that the CSR import and upload POST actions automatically delete the associated CSR.	DELETE /policy/api/v1/infra/csrs/{csr-id}
Show CSR Data for the Given CSR ID Returns information about the specified CSR.	GET /policy/api/v1/infra/csrs/{csr-id}
Self-Sign the CSR Self-signs the previously generated CSR. This action is similar to the import certificate action, but instead of using a public certificate signed by a CA, the self_sign POST action uses a certificate that is signed with NSX's own private key. For validity of non-CA certificates, if a value greater than 825 days is provided, it will be set to 825 days. No limit is set for CA certificates.	POST /policy/api/v1/infra/csrs/{csr-id}?action=self_sign
Generate a New Certificate Signing Request Creates a new certificate signing request (CSR). A CSR is encrypted text that contains information about your organization (organization name, country, and so on) and your Web server's public key, which is a public certificate the is generated on the server that can be used to forward this request to a certificate authority (CA). A private key is also usually created at the same time as the CSR.	POST /policy/api/v1/infra/csrs/{csr-id}?action=create
Import a Certificate Associated with an Approved CSR Imports a certificate authority (CA)-signed certificate for a CSR. This action links the certificate to the private key created by the CSR. The pem_encoded string in the request body is the signed certificate provided by your CA in response to the CSR that you provide to them. The import POST action automatically deletes the associated CSR.	POST /policy/api/v1/infra/csrs/{csr-id}?action=import
Upload the Certificate PEM File Signed by the CA Associated with a CSR Uploads the certificate authority (CA)-signed certificate. After you send the certificate request to the CA of your choice, and the CA sends back the signed certificate, you can use the upload POST action to upload the signed certificate. The upload action is similar to the import action, but the upload action allows you to directly upload the PEM-encoded file (signed certificate) provided by the CA. Like the import POST action, the upload POST action automatically deletes the associated CSR.	POST /policy/api/v1/infra/csrs/{csr-id}?action=upload
Get CSR PEM File for the Given CSR ID Downloads the CSR PEM file for a specified CSR. Clients must include an Accept: text/plain request header.	GET /policy/api/v1/infra/csrs/{csr-id}/pem-file
List Deployment Zones for infra Paginated list of all Deployment zones for infra.	GET /policy/api/v1/infra/deployment-zones (Deprecated)
Read a DeploymentZone Read a Deployment Zone.	GET /policy/api/v1/infra/deployment-zones/{deployment-zone-id} (Deprecated)
List enforcementpoints for infra Paginated list of all enforcementpoints for infra.	GET /policy/api/v1/infra/deployment-zones/{deployment-zone-id}/enforcement-points (Deprecated)
Delete EnforcementPoint Delete EnforcementPoint.	DELETE /policy/api/v1/infra/deployment-zones/{deployment-zone-id}/enforcement-points/{enforcementpoint-id} (Deprecated)
Read an Enforcement Point Read an Enforcement Point.	GET /policy/api/v1/infra/deployment-zones/{deployment-zone-id}/enforcement-points/{enforcementpoint-id} (Deprecated)
Patch a new Enforcement Point under infra If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, patch it.	PATCH /policy/api/v1/infra/deployment-zones/{deployment-zone-id}/enforcement-points/{enforcementpoint-id} (Deprecated)
Create/update a new Enforcement Point under infra If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, replace it.	PUT /policy/api/v1/infra/deployment-zones/{deployment-zone-id}/enforcement-points/{enforcementpoint-id} (Deprecated)
List domains for infra Paginated list of all domains for infra.	GET /policy/api/v1/infra/domains GET /policy/api/v1/global-infra/domains GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains
Delete Domain and all the entities contained by this domain Delete the domain along with all the entities contained by this domain. The groups that are a part of this domain are also deleted along with the domain.	DELETE /policy/api/v1/infra/domains/{domain-id}
Read domain Read a domain.	GET /policy/api/v1/infra/domains/{domain-id} GET /policy/api/v1/global-infra/domains/{domain-id} GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/domains/{domain-id}
Patch a domain If a domain with the domain-id is not already present, create a new domain. If it already exists, patch the domain	PATCH /policy/api/v1/infra/domains/{domain-id}
Create or update a domain If a domain with the domain-id is not already present, create a new domain. If it already exists, update the domain including the nested groups. This is a full replace	PUT /policy/api/v1/infra/domains/{domain-id}
List Domain Deployment maps for infra Paginated list of all Domain Deployment Entries for infra.	GET /policy/api/v1/infra/domains/{domain-id}/domain-deployment-maps GET /policy/api/v1/global-infra/domains/{domain-id}/domain-deployment-maps
Delete Domain Deployment Map Delete Domain Deployment Map	DELETE /policy/api/v1/infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}
Read a DomainDeploymentMap Read a Domain Deployment Map	GET /policy/api/v1/infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id} GET /policy/api/v1/global-infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}
Patch Domain Deployment Map under infra If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, patch it.	PATCH /policy/api/v1/infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}
Create a new Domain Deployment Map under infra If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, replace it.	PUT /policy/api/v1/infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}
List labels for infra Paginated list of all labels for infra.	GET /policy/api/v1/infra/labels GET /policy/api/v1/global-infra/labels GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/labels
Delete PolicyLabel object Delete PolicyLabel object	DELETE /policy/api/v1/infra/labels/{label-id} DELETE /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/labels/{label-id}
Read lable Read a label.	GET /policy/api/v1/infra/labels/{label-id} GET /policy/api/v1/global-infra/labels/{label-id} GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/labels/{label-id}
Patch an existing label object Create label if not exists, otherwise take the partial updates. Note, once the label is created type attribute can not be changed.	PATCH /policy/api/v1/infra/labels/{label-id} PATCH /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/labels/{label-id}
Create or replace label Create label if not exists, otherwise replaces the existing label. If label already exists then type attribute cannot be changed.	PUT /policy/api/v1/infra/labels/{label-id} PUT /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/labels/{label-id}
List All alarms in the system Paginated list of all alarms.	GET /policy/api/v1/infra/realized-state/alarms
List Enforcement Points Paginated list of all enforcement points. Returns the populated enforcement points.	GET /policy/api/v1/infra/realized-state/enforcement-points (Experimental)
Read Enforcement Point Read a Enforcement Point and the complete tree underneath. Returns the populated enforcement point object.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name} (Experimental)
List Firewall Sections Paginated list of all Firewalls. Returns populated Firewalls.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/firewalls/firewall-sections (Experimental) (Deprecated)
Read Firewall Read a Firewall and the complete tree underneath. Returns the populated Firewall object.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/firewalls/firewall-sections/{firewall-section-id} (Experimental) (Deprecated)
List NS Groups Paginated list of all NSGroups. Returns populated NSGroups.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/groups/nsgroups (Experimental) (Deprecated)
Read Group Read a NSGroup and the complete tree underneath. Returns the populated NSgroup object.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/groups/nsgroups/{nsgroup-name} (Experimental) (Deprecated)
List Security Groups Paginated list of all Security Groups. Returns populated Security Groups.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/groups/securitygroups (Experimental) (Deprecated)
Read Group Read a Security Group and the complete tree underneath. Returns the populated Security Group object.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/groups/securitygroups/{securitygroup-name} (Experimental) (Deprecated)
List IPSets Paginated list of all Realized IPSets	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/ip-sets/ip-sets-nsxt (Experimental) (Deprecated)
Read IPSet Realized state Read an IPSet	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/ip-sets/ip-sets-nsxt/{ip-set-name} (Experimental) (Deprecated)
List MACSets Paginated list of all Realized MACSets	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/mac-sets/mac-sets-nsxt (Experimental) (Deprecated)
Read MACSet Realized state Read an MACSet	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/mac-sets/mac-sets-nsxt/{mac-set-name} (Experimental) (Deprecated)
List Realized NSServices Paginated list of all Realized NSService.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/services/nsservices (Experimental) (Deprecated)
Read NSService Read a NSService.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/services/nsservices/{nsservice-name} (Experimental) (Deprecated)
Listing of VIFs on the NSX Manager This API lists VIFs from the specified NSX Manager.	GET /policy/api/v1/infra/realized-state/enforcement-points/{enforcement-point-name}/vifs
Get list of realized objects associated with intent object Get list of realized entities associated with intent object, specified by path in query parameter	GET /policy/api/v1/infra/realized-state/realized-entities GET /policy/api/v1/global-infra/realized-state/realized-entities GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/realized-state/realized-entities
Get realized entity uniquely identified by realized path Get realized entity uniquely identified by realized path, specified by query parameter	GET /policy/api/v1/infra/realized-state/realized-entity
Refresh all realized entities associated with the intent-path Refresh the status and statistics of all realized entities associated with given intent path synchronously. The vmw-async: True HTTP header cannot be used with this API.	POST /policy/api/v1/infra/realized-state/realized-entity?action=refresh POST /policy/api/v1/global-infra/realized-state/realized-entity?action=refresh POST /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/realized-state/realized-entity?action=refresh
Get consolidated status of an intent object Get Consolidated Status of an intent object (with or without enforcement specific status details). The request is evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent without enforcement point specific details. - <intent_path, include_enforced_status>: the request is evaluated on all enforcement points for the given intent with enforcement point specific details.	GET /policy/api/v1/infra/realized-state/status GET /policy/api/v1/global-infra/realized-state/status GET /policy/api/v1/orgs/{org-id}/projects/{project-id}/infra/realized-state/status
List enforcementpoints under Site Paginated list of all enforcementpoints under Site.	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points
Full sync EnforcementPoint from Site Full sync EnforcementPoint from Site	POST /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcement-point-id}?action=full-sync
Delete EnforcementPoint from Site Delete EnforcementPoint from Site	DELETE /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}
Read an Enforcement Point under Infra/Site Read an Enforcement Point under Infra/Site	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id} GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}
Patch a new Enforcement Point under Site If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, patch it.	PATCH /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}
Reload an Enforcement Point under Site Reload an Enforcement Point under Site. This will read and update fabric configs from enforcement point.	POST /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}?action=reload
Create/update a new Enforcement Point under Site If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, replace it.	PUT /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}
List Edge Clusters under an Enforcement Point Paginated list of all Edge Clusters under an Enforcement Point	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters
Read a Edge Cluster under an Enforcement Point Read a Edge Cluster under an Enforcement Point	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id} GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}
List Edge Nodes under an Enforcement Point, Edge Cluster Paginated list of all Edge Nodes under an Enforcement Point, Edge Cluster	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes
Read a Edge Node under an Enforcement Point, Edge Cluster Read a Edge Node under an Enforcement Point, Edge Cluster	GET /policy/api/v1/infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes/{edge-node-id} GET /policy/api/v1/global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes/{edge-node-id}

Policy

Policy > Infra

Associated URIs:

Read infra

Update the infra including all the nested entities

Update the infra object

Returns information about all the CA bundles

Deletes CA bundle

Returns information about a CA bundle

Adds or updates a CA bundle

Adds or replaces a CA bundle

Adds or replaces a CA bundle

Downloads a CA bundle

Return All the User-Facing Components' Certificates

Delete Certificate for the Given Certificate ID

Show Certificate Data for the Given Certificate ID

Add a New Certificate

Add a New Certificate

List tenant Constraints.

Delete tenant Constraint.

Read tenant Constraint.

Create or update tenant Constraint

Create or update tenant Constraint

Return All Added CRLs

Delete a CRL

Show CRL Data for the Given CRL id.

Create or patch a Certificate Revocation List

Create a new Certificate Revocation List

Upload a new or updated Certificate Revocation List

Create or fully replace a Certificate Revocation List

Return All the Generated CSRs

Generate a new self-signed certificate

Delete a CSR

Show CSR Data for the Given CSR ID

Self-Sign the CSR

Generate a New Certificate Signing Request

Import a Certificate Associated with an Approved CSR

Upload the Certificate PEM File Signed by the CA Associated with a CSR

Get CSR PEM File for the Given CSR ID

List Deployment Zones for infra

Read a DeploymentZone

List enforcementpoints for infra

Delete EnforcementPoint

Read an Enforcement Point

Patch a new Enforcement Point under infra

Create/update a new Enforcement Point under infra

List domains for infra

Delete Domain and all the entities contained by this domain

Read domain

Patch a domain

Create or update a domain

List Domain Deployment maps for infra

Delete Domain Deployment Map

Read a DomainDeploymentMap

Patch Domain Deployment Map under infra

Create a new Domain Deployment Map under infra

List labels for infra

Delete PolicyLabel object

Read lable

Patch an existing label object

Create or replace label

List All alarms in the system

List Enforcement Points

Read Enforcement Point

List Firewall Sections

Read Firewall

List NS Groups

Read Group

List Security Groups

Read Group

List IPSets

Read IPSet Realized state

List MACSets

Read MACSet Realized state

List Realized NSServices

Read NSService

Listing of VIFs on the NSX Manager

Get list of realized objects associated with intent object

Get realized entity uniquely identified by realized path

Refresh all realized entities associated with the intent-path